Update main (#112)

* Fix admins not being allowed to access authenticators (#47)

* Parallelize test suite runner (#64)

* Parallelize test suite runner

* Remove unnecessary mocha options

* Add max number of jobs to prevent timeouts

* Add separate coverage command to limit workers for ci runner

* Feature/Events & planning (#48)

* Created initial BorrelSchema entities + seeder

* Created borrel-schema controller, service, response and request, update borrel-schema entities

* Created basic GET in controller

* Rename borrel schema and its related entities to events

* Add tests for getEvents function

* Fix and test event update and create functions

* Add getShifts and (soft) delete shift functions

* Add test for create and update shift endpoints

* Add event shift answer update function and tests

* Add first endpoints for events to new controller

* Add PATCH event endpoint

* Add event shift endpoints & fix swagger docs

* Add endpoints to change shift availability and assignment & add type

* Add endpoint to sync event answers and function to send reminder emails

* Register controllers and timed events in production

* Revert package-lock.json

* Add explicit reference to shifts in event entity

* Fix test suite

* Increase EventService & EventController test coverage

* Add endpoint to get number of times users were selected for shifts

* @Yoronex fix ur lint

* Reduce number of workers to prevent timeouts on CI runner

---------

Co-authored-by: Sjoerd <sjoerdvanheesbeen@hotmail.com>
Co-authored-by: Job van de Ven <jobvandeven@live.nl>
Co-authored-by: Samuel Oosterholt <samuel.oosterholt20001004@gmail.com>

* Fix trace logs missing from production container (#80)

* Possibly fix trace logs missing from production container

* Fix docker build failing

* Fix docker build failing

* Voucher auto ToS accept & restrict users who can go into debt (#79)

* Fix voucher users being required to accept ToS

* Refactor and rename borrelkaart to voucher

* Add attribute to user entity whether user can go into debt

* Change that GEWIS members can go into debt by default

* Add check when making transaction whether user can go into debt

* Lint fix

* Fix endpoint documentation

* Fine design improvements (#78)

* Refactor afterInsert listers to subscribers

* Reference dates now required & added balances w/ date to calc results

* Fix test suite

* Update getBalances method to always return last transaction/transfer ID

* Fix transaction subscriber tests

* Fix debtor test suite failing

* Implement Samuel's feedback

* Fix test suite

* Fix test suite

* Add invoice pagination to swagger spec

* Fix OpenAPI docs for some event-related endpoints

* Fix balance query not working due to SQLite/MariaDB Syntax difference (#99)

* Fix/user openapi docs (#101)

* Fix OpenAPI docs for some event-related endpoints

* Changed UserRequest to UpdateUserRequest in user-controller.ts

---------

Co-authored-by: Roy Kakkenberg <me@roykakkenberg.nl>
Co-authored-by: Samuel <samuel.oosterholt20001004@gmail.com>

* Use mariadb in CI (#103)

---------

Co-authored-by: Sjoerd <sjoerdvanheesbeen@hotmail.com>
Co-authored-by: Job van de Ven <jobvandeven@live.nl>
Co-authored-by: Samuel Oosterholt <samuel.oosterholt20001004@gmail.com>
Co-authored-by: Robin van Dijke <robinvandijke2002@gmail.com>
Co-authored-by: Rink <rinkp@users.noreply.github.com>

.github/workflows/build.yml

@@ -58,10 +58,34 @@ jobs:
           retention-days: 1
 
   coverage:
-    needs: [lint]
+    name: "coverage-${{ matrix.typeorm-connection }}"
+    needs: [ lint ]
     runs-on: [ self-hosted, linux, docker ]
     container:
       image: node:18
+    services:
+      mariadb:
+        image: mariadb:lts
+        env:
+          MARIADB_RANDOM_ROOT_PASSWORD: true
+          MARIADB_DATABASE: sudosos-ci
+          MARIADB_USER: sudosos-ci
+          MARIADB_PASSWORD: sudosos-ci
+    strategy:
+      matrix:
+        include:
+          - typeorm-connection: mariadb
+            typeorm-host: mariadb
+            typeorm-port: 3306
+            typeorm-username: sudosos-ci
+            typeorm-password: sudosos-ci
+            typeorm-database: sudosos-ci
+          - typeorm-connection: sqlite
+            typeorm-host: ''
+            typeorm-port: ''
+            typeorm-username: ''
+            typeorm-password: ''
+            typeorm-database: local.sqlite
     env:
       NODE_ENV: development
       API_HOST: localhost:3000
@@ -71,10 +95,14 @@ jobs:
       GEWISWEB_JWT_SECRET: ChangeMe
       JWT_KEY_PATH: ./config/jwt.key
       HTTP_PORT: 3000
-      TYPEORM_CONNECTION: sqlite
-      TYPEORM_DATABASE: local.sqlite
+      TYPEORM_CONNECTION: ${{ matrix.typeorm-connection }}
+      TYPEORM_HOST: ${{ matrix.typeorm-host }}
+      TYPEORM_PORT: ${{ matrix.typeorm-port }}
+      TYPEORM_USERNAME: ${{ matrix.typeorm-username }}
+      TYPEORM_PASSWORD: ${{ matrix.typeorm-password }}
+      TYPEORM_DATABASE: ${{ matrix.typeorm-database }}
       TYPEORM_SYNCHRONIZE: 0
-      TYPEORM_LOGGING: 1
+      TYPEORM_LOGGING: 0
       LOG_LEVEL: INFO
       RESET_TOKEN_EXPIRES: 3600
       FILE_STORAGE_METHOD: disk
@@ -95,17 +123,24 @@ jobs:
         if: steps.cache-node.outputs.cache-hit != 'true'
       - run: openssl genrsa -out ./config/jwt.key 2048 && chmod 0777 ./config/jwt.key
       - run: npm run swagger
-      - run: npm run coverage
+      - run: npm run coverage-ci # Separate command to limit the number of workers to prevent timeouts
       - run: git config --global --add safe.directory $GITHUB_WORKSPACE # To avoid dubious ownership
+        if: ${{ matrix.typeorm-connection == 'mariadb' }}
+
+      - name: "Cannot commit code coverage cross-fork"
+        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork && matrix.typeorm-connection == 'mariadb'
+        run: |
+            echo "::warning Cannot comment code coverage cross-fork"
       - name: "Comment code coverage on PR"
-        if: github.event_name == 'pull_request'
+        if: github.event_name == 'pull_request' && !github.event.pull_request.head.repo.fork && matrix.typeorm-connection == 'mariadb'
         uses: sidx1024/report-nyc-coverage-github-action@v1.2.6
         with:
           comment_template_file: .github/coverage-template.md
           coverage_file: reports/coverage/coverage-summary.json
           base_coverage_file: ''
           sources_base_path: "/__w/sudosos-backend/sudosos-backend" #github.action_path does not work in Docker (https://github.com/actions/runner/issues/716)
       - name: "Upload code coverage report"
+        if: ${{ matrix.typeorm-connection == 'mariadb' }}
         uses: actions/upload-artifact@v3
         with:
           name: coverage

.github/workflows/docker-build.yml

@@ -0,0 +1,45 @@
+name: Docker Build
+
+on:
+  pull_request:
+    branches: [ main, develop ]
+
+concurrency:
+    group: ${{ github.workflow }}-${{ github.ref }}
+    cancel-in-progress: true
+
+jobs:
+  dockerize:
+    runs-on: [self-hosted, linux, docker]
+    container:
+      image: docker:dind
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Get Docker meta across forks
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ github.actor }}/${{ github.repository }}
+          tags: |
+            type=ref,event=pr
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          platforms: linux/amd64 #SudoSOS does not run on linux/arm64
+          push: false
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/docker.yml → .github/workflows/docker-push.yml

@@ -1,12 +1,10 @@
-name: Docker
+name: Docker Build & Push
 
 on:
   push:
     branches: [ main, develop ]
     # Publish semver tags as releases.
     tags: [ 'v*.*.*' ]
-  pull_request:
-    branches: [ main, develop ]
 
 concurrency:
     group: ${{ github.workflow }}-${{ github.ref }}
@@ -55,7 +53,7 @@ jobs:
         with:
           context: .
           platforms: linux/amd64 #SudoSOS does not run on linux/arm64
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=gha

Dockerfile

@@ -15,13 +15,13 @@ RUN apk add openssl
 WORKDIR /app
 COPY ./package.json ./package-lock.json ./
 RUN npm ci
-RUN npm install pm2 -g
+RUN npm install pm2 pm2-graceful-intercom -g
 ARG TYPEORM_USERNAME
 ARG TYPEORM_PASSWORD
 ARG TYPEORM_DATABASE
 
 COPY --from=build --chown=node /app/init_scripts /app/init_scripts
-COPY --from=build --chown=node /app/process.json /app/process.json
+COPY --from=build --chown=node /app/pm2.json /app/pm2.json
 RUN chmod +x /app/init_scripts/start.sh
 
 COPY --from=build --chown=node /app/out/src /app/out/src

init_scripts/start.sh

@@ -3,4 +3,4 @@ chmod +x /app/init_scripts/00_make_sudosos_data_dirs.sh
 chmod +x /app/init_scripts/00_regen_sudosos_secrets.sh
 sh /app/init_scripts/00_make_sudosos_data_dirs.sh
 sh /app/init_scripts/00_regen_sudosos_secrets.sh
-pm2-runtime start /app/process.json
+pm2-runtime start /app/pm2.json

mocha.json

@@ -1,6 +1,3 @@
 {
-  "reporterEnabled": "spec, mocha-junit-reporter",
-  "mochaJunitReporterReporterOptions": {
-    "mochaFile": "reports/junit.xml"
-  }
-}
+  "reporterEnabled": "spec"
+}