Manually merge staging into master (#956)

* chore(deps): update dependency paranoia to v3 (#931)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Edited the env file (#944)

* edited the env file

* changed company name to UTF-8

* chore(deps): update dependency puma to '~> 6.4.0' [security] (#935)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update actions/delete-package-versions action to v5 (#906)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update dependency rails to v7.0.8.1 [security] (#918)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update docker/build-push-action action to v6 (#928)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update docker/login-action action to v3 (#886)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* feat(tests): add code coverage reporting (#891)

* feat(tests): add code coverage reporting

* fix: correct coverage path

* refactor: use simplecov-lcov

* fix: indentation in Gemfile.lock

* fix: remove test filters

* feat(README): add badge

* refactor: try tokenless report uploading

* chore: update codecov-action

* chore: update codecov-action

* fix(cd): pass CODECOV_TOKEN To ci

* Revert "chore(deps): update docker/login-action action to v3 (#886)" (#951)

This reverts commit d546681. due to CI failure

* chore(deps): update codecov/codecov-action action to v5 (#950)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update dependency puma to v6.4.3 [security] (#948)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update actions/upload-artifact action to v4 (#949)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Refractor/tomato to sofia (#947)

* Intial commit

* updated apliction.rb

* Fixed mistake in credentials

* Made it so the file is backwards compatiable

* Fixed a typo

* Update amber_oauth2.rb

remove tomato paramater

* Remove development title lux ad mosam (#946)

* intial commit

* Fix typo

* update tomato to sofia

* updated with suggestion

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: lodewiges <[email protected]>
Co-authored-by: Guido de Jong <[email protected]>

.env.example

@@ -18,10 +18,10 @@ TREASURER_NAME=
 TREASURER_PHONE=
 
 AUTHORIZE_URL=/oauth/authorize
-TOKEN_URL=/oauth/token
-ME_URL=/oauth/me
+TOKEN_URL=/api/v1/oauth/token
+ME_URL=/api/v1/users?filter[me]&include="active_groups"
 
-COMPANY_NAME=Stichting Sociëteit Flux
+COMPANY_NAME=Stichting Societeit Flux
 COMPANY_IBAN=NL68 INGB 0008 1654 20
 COMPANY_ADDRESS=Oude Markt 24-3, 7511 GB Enschede
 COMPANY_WEBSITE=https://societeitflux.nl

.github/workflows/cleanup-registry.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Delete untagged images
-        uses: actions/delete-package-versions@0d39a63126868f5eefaa47169615edd3c0f61e20 # v4.1.1
+        uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5.0.0
         with:
           package-name: ${{ github.event.repository.name }}
           package-type: container

.github/workflows/continuous-delivery.yml

@@ -124,6 +124,7 @@ jobs:
     with:
       sha: ${{ needs.merge.outputs.sha }}
     secrets:
+      codecov_token: ${{ secrets.CODECOV_TOKEN }}
       rails_master_key: ${{ secrets.RAILS_MASTER_KEY }}
 
   publish_image:

.github/workflows/continuous-integration.yml

@@ -12,6 +12,9 @@ on:
         required: false
         type: string
     secrets:
+      codecov_token:
+        description: Codecov token
+        required: true
       rails_master_key:
         description: The Rails master key
         required: true
@@ -119,5 +122,21 @@ jobs:
         env:
           RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
         run: |
+          mkdir coverage
           docker run -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=postgres -e POSTGRES_HOST=localhost -e \
-            RAILS_MASTER_KEY --network=host app bin/ci.sh spec
+            RAILS_MASTER_KEY --network=host -v "$(pwd)"'/coverage:/app/coverage' app bin/ci.sh spec
+
+      - name: Upload coverage report to Codecov
+        if: ${{ !cancelled() }}
+        uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7
+        with:
+          fail_ci_if_error: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Upload coverage report artifact
+        if: ${{ !cancelled() }}
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        with:
+          name: coverage
+          path: coverage/
+          if-no-files-found: error

.github/workflows/publish-image.yml

@@ -68,7 +68,7 @@ jobs:
 
       - name: Build and push image
         id: build_push_image
-        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
+        uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
         with:
           push: true
           context: .

Gemfile

@@ -21,9 +21,9 @@ gem 'omniauth', '~> 2.0.0'
 gem 'omniauth-oauth2', '~> 1.7.0'
 gem 'omniauth-rails_csrf_protection', '~> 1.0'
 gem 'paper_trail', '~> 14.0.0'
-gem 'paranoia', '~> 2.6.0'
+gem 'paranoia', '~> 3.0.0'
 gem 'pg', '~> 1.3.0'
-gem 'puma', '~> 6.1.1'
+gem 'puma', '~> 6.4.0'
 gem 'pundit', '~> 2.2.0'
 gem 'rack-attack', '~> 6.6.0'
 gem 'rails', '~> 7.0.4', '>= 7.0.4.3'
@@ -79,6 +79,7 @@ group :test do
   gem 'rubocop-rails'
   gem 'rubocop-rspec'
   gem 'simplecov', require: false
+  gem 'simplecov-lcov', '~> 0.8.0', require: false
   gem 'terminal-notifier-guard'
   gem 'timecop'
 end