Merge remote-tracking branch 'upstream/dev' into dev

.env.example

@@ -9,9 +9,11 @@ PORT=3000
 # Choose mysql or postgres
 DB_DIALECT=<mysql|postgres>
 DB_HOST=localhost
-DB_USER=ilmomasiina
-DB_PASSWORD=secret
+#DB_PORT=<3306|5432>
+DB_USER=ilmo_user
+DB_PASSWORD=password
 DB_DATABASE=ilmomasiina
+#DB_SSL=false
 
 
 # Privacy-related settings
@@ -24,10 +26,6 @@ ANONYMIZE_AFTER_DAYS=180
 DELETION_GRACE_PERIOD_DAYS=14
 
 
-# Whether or not new admin accounts can be added. REMEMBER TO DISABLE AFTER SETUP.
-# This is disabled by default so that new users know of this variable.
-ADMIN_REGISTRATION_ALLOWED=false
-
 # Whether or not to trust X-Forwarded-For headers for remote IP. Set to true IF
 # AND ONLY IF running behind a proxy that sets this header.
 TRUST_PROXY=false
@@ -59,70 +57,75 @@ MAIL_FROM=<[email protected]>
 # a version supporting language detection.
 MAIL_DEFAULT_LANG=fi
 
+# If you want to send emails, choose either SMTP or Mailgun.
+# In development, you can omit both and emails will be printed to the console.
+
 # SMTP server host and credentials, if using direct SMTP.
-SMTP_HOST=''
+SMTP_HOST=
 SMTP_PORT=587
-SMTP_USER=''
-SMTP_PASSWORD=''
+SMTP_USER=
+SMTP_PASSWORD=
+SMTP_TLS=false
 
 # Mailgun API key and domain, if using it.
-MAILGUN_API_KEY=''
-MAILGUN_DOMAIN=''
+MAILGUN_API_KEY=
+MAILGUN_DOMAIN=
 # Mailgun server to use (defaults to api.eu.mailgun.net)
-MAILGUN_HOST='api.eu.mailgun.net'
+MAILGUN_HOST=api.eu.mailgun.net
 
 
 # URL settings
 
 # Canonical base URL for the app. Used by the backend.
 # Include $PATH_PREFIX, but NOT a final "/".
 # e.g. "http://example.com" or "http://example.com/ilmo"
-BASE_URL='http://localhost:3000'
+BASE_URL=http://localhost:3000
 
 # URI prefix for the app. Used for frontend URLs.
 # Include initial "/", but NOT a final "/".
 # e.g. "" or "/ilmo"
-PATH_PREFIX=''
+PATH_PREFIX=
 
 # URI prefix or full base URL to the API. Used by the frontend.
 # Leave empty to use "$PATH_PREFIX/api".
 # YOU SHOULD LEAVE THIS EMPTY unless you're building the frontend against a remote API.
 # Include "/api" if applicable but NOT a final "/".
-API_URL=''
+API_URL=
 
 # URL template for an event details page. Used by the backend for iCalendar exports.
 # Leave empty to use the default routes used by the frontend, i.e. "$BASE_URL/events/{id}".
 # YOU SHOULD LEAVE THIS EMPTY unless you're using a customized frontend with different paths.
 # Use the token {slug}, e.g. http://example.com/event/{slug}
-#EVENT_DETAILS_URL=''
+#EVENT_DETAILS_URL=
 
 # URL template for a signup edit page. Used by the backend for emails.
 # Leave empty to use the default routes used by the frontend, i.e. "$BASE_URL/signup/{id}/{editToken}".
 # YOU SHOULD LEAVE THIS UNSET unless you're using a customized frontend with different paths.
 # Use the tokens {id} and {editToken}, e.g. http://example.com/signup/{id}/{editToken}
 
-#EDIT_SIGNUP_URL=''
+#EDIT_SIGNUP_URL=
 
 # Allowed origins for cross-site requests to API. Separate with commas or use * for all.
-ALLOW_ORIGIN=''
+ALLOW_ORIGIN=
 
 
 # Sentry.io public DSN for error tracking (only used in production, leave empty to disable)
-SENTRY_DSN=''
+SENTRY_DSN=
 
 
 # Branding settings
 
 # Website strings (requires website rebuild)
-BRANDING_HEADER_TITLE_TEXT='Ilmomasiina'
-BRANDING_FOOTER_GDPR_TEXT='Tietosuoja'
-BRANDING_FOOTER_GDPR_LINK='http://example.com/privacy'
-BRANDING_FOOTER_HOME_TEXT='Example.com'
-BRANDING_FOOTER_HOME_LINK='http://example.com'
+BRANDING_HEADER_TITLE_TEXT=Ilmomasiina
+BRANDING_FOOTER_GDPR_TEXT=Tietosuoja
+BRANDING_FOOTER_GDPR_LINK=http://example.com/privacy
+BRANDING_FOOTER_HOME_TEXT=Example.com
+BRANDING_FOOTER_HOME_LINK=http://example.com
+BRANDING_LOGIN_PLACEHOLDER_EMAIL=[email protected]
 
 # Email strings
-BRANDING_MAIL_FOOTER_TEXT='Rakkaudella, Tietskarijengi & Athene'
-BRANDING_MAIL_FOOTER_LINK='https://ilmo.athene.fi'
+BRANDING_MAIL_FOOTER_TEXT=Rakkaudella, Tietskarijengi & Athene
+BRANDING_MAIL_FOOTER_LINK=https://ilmo.athene.fi
 
 # iCalendar exported calendar name
-BRANDING_ICAL_CALENDAR_NAME='Ilmomasiina'
+BRANDING_ICAL_CALENDAR_NAME=Ilmomasiina

.eslintrc.js

@@ -11,6 +11,14 @@ module.exports = {
     // https://github.com/typescript-eslint/typescript-eslint/issues/2094
     "EXPERIMENTAL_useSourceOfProjectReferenceRedirect": true
   },
+  "ignorePatterns": [
+    "**/node_modules/**",
+    "**/dist/**",
+    "**/build/**",
+    ".eslintrc.js",
+    "*.scss",
+    "*.json"
+  ],
   "settings": {
     "react": {
       "pragma": "React",
@@ -63,6 +71,15 @@ module.exports = {
       namedComponents: ["function-declaration", "arrow-function"],
       unnamedComponents: "arrow-function",
     }],
+    // Allow dev deps in test files.
+    "import/no-extraneous-dependencies": ["error", {
+      devDependencies: [
+        "**/test/**",
+        "**/vite.config.ts",
+        "**/vitest.config.ts",
+        "**/.eslintrc.js"
+      ],
+    }],
     // Sort imports: React first, then npm packages, then local files, then CSS.
     "simple-import-sort/imports": [
       "error",
@@ -78,6 +95,17 @@ module.exports = {
           ["css$"]
         ]
       }
-    ]
+    ],
+    // Prevent imports from "src/...". VS Code adds these automatically, but they
+    // break when compiled.
+    "no-restricted-imports": [
+      "error",
+      {
+        "patterns": [{
+          group: ["src/*"],
+          message: "This import will break when compiled by tsc. Use a relative path instead, or \"../src/\" in test files."
+        }],
+      },
+    ],
   }
 };

.github/workflows/docker-build.yml

@@ -1,4 +1,16 @@
-name: Publish Docker image
+name: Build & deploy
+
+env:
+  # Change this to upload the built image to your own organization.
+  docker_tag: 'ghcr.io/tietokilta/ilmomasiina'
+
+  # Change these to customize your build.
+  branding_header_title_text: 'Tietokillan ilmomasiina'
+  branding_footer_gdpr_text: 'Tietosuoja'
+  branding_footer_gdpr_link: 'https://tietokilta.fi/kilta/hallinto/viralliset-asiat/rekisteriselosteet/'
+  branding_footer_home_text: 'Tietokilta.fi'
+  branding_footer_home_link: 'https://tietokilta.fi'
+  branding_login_placeholder_email: '[email protected]'
 
 on:
   push:
@@ -9,120 +21,94 @@ on:
       - 'v*'
 
 jobs:
+  lint:
+    name: Lint & type-check
+    uses: ./.github/workflows/lint.yml
+
   docker:
     name: Push Docker image to GitHub Packages
+    needs: lint
     runs-on: ubuntu-latest
     permissions:
       packages: write
       contents: read
+    # Change this to your repo name to build automatically on your fork.
+    if: github.repository == 'Tietokilta/ilmomasiina'
     steps:
-      -
-        name: Check out the repo
-        uses: actions/checkout@v3
-      -
-        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      -
-        name: Login to GHCR
-        uses: docker/login-action@v2
+
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GHCR
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      -
-        name: Generate Docker metadata
+
+      - name: Generate Docker metadata
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
-          images: ghcr.io/tietokilta/ilmomasiina
+          images: ${{ env.docker_tag }}
           flavor: |
             latest=${{ github.ref == 'refs/heads/prod' }}
           tags: |
             type=semver,pattern={{version}},enable=${{ github.ref_type == 'tag' }}
             type=semver,pattern={{major}}.{{minor}},enable=${{ github.ref_type == 'tag' }}
             type=ref,event=branch,enable=${{ github.ref_type == 'branch' }}
             type=sha
-      -
-        name: Push to GitHub Packages
-        uses: docker/build-push-action@v3
+
+      - name: Get version tag
+        id: get-version
+        run: echo "version=$(git describe --always --tags)" >> "$GITHUB_OUTPUT"
+
+      - name: Push to GitHub Packages
+        uses: docker/build-push-action@v5
         with:
           context: .
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+          # Customize your build here
           build-args: |
-            BRANDING_HEADER_TITLE_TEXT=Tietokillan ilmomasiina
-            BRANDING_FOOTER_GDPR_TEXT=Tietosuoja
-            BRANDING_FOOTER_GDPR_LINK=https://tietokilta.fi/kilta/hallinto/viralliset-asiat/rekisteriselosteet/
-            BRANDING_FOOTER_HOME_TEXT=Tietokilta.fi
-            BRANDING_FOOTER_HOME_LINK=https://tietokilta.fi
-
-  npm:
-    name: Publish JS packages
-    if: github.ref_type == 'tag'
-    runs-on: ubuntu-latest
-    permissions:
-      packages: write
-      contents: read
-    steps:
-      -
-        name: Check out the repo
-        uses: actions/checkout@v3
-      -
-        uses: pnpm/action-setup@v2
-        with:
-          version: 7
-      -
-        name: Setup Node.js for NPM
-        uses: actions/setup-node@v3
-        with:
-          registry-url: 'https://registry.npmjs.org'
-          node-version: '16'
-          cache: 'pnpm'
-      -
-        name: Install dependencies
-        run: |
-          npm install -g pnpm@7
-          pnpm install --frozen-lockfile --ignore-scripts
-      -
-        name: Build packages
-        run: |
-          pnpm run --filter @tietokilta/ilmomasiina-models build
-          pnpm run --filter @tietokilta/ilmomasiina-components build
-      -
-        name: Publish to NPM
-        run: |
-          pnpm publish --filter @tietokilta/ilmomasiina-models --no-git-checks --access public
-          pnpm publish --filter @tietokilta/ilmomasiina-components --no-git-checks --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-      -
-        name: Setup Node.js for GitHub Packages
-        uses: actions/setup-node@v3
-        with:
-          registry-url: 'https://npm.pkg.github.com'
-      -
-        name: Publish to GitHub Packages
-        run: |
-          pnpm publish --filter @tietokilta/ilmomasiina-models --no-git-checks --access public
-          pnpm publish --filter @tietokilta/ilmomasiina-components --no-git-checks --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+            BRANDING_HEADER_TITLE_TEXT=${{ env.branding_header_title_text }}
+            BRANDING_FOOTER_GDPR_TEXT=${{ env.branding_footer_gdpr_text }}
+            BRANDING_FOOTER_GDPR_LINK=${{ env.branding_footer_gdpr_link }}
+            BRANDING_FOOTER_HOME_TEXT=${{ env.branding_footer_home_text }}
+            BRANDING_FOOTER_HOME_LINK=${{ env.branding_footer_home_link }}
+            BRANDING_LOGIN_PLACEHOLDER_EMAIL=${{ env.branding_login_placeholder_email }}
+            VERSION=${{steps.get-version.outputs.version}}
 
+  # This is disabled on forks, you'll most likely need to modify it anyway for your usage
   deploy:
     name: Push update to App Service
     needs: docker
-    if: github.ref_type == 'branch'
+    if: github.ref_type == 'branch' && github.repository == 'Tietokilta/ilmomasiina'
     runs-on: ubuntu-latest
     environment: production
     steps:
-    -
-      name: Login via Azure CLI
+
+    - name: Login via Azure CLI
       uses: azure/login@v1
       with:
         creds: ${{ secrets.AZURE_CREDENTIALS }}
-    -
-      uses: azure/webapps-deploy@v2
+
+    - uses: azure/webapps-deploy@v3
       with:
         app-name: tik-ilmo-${{ github.ref_name }}-app
-        images: 'ghcr.io/tietokilta/ilmomasiina:${{ github.ref_name }}'
+        images: '${{ env.docker_tag }}:${{ github.ref_name }}'
+
+  # This is disabled on forks since you probably don't need to upload your own packages
+  npm:
+    name: Publish JS packages
+    needs: lint
+    permissions:
+      packages: write
+      contents: read
+    if: github.ref_type == 'tag' && github.repository == 'Tietokilta/ilmomasiina'
+    uses: ./.github/workflows/npm-build.yml
+    secrets: inherit