side_bro 0.2.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 2882e3f5f9428e6068b4a7a96b5ff253454dd60692a11eb53e1054399df0a6f4
+  data.tar.gz: 840234c4510a1af907e837e36ab1308419438194b5a8e205a9eb194e5292644e
+SHA512:
+  metadata.gz: 74635e64db2372ac7013e346a50361b126e10082da20a1c199c9f476f58f84bde3c2de46e6a7ecfe8ef088eaee94bba198b735f138add225e66fbe8f56fe7d0b
+  data.tar.gz: f2bc7ca9cde7caed603b8ffa73abd624ca8e51c2b189145b2c8d063ee5000c8409ee31b56726d296c878a1df077d53b7521caff7d47158ab2587edda11163ea4

data/CHANGELOG.md

@@ -0,0 +1,37 @@
+## [Unreleased]
+
+## [0.2.2] - 2026-05-21
+
+- Fix table cell overflow on retries/morgue/queues/busy/scheduled pages — removed `white-space: pre-line` override that defeated `.args` truncation
+- Add `overflow: hidden` to `tbody td` and `thead th` so fixed-layout columns never bleed content into adjacent cells
+- Move column widths to CSS (`col.w-xs/sm/md/lg`) so they are inspectable and overridable; add `col-compact` padding class for narrow columns
+- Shorten retries table "Next Retry" → "Next" and "Retry Count" → "#" headers; tighten those column widths
+- Fix refresh button broken by CSP nonce policy — moved `onclick` to `application.js`
+- Remove spurious page auto-refresh on non-dashboard pages introduced by live toggle wiring
+- Hide poll interval ("· 5s") from live toggle button on all pages except the dashboard
+- Template caching now only active when `RACK_ENV=production` so ERB edits are live in development
+
+## [0.2.1] - 2026-05-20
+
+- Add `Content-Security-Policy` header with per-request nonce on all HTML responses
+- Cache compiled ERB templates at class level to avoid re-reading files on every request
+- Warn at startup when `SIDE_BRO_SESSION_SECRET` is not set
+- Display flash messages (`notice`/`error`) in the layout below the topbar
+- Wire up extension system: load extension locale files and mount extension routes/assets on `register_extension`
+- Fix live toggle double-firing on dashboard (layout inline script removed; `application.js` now owns the button)
+- Auto-refresh non-dashboard pages when live toggle is on; expose `window.SideBroLive` API for dashboard sync
+- Queue job filter now uses substring match instead of exact match for both class name and args
+- Redis memory usage bar now shows actual used/peak percentage instead of hardcoded 30%
+
+## [0.2.0] - 2026-05-20
+
+- Retries, morgue, scheduled, busy, and queue detail pages
+- Sticky table headers and scrollable job tables
+- Compact sidebar layout with brand mark
+- Standardised `format_args_short` helper across all job list views
+- Throughput chart tooltip smart positioning; dynamic time-window label
+- Dashboard history chart with 1 week / 1 month / 3 month / 6 month range tabs
+
+## [0.1.0] - 2026-05-09
+
+- Initial release

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2026 Cremz
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,50 @@
+# SideBro
+
+A Rack-mountable Sidekiq Web UI alternative with a customizable design.
+
+## Installation
+
+Add to your Gemfile:
+
+```gem "side_bro"```
+
+## Mounting
+
+### Rails
+
+```ruby
+# config/routes.rb
+require "side_bro"
+mount SideBro::Web, at: "/side_bro"
+```
+
+### Rack (`config.ru`)
+
+```ruby
+require "side_bro"
+run SideBro::Web
+```
+
+## Authentication
+
+SideBro has no built-in authentication. Wrap it with any Rack middleware:
+
+### HTTP Basic Auth
+
+```ruby
+SideBro::Web.use Rack::Auth::Basic, "SideBro" do |user, password|
+  [user, password] == ["admin", ENV["SIDE_BRO_PASSWORD"]]
+end
+```
+
+### Devise (Rails)
+
+```ruby
+authenticate :user, ->(u) { u.admin? } do
+  mount SideBro::Web, at: "/side_bro"
+end
+```
+
+## Session Secret
+
+Set `SIDE_BRO_SESSION_SECRET` env var for a stable session secret across restarts.

data/Rakefile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+require "standard/rake"
+
+task default: %i[spec standard]

data/lib/side_bro/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module SideBro
+  VERSION = "0.2.2"
+end

data/lib/side_bro/web/action.rb

@@ -0,0 +1,115 @@
+# frozen_string_literal: true
+
+require "erb"
+require "securerandom"
+
+module SideBro
+  class Web
+    class Action
+      include SideBro::WebHelpers
+
+      VIEWS_PATH = File.expand_path("../../../web/views", __dir__)
+      TEMPLATE_CACHE = {}
+
+      attr_reader :env, :request, :response, :nonce
+
+      def action
+        self
+      end
+
+      def initialize(env)
+        @env = env
+        @request = Rack::Request.new(env)
+        @response = Rack::Response.new
+        @response["Content-Type"] = "text/html; charset=utf-8"
+      end
+
+      def params
+        @params ||= begin
+          route_params = env[SideBro::Web::Router::ROUTE_PARAMS] || {}
+          request.params.merge(route_params)
+        end
+      end
+
+      def session
+        request.session
+      end
+
+      def flash
+        @flash ||= FlashHash.new(session)
+      end
+
+      def redirect(location)
+        response.redirect(location)
+        throw :halt, response.finish
+      end
+
+      def halt(*resp)
+        res = if resp.length == 1 && resp.first.is_a?(Integer)
+          Rack::Response.new([], resp.first)
+        else
+          resp.first
+        end
+        throw :halt, res.is_a?(Array) ? res : res.finish
+      end
+
+      def json(payload)
+        response["Content-Type"] = "application/json; charset=utf-8"
+        response.body = [JSON.generate(payload)]
+        throw :halt, response.finish
+      end
+
+      def erb(template_name)
+        @nonce = SecureRandom.base64(16)
+        env["side_bro.csp_nonce"] = @nonce
+        response["Content-Security-Policy"] =
+          "default-src 'self'; " \
+          "script-src 'nonce-#{@nonce}'; " \
+          "style-src 'nonce-#{@nonce}' https://fonts.googleapis.com; " \
+          "font-src 'self' https://fonts.gstatic.com; " \
+          "img-src 'self' data:; " \
+          "connect-src 'self'"
+        layout = load_template(:layout)
+        content = render_template(template_name)
+        response.body = [layout.result_with_hash(content: content, nonce: @nonce, action: self)]
+        response.finish
+      end
+
+      def render_partial(name)
+        load_template(:"_#{name}").result(binding)
+      end
+
+      private
+
+      def render_template(name)
+        load_template(name).result(binding)
+      end
+
+      def load_template(name)
+        tpl = ERB.new(File.read(File.join(VIEWS_PATH, "#{name}.html.erb")), trim_mode: "-")
+        return tpl unless ENV["RACK_ENV"] == "production"
+        TEMPLATE_CACHE[name] ||= tpl
+      end
+    end
+
+    class FlashHash
+      def initialize(session)
+        @session = session
+        @session[:flash] ||= {}
+        @read = {}
+      end
+
+      def [](key)
+        @read[key] ||= @session[:flash].delete(key.to_s)
+      end
+
+      def []=(key, value)
+        @session[:flash][key.to_s] = value
+      end
+
+      def any?
+        @session[:flash].any?
+      end
+    end
+  end
+end

data/lib/side_bro/web/application.rb

@@ -0,0 +1,331 @@
+# frozen_string_literal: true
+
+require "sidekiq"
+
+module SideBro
+  class Web
+    class Application
+      SAFE_METHODS = %w[GET HEAD OPTIONS TRACE].freeze
+
+      def initialize
+        @router = SideBro::Web::Router.new
+        register_routes
+        register_extension_routes
+      end
+
+      def call(env)
+        unless SAFE_METHODS.include?(env["REQUEST_METHOD"])
+          unless env["HTTP_SEC_FETCH_SITE"] == "same-origin"
+            return [403, {"Content-Type" => "text/plain"}, ["Forbidden"]]
+          end
+        end
+
+        block = @router.match(env)
+        return [404, {"Content-Type" => "text/plain"}, ["Not Found"]] unless block
+
+        action = SideBro::Web::Action.new(env)
+        catch(:halt) do
+          action.instance_exec(&block)
+          action.response.finish
+        end
+      end
+
+      private
+
+      def register_routes
+        @router.get("/assets/*") do
+          asset_path = File.expand_path(File.join(SideBro::Web::ASSETS_PATH, params["splat"].to_s))
+          unless asset_path.start_with?(SideBro::Web::ASSETS_PATH) && File.file?(asset_path)
+            halt(404)
+          end
+          content_type = case File.extname(asset_path)
+          when ".css" then "text/css"
+          when ".js"  then "application/javascript"
+          when ".png" then "image/png"
+          when ".svg" then "image/svg+xml"
+          else "application/octet-stream"
+          end
+          response["Content-Type"] = content_type
+          response["Cache-Control"] = "private, max-age=86400"
+          response.body = [File.binread(asset_path)]
+          response.finish
+        end
+
+        @router.head("/") do
+          Sidekiq.redis { |c| c.ping }
+          response["Content-Type"] = "text/plain"
+          response.body = [""]
+          response.finish
+        rescue => e
+          throw :halt, [500, {"Content-Type" => "text/plain"}, [e.message]]
+        end
+
+        @router.get("/") do
+          @stats = Sidekiq::Stats.new
+          days = (params["days"] || 30).to_i.clamp(1, 180)
+          @history = Sidekiq::Stats::History.new(days)
+          erb :dashboard
+        end
+
+        @router.get("/stats") do
+          stats = Sidekiq::Stats.new
+          redis_info = begin
+            Sidekiq.redis { |c| c.info }
+          rescue
+            {}
+          end
+          json({
+            processed: stats.processed,
+            failed: stats.failed,
+            busy: stats.workers_size,
+            enqueued: stats.enqueued,
+            retries: stats.retry_size,
+            scheduled: stats.scheduled_size,
+            dead: stats.dead_size,
+            sidekiq: Sidekiq::VERSION,
+            redis: redis_info
+          })
+        end
+
+        @router.get("/stats/queues") do
+          queues = Sidekiq::Queue.all.each_with_object({}) do |q, h|
+            h[q.name] = q.size
+          end
+          json(queues)
+        end
+
+        @router.get("/busy") do
+          @processes = Sidekiq::ProcessSet.new.to_a
+          @workers = Sidekiq::WorkSet.new.to_a
+          erb :busy
+        end
+
+        @router.post("/busy") do
+          if params["quiet"]
+            Sidekiq::ProcessSet.new.each(&:quiet!)
+          elsif params["stop"]
+            Sidekiq::ProcessSet.new.each(&:stop!)
+          elsif (identity = params["identity"])
+            process = Sidekiq::ProcessSet.new.find { |p| p.identity == identity }
+            process&.quiet! if params["quiet_process"]
+            process&.stop! if params["stop_process"]
+          end
+          redirect "#{root_path}busy"
+        end
+
+        @router.get("/queues") do
+          @queues = Sidekiq::Queue.all
+          erb :queues
+        end
+
+        @router.get("/queues/:name") do
+          validate_queue_name!(params["name"])
+          @queue = Sidekiq::Queue.new(params["name"])
+          @page, @per_page = current_page
+          @asc = params["direction"] != "desc"
+          @filter_job  = params["filter_job"].to_s.strip
+          @filter_args = params["filter_args"].to_s.strip
+          @filtering   = !@filter_job.empty? || !@filter_args.empty?
+
+          if @filtering
+            @jobs = @queue.lazy.select { |j|
+              (@filter_job.empty?  || job_display_class(j).include?(@filter_job)) &&
+              (@filter_args.empty? || display_args(j).include?(@filter_args))
+            }.first(@per_page)
+            @total = nil
+          else
+            @total = @queue.size
+            if @asc
+              @jobs = @queue.lazy.drop(@page * @per_page).first(@per_page)
+            else
+              all = @queue.map { |j| j }
+              all.reverse!
+              @jobs = all.slice(@page * @per_page, @per_page) || []
+            end
+          end
+          erb :queue
+        end
+
+        @router.post("/queues/:name") do
+          validate_queue_name!(params["name"])
+          q = Sidekiq::Queue.new(params["name"])
+          if params["pause"]
+            q.pause! if q.respond_to?(:pause!)
+          elsif params["unpause"]
+            q.unpause! if q.respond_to?(:unpause!)
+          elsif params["clear"]
+            q.clear
+          end
+          redirect "#{root_path}queues"
+        end
+
+        @router.post("/queues/:name/delete_filtered") do
+          validate_queue_name!(params["name"])
+          filter_job  = params["filter_job"].to_s.strip
+          filter_args = params["filter_args"].to_s.strip
+          q = Sidekiq::Queue.new(params["name"])
+          to_delete = q.select { |j|
+            (filter_job.empty?  || job_display_class(j) == filter_job) &&
+            (filter_args.empty? || display_args(j) == filter_args)
+          }
+          to_delete.each(&:delete)
+          redirect "#{root_path}queues/#{params["name"]}"
+        end
+
+        @router.post("/queues/:name/delete") do
+          validate_queue_name!(params["name"])
+          q = Sidekiq::Queue.new(params["name"])
+          Array(params["key_val"]).each do |jid|
+            job = q.find { |j| j.jid == jid }
+            job&.delete
+          end
+          redirect "#{root_path}queues/#{params["name"]}"
+        end
+
+        # Retries
+        @router.get("/retries") do
+          @total = Sidekiq::RetrySet.new.size
+          @page, @per_page = current_page
+          @jobs = Sidekiq::RetrySet.new.map { |j| j }.slice(@page * @per_page, @per_page) || []
+          erb :retries
+        end
+
+        @router.post("/retries/all/:op") do
+          case params["op"]
+          when "retry" then Sidekiq::RetrySet.new.retry_all
+          when "delete" then Sidekiq::RetrySet.new.clear
+          when "kill" then Sidekiq::RetrySet.new.kill_all
+          end
+          redirect "#{root_path}retries"
+        end
+
+        @router.get("/retries/:key") do
+          @job = Sidekiq::RetrySet.new.find { |j| j.jid == params["key"] }
+          halt(404) unless @job
+          erb :retry
+        end
+
+        @router.post("/retries") do
+          handle_job_action(Sidekiq::RetrySet.new)
+          redirect "#{root_path}retries"
+        end
+
+        # Morgue (Dead)
+        @router.get("/morgue") do
+          @total = Sidekiq::DeadSet.new.size
+          @page, @per_page = current_page
+          @jobs = Sidekiq::DeadSet.new.map { |j| j }.slice(@page * @per_page, @per_page) || []
+          erb :morgue
+        end
+
+        @router.post("/morgue/all/:op") do
+          case params["op"]
+          when "retry" then Sidekiq::DeadSet.new.retry_all
+          when "delete" then Sidekiq::DeadSet.new.clear
+          end
+          redirect "#{root_path}morgue"
+        end
+
+        @router.get("/morgue/:key") do
+          @job = Sidekiq::DeadSet.new.find { |j| j.jid == params["key"] }
+          halt(404) unless @job
+          erb :dead
+        end
+
+        @router.post("/morgue") do
+          handle_job_action(Sidekiq::DeadSet.new)
+          redirect "#{root_path}morgue"
+        end
+
+        # Scheduled
+        @router.get("/scheduled") do
+          @total = Sidekiq::ScheduledSet.new.size
+          @page, @per_page = current_page
+          @jobs = Sidekiq::ScheduledSet.new.map { |j| j }.slice(@page * @per_page, @per_page) || []
+          erb :scheduled
+        end
+
+        @router.post("/scheduled/all/:op") do
+          case params["op"]
+          when "delete" then Sidekiq::ScheduledSet.new.clear
+          when "add_to_queue" then Sidekiq::ScheduledSet.new.each(&:add_to_queue)
+          end
+          redirect "#{root_path}scheduled"
+        end
+
+        @router.get("/scheduled/:key") do
+          @job = Sidekiq::ScheduledSet.new.find { |j| j.jid == params["key"] }
+          halt(404) unless @job
+          erb :scheduled_job_info
+        end
+
+        @router.post("/scheduled") do
+          handle_job_action(Sidekiq::ScheduledSet.new)
+          redirect "#{root_path}scheduled"
+        end
+
+        # Metrics (Sidekiq 7+ only)
+        @router.get("/metrics") do
+          halt(404) unless metrics_enabled?
+          require "sidekiq/metrics/query"
+          @period = params["period"] || "1h"
+          hours = {"1h" => 1, "8h" => 8, "24h" => 24, "72h" => 72}[@period]
+          @metrics = Sidekiq::Metrics::Query.new.top_jobs(hours: hours)
+          erb :metrics
+        end
+
+        @router.get("/metrics/:name") do
+          halt(404) unless metrics_enabled?
+          require "sidekiq/metrics/query"
+          @period = params["period"] || "1h"
+          hours = {"1h" => 1, "8h" => 8, "24h" => 24, "72h" => 72}[@period]
+          @name = params["name"]
+          @metrics = Sidekiq::Metrics::Query.new.for_job(@name, hours: hours)
+          erb :metrics_for_job
+        end
+
+        @router.post("/change_locale") do
+          new_locale = params["locale"].to_s.strip
+          session[:locale] = new_locale if SideBro::Web.translations.key?(new_locale)
+          redirect(request.env["HTTP_REFERER"] || root_path.to_s)
+        end
+      end
+
+      def register_extension_routes
+        SideBro::Web.extensions.each do |ext|
+          ext_name = ext[:name]
+          ext_class = ext[:class]
+          root_dir = ext[:root_dir]
+          cache_for = ext[:cache_for] || 86400
+
+          if root_dir
+            assets_base = File.expand_path("assets", root_dir)
+            @router.get("/#{ext_name}/assets/*") do
+              asset_path = File.expand_path(File.join(assets_base, params["splat"].to_s))
+              unless asset_path.start_with?(assets_base) && File.file?(asset_path)
+                halt(404)
+              end
+              content_type = case File.extname(asset_path)
+              when ".css" then "text/css"
+              when ".js" then "application/javascript"
+              when ".png" then "image/png"
+              when ".svg" then "image/svg+xml"
+              else "application/octet-stream"
+              end
+              response["Content-Type"] = content_type
+              response["Cache-Control"] = "private, max-age=#{cache_for}"
+              response.body = [File.binread(asset_path)]
+              response.finish
+            end
+          end
+
+          next unless ext_class.respond_to?(:call)
+          ["/#{ext_name}", "/#{ext_name}/*"].each do |path|
+            @router.get(path) { throw :halt, ext_class.call(env) }
+            @router.post(path) { throw :halt, ext_class.call(env) }
+          end
+        end
+      end
+    end
+  end
+end