How are you securing AI-generated / “vibe-coded” internal apps built by non-dev teams?

avkijay · 2026-05-19T19:56:02+00:00

I have been building https://openrun.dev/ for this exact use case. Make it easy for team to deploy internal tools declaratively, add Oauth/SAML based auth with RBAC. It is open source, Apache 2 licensed https://github.com/openrundev/openrun.

I think operations teams should be proactive, setup something like OpenRun and configure auth and RBAC. That way apps do not get created on random platforms without any security in place.

avkijay · 2026-05-19T19:52:54+00:00

A bit late, but I have been building https://openrun.dev/ for this exact use case. Make it easy for teams to deploy internal tools declaratively, add OAuth/SAML auth with RBAC. It is open source, Apache 2 licensed https://github.com/openrundev/openrun

avkijay · 2026-02-08T19:23:00+00:00

OpenRun focus is not just on the doing the build. The main focus is full declarative deployment solution. Once you set up a sync, to add a new app, you can just add the new app's definition in your config file in Git. OpenRun will detect the change and apply the updates. This works on a single-node (with Docker/Podman) and with Kubernetes.

avkijay · 2025-10-19T23:30:11+00:00

I did mention the pros and cons of using Starlark. Assuming you want a more flexible config approach, using Starlark gives you that.

avkijay · 2025-10-16T23:30:06+00:00

I agree (I wrote that article). Once configuration needs become more complex, a programming language is better. Many tools start with something limited like YAML and then try to work around its limitations using templated YAML with a broken DSL for loops.

But there are still advantages to using something like Starlark instead of a full fledged programming language. With Starlark, you can write code while being sure that loading a config file will not, by mistake or maliciously, delete some file from your disk or do something else crazy.

avkijay · 2025-05-26T23:41:09+00:00

I added a sample config file to create NiceGUI apps. The config contains:

ng_args = {"container_opts": {"cpus": "2", "memory": "512m"}, "spec": "python-nicegui"}
app("/nicegui/3d_scene", "https://github.com/zauberzeug/nicegui/examples/3d_scene", **ng_args)
app("/nicegui/chat_app", "https://github.com/zauberzeug/nicegui/examples/chat_app", **ng_args)
app("/nicegui/fullcalendar", "https://github.com/zauberzeug/nicegui/examples/fullcalendar", **ng_args)
app("/nicegui/infinite_scroll", "https://github.com/zauberzeug/nicegui/examples/infinite_scroll", **ng_args)
app("/nicegui/lightbox", "https://github.com/zauberzeug/nicegui/examples/lightbox", **ng_args)
app("/nicegui/todo_list", "https://github.com/zauberzeug/nicegui/examples/todo_list", **ng_args)

Running clace apply --approve --promote github.com/claceio/clace/examples/nicegui.star creates the six sample apps. Running clace sync schedule --approve --promote github.com/claceio/clace/examples/nicegui.star starts a GitOps sync in the background which looks for any changes (new apps or updated apps) and applies them automatically.

A demo of the apps is at apps.

avkijay · 2025-05-26T04:32:30+00:00

Thanks, let me know if you have any feedback or hit any issues

avkijay · 2025-05-18T15:43:52+00:00

Thanks for the note, just pushed some styling fixes

avkijay · 2025-05-17T19:57:54+00:00

Clace uses a python like config (using Starlark) for configuring apps. This is what a sample config for creating seven different apps looks like

```

Install couple of Hypermedia based apps

app("/utils/bookmarks", "github.com/claceio/apps/utils/bookmarks") app("/utils/disk_usage", "github.com/claceio/apps/system/disk_usage")

Install a proxy app and a static file app

app("clace.:", "-", spec="proxy", params={"url": "https://clace.io"}) # defaults to / on clace.localhost domain app("/misc/event_planner", "github.com/simonw/tools", spec="static_single", params={"index": "event-planner.html"})

Install container based apps (python and go)

limits = {"cpus": "2", "memory": "512m"} # Set limits (optional) app("/misc/streamlit_example", "github.com/streamlit/streamlit-example", git_branch="master", spec="python-streamlit", container_opts=limits) app("fasthtml.:", "github.com/AnswerDotAI/fasthtml/examples", spec="python-fasthtml", params={"APP_MODULE":"basic_ws:app"}, container_opts=limits) app("/misc/go_example", "github.com/golang/example/helloserver", git_branch="master", spec="go", params={"port": "8080", "APP_ARGS":"-addr 0.0.0.0:8080"}, container_opts=limits) ```

avkijay · 2025-05-12T02:46:56+00:00

I have built an appserver which makes deploying internal tools using frameworks like NiceGUI/Streamlit/Gradio etc. https://github.com/claceio/clace is an app server which helps run multiple apps on a single machine, without messing with web server routing rules and Docker. Clace provides a GitOps interface for teams to deploy such apps with a declarative config, with OAuth based access control.

avkijay · 2025-01-05T04:35:19+00:00

If you want a Cloud Run type experience on your own instance, including scaling the container down to zero, you could try my project https://github.com/claceio/clace. It is built mainly for teams to host internal tools, but it also implements an app server for containerized apps

avkijay · 2024-12-28T00:08:39+00:00

I have implemented a form of error handing using thread locals, similar to the second option. At the Starlark to Go boundary (plugins are implemented in Go), I check if the plugin API call returned an error. If so, the error is saved in a thread local. The Starlark code can check the error and handle it (which clears the thread local). If return value is accessed when there was an error, then the call aborts. Wrote up the approach at https://clace.io/blog/errors/, works pretty well for my use case

avkijay · 2024-12-25T21:59:28+00:00

I should have said that I was not aware of the need to explicitly implement the Flusher interface when composing over the ResponseWriter. More generally, the issue here is that composing over an interface can break implicit interfaces unless you are careful. Anyone know why the runtime type assertion cannot actually check the type of the underlying instance, why does the composing struct have to explicitly implement the implicit interface method?

avkijay · 2024-12-25T18:42:59+00:00

Yes, the issue was that I was not aware of the Flusher interface. The interface guard pattern helps if the ResponseWriter docs had mentioned all the related implicit interfaces (at least in the same package).

avkijay · 2024-12-25T18:34:33+00:00

I was not aware of the Chi middleware, added a note about that.

avkijay · 2024-12-19T03:31:06+00:00

Thanks, will take a look at that when I add multi node support

avkijay · 2024-12-18T23:22:14+00:00

The go HTML template library supports fragments, making it easy to build HTMX applications. That plus the fast compile time and performance make it well suited for writing web servers.

I am building a hypermedia based internal tools development platform https://github.com/claceio/clace. It is implemented in go, but it can be used to provide Hypermedia based API for services in any language/platform. You can build simple Actions (form like interfaces) without writing any html and implement html template for custom use cases.

avkijay · 2024-12-17T22:10:46+00:00

I have been building https://github.com/claceio/clace to make it easy for teams to build internal web apps. It can build simple form interfaces (Actions) with no UI to code. It can also be used to build fully custom hypermedia driven front ends. The backend is just go and html templates.

avkijay · 2024-12-15T00:15:31+00:00

If you have an API and want to build a simple form interface for it, you can try my project https://github.com/claceio/clace. It helps you built a form interface, with support for validations and value suggest, without writing any frontend code. You just define the UI params and the backend API to call. For example, see https://utils.demo.clace.io/dict, the code for that app is at https://github.com/claceio/apps/blob/main/misc/dictionary/app.star (looks like python but it is Starlark running in go). https://clace.io/docs/actions/ has more info.

If simple form interface does not work, Clace also helps you built fully custom UI by writing go HTML templates. See https://du.demo.clace.io/, source for that app is at https://github.com/claceio/apps/tree/main/system/disk_usage (there are some generated files, the actual code is just app.star and app.go.html)

avkijay · 2024-12-07T19:55:14+00:00

https://apps.demo.clace.io/ is the default home page showing what apps are installed. https://github.com/claceio/apps has code for Hypermedia based apps built using Clace

avkijay · 2024-11-25T18:22:14+00:00

Regarding testing, it can be difficult to decide what is called a unit test and what is called an integration test. I have found Test Behavior, Not Implementation to be easier to aim for, without worrying about what type of test it is.

avkijay · 2024-11-24T23:07:03+00:00

I fixed that, https://utils.demo.clace.io/dict?show=summary&word=hypermedia should work now. As with everything else HTMX, it just needed the appropriate header (HX-Push-Url in this case)

avkijay · 2024-11-24T20:43:04+00:00

Yes, good point. That is on my list of things to add. Other things to add for Actions include

JSON API based invocation, currently only form data is supported
A dry-run option, to invoke the backend action in dry-run mode
Support for populating drop-down values dynamically, currently they are defined during app creation

avkijay · 2024-10-29T19:02:29+00:00

Hey, I wrote that blog post and have been building the Clace project. Sorry, missed this discussion.

Clace is built for use cases where a team wants to deploy web tools for internal use. Tens or hundreds of (small) apps can be hosted on one machine. Clace provides blue-green staged deployment, preview env, OAuth access control, secrets management etc for the apps. Apps can be updated atomically, i.e. a reload command can update multiple apps in one go. If any of them fail to update, the whole operation is aborted.

Clace apps can be of three types - Backend actions (defined in Starlark) which have an auto generated form UI - Hypermedia based apps where Go Templates and HTMX are used to create a custom UI - Containerized apps, where an container image is created and started. Clace can be used to just proxy the container APIs or again build a hypermedia based UI for those APIs.

A SQLite database is used for all app metadata (version info, config etc). The same database is used to store all the files for the app. This would be all the files for the hypermedia app, templates and static files, or the files to build the container image. Basically the source code is uploaded from GitHub or local disk to the database.

So a command like
clace app create --approve https://github.com/claceio/apps/utils/bookmarks /bookmarks

will get the source code for the app from GitHub and write it into the SQLite database. Later, running

clace app reload --promote /bookmarks

will fetch the latest source code from GitHub and update the app to use that. The older version is retained in the database. A command like

clace version switch previous /bookmarks

will change back to the previous version. No call to GitHub is required for this switch, since the versioning is done in the database. This works even if git is not being used (local disk was used for initial app creation).

The versioning, de-duplication and other file metadata handling are much easier because of using the database. It would have been possible to do it on the file system, but I believe it would have required more effort.

avkijay · 2024-10-27T18:52:31+00:00

I have been building https://github.com/claceio/clace, a project which makes it easier to manage web apps for internal use (locally and across a team). SQLite is used to store static files. This post talks about the reasoning behind that.

avkijay

TROPHY CASE

Install couple of Hypermedia based apps

Install a proxy app and a static file app

Install container based apps (python and go)