Skip to content
📌 Provide isolated databases for apps with Service Bindings.

Console Tour

A visual tour of the OpenRun management console: creating a database service with its connection url stored as a secret, binding an app to it, deploying a containerized app from a git repo, and the operational pages. The screenshots follow the site theme - toggle light/dark to see the console in the other theme.

Create a service

Services are named backing resources (Postgres, MySQL) that apps connect to through bindings. The lock button encrypts the connection url into the secrets store; the service config keeps only the secret reference, so credentials never appear in config listings.

New service form with the connection url stored as a secret New service form with the connection url stored as a secret

The created service shows on the bindings page with its config keys - the values stay server-side.

Bindings page listing the postgres service Bindings page listing the postgres service

Create a binding

A binding gives apps access to a service. Creating it provisions a dedicated account (role and schema) on the database, so each binding is isolated.

New binding form sourced from the postgres service New binding form sourced from the postgres service Bindings page with the service and the base binding Bindings page with the service and the base binding

Deploy an app

Apps deploy straight from a git repo (or a server directory). The spec dropdown picks the app type for sources without an app.star, parameters are passed as key/value pairs (lockable into the secrets store), and the service bindings dropdown attaches the binding - the app’s container gets the database credentials as environment variables.

New app form with spec, params and the binding selected New app form with spec, params and the binding selected

Validate does a dry run: the source is fetched and checked, and the permissions the app will request are listed for review before anything is created.

App create form after a successful validate dry run App create form after a successful validate dry run

After create, the app is live with a staging environment alongside prod.

Apps page with the deployed app Apps page with the deployed app

The app detail page shows versions for prod and staging, the approved permissions, and links to open the running app.

App detail page with versions and permissions App detail page with versions and permissions

Operate

Containers for the deployed apps, with lifecycle actions, stats and logs:

Containers page with the app's prod and staging containers Containers page with the app's prod and staging containers

Every operation is audit logged, filterable by app, operation and status:

Audit page with the operations from this flow Audit page with the operations from this flow

Declarative GitOps sources keep apps synced from a repo on a schedule:

Syncs page with declarative sources Syncs page with declarative sources

The AI app builder creates apps from a prompt in an agent session:

App builder page App builder page

Server configuration - auth, git, secrets, RBAC and system settings - is editable from the console, with staged versions and history:

Configuration page Configuration page