fix: resolve collection of CLI and UI bugs (#3168, #3105, #3139)

[deepshekhardas]

This PR resolves the following issues:

1. Fixes self-hosted local docker push failure (bug: Self-hosted local push gets registry_not_supported (CLI 4.4.0+) #3168) by bypassing AWS ECR auth for non-AWS registries.
2. Fixes Deployment UI showing 'Node.js' for Bun runtimes (bug: Deployment UI shows Node.js runtime when using Bun #3105).
3. Verified 'runtime' fields are nullable in 'ApiDeploymentListResponseItem' (MCP server: list_deploys fails with validation error on null runtime/runtimeVersion #3139).

[github-actions]

Hi @deepshekhardas, thanks for your interest in contributing!

This project requires that pull request authors are vouched, and you are not in the list of vouched users.

This PR will be closed automatically. See https://github.com/triggerdotdev/trigger.dev/blob/main/CONTRIBUTING.md for more details.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 6d73d9ec-6d7e-4561-9638-4a0ca5c289b8

📥 Commits

Reviewing files that changed from the base of the PR and between 436f20e and 6ffe00b.

📒 Files selected for processing (16)

• apps/webapp/app/components/RuntimeIcon.tsx
• apps/webapp/app/routes/admin.api.v1.runs-replication.create.ts
• apps/webapp/app/routes/resources.orgs.$organizationSlug.projects.$projectParam.env.$envParam.github.tsx
• apps/webapp/app/services/clickhouseInstance.server.ts
• apps/webapp/app/services/emailAuth.server.tsx
• apps/webapp/app/services/runsReplicationInstance.server.ts
• internal-packages/clickhouse/Dockerfile
• packages/build/src/extensions/playwright.ts
• packages/cli-v3/src/deploy/buildImage.ts
• packages/core/src/v3/apiClient/index.ts
• packages/core/src/v3/apiClient/runStream.ts
• packages/core/src/v3/build/runtime.ts
• packages/core/src/v3/schemas/api.ts
• packages/core/src/v3/utils/flattenAttributes.ts
• repro_1510.ts
• test-flatten.ts

---

Walkthrough

This pull request encompasses multiple, heterogeneous changes across the application. Key modifications include: updating RuntimeIcon to display "Unknown" instead of defaulting to Node.js when runtime cannot be parsed; normalizing ClickHouse URLs by removing the "secure" query parameter across multiple service files; updating a GitHub App installation link; adding filesystem validation for Bun executable paths; making schema fields for runtime and runtimeVersion nullable; enhancing the flattenAttributes utility with key escaping logic to handle dots and backslashes; improving Playwright browser parsing with awk-based extraction; adding conditional Docker registry credential handling for ECR; modifying API client payload handling with JSON serialization fallback; updating stream data parsing with conditional JSON parsing for string payloads; and adding an EmailLinkStrategy configuration option. Additionally, two new test files are introduced to validate the flatten/unflatten functionality.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[changeset-bot]

⚠️ No Changeset found

Latest commit: 6ffe00b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[devin-ai-integration]

Devin Review found 5 potential issues.

View 3 additional findings in Devin Review.

[devin-ai-integration]

🚩 Map keys with dots are not escaped (pre-existing)

The new escapeKey function is applied to regular object keys at line 233, but the pre-existing Map handling code at lines 145-153 still constructs prefixes with raw (unescaped) Map keys: ${prefix || "map"}.${keyStr}. If a Map has a key containing a dot (e.g., "a.b"), the flattened key will contain an unescaped dot, causing unflattenAttributes to split it incorrectly. This is a pre-existing issue not introduced by this PR, but worth noting since the PR adds escaping for regular objects but not Maps.

(Refers to lines 145-153)

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[devin-ai-integration]

🟡 Debug/reproduction scripts committed to repository root

Two debug/reproduction scripts (repro_1510.ts and test-flatten.ts) are committed to the repository root. These files import from relative paths, use console.log for assertions, and use process.exit(1) instead of proper test infrastructure. This violates AGENTS.md ("Follow the existing project conventions. Test files live beside the files under test and use descriptive describe and it blocks") and CLAUDE.md ("We use vitest exclusively"). These should either be converted to proper vitest tests placed next to packages/core/src/v3/utils/flattenAttributes.ts, or removed entirely.

Prompt for agents

Delete the files repro_1510.ts and test-flatten.ts from the repository root. If the test coverage is needed, add proper vitest tests in packages/core/test/flattenAttributes.test.ts (which already exists) using describe/it blocks to cover the round-trip escaping behavior for keys with periods and backslashes.

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[devin-ai-integration]

🟡 Debug/reproduction script committed to repository root

Same issue as repro_1510.ts — test-flatten.ts is a debug script at the repository root that uses console.log instead of vitest, violating the project's testing conventions specified in AGENTS.md and CLAUDE.md.

Prompt for agents

Delete test-flatten.ts from the repository root. If coverage is needed, add the test cases to the existing vitest file at packages/core/test/flattenAttributes.test.ts.

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[devin-ai-integration]

🚩 Non-AWS registries now skip server-side authentication entirely

The buildImage.ts change at lines 489-539 now only fetches credentials from the Trigger.dev API and performs docker login for registries ending in amazonaws.com. For all other registries (GCR, GHCR, Azure CR, custom registries), the code logs a debug message and relies on the user being logged in locally. This is a behavioral change from the previous code which attempted API-based authentication for ALL registries when push && options.authenticateToRegistry. If getDockerUsernameAndPassword previously returned valid credentials for non-AWS registries (e.g., via a generic credential proxy), those deployments would now fail with authentication errors during push. The change appears intentional for self-hosted non-AWS scenarios, but the impact on existing users of non-AWS cloud registries should be verified.

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[devin-ai-integration]

🚩 validateSession: false reduces magic link security

Adding validateSession: false at apps/webapp/app/services/emailAuth.server.tsx:20 disables the check that the browser session requesting the magic link is the same one verifying it. This means magic links can be used from any browser/device, which is convenient but also means intercepted links (e.g., by email proxies, link preview bots, or attackers) can be used to authenticate. This is a common trade-off in magic link implementations and is likely intentional to fix cross-device/browser issues, but it does reduce the security posture of the auth flow.

---

Was this helpful? React with 👍 or 👎 to provide feedback.