feat: update code from site15

Author: EndyKaufman

.kubernetes/set-env.sh

@@ -3,12 +3,7 @@ set -e
 
 export REPOSITORY=nestjs-mod/nestjs-mod-sso
 export REGISTRY=ghcr.io
-export BASE_SINGLE_SIGN_ON_IMAGE_NAME="${REPOSITORY}-base-server"
-export BUILDER_IMAGE_NAME="${REPOSITORY}-builder"
-export MIGRATIONS_IMAGE_NAME="${REPOSITORY}-migrations"
 export SINGLE_SIGN_ON_IMAGE_NAME="${REPOSITORY}-server"
-export NGINX_IMAGE_NAME="${REPOSITORY}-nginx"
-export E2E_TESTS_IMAGE_NAME="${REPOSITORY}-e2e-tests"
 export COMPOSE_INTERACTIVE_NO_CLI=1
 export NX_DAEMON=false
 export NX_PARALLEL=1
@@ -28,70 +23,88 @@ fi
 
 # node
 if [ -z "${NAMESPACE}" ]; then
-    export NAMESPACE=sso
+    echo "Error: NAMESPACE not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 
 # common
 if [ -z "${SINGLE_SIGN_ON_DOMAIN}" ]; then
-    export SINGLE_SIGN_ON_DOMAIN=example.com
+    echo "Error: SINGLE_SIGN_ON_DOMAIN not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 
 # server
 if [ -z "${SINGLE_SIGN_ON_PORT}" ]; then
-    export SINGLE_SIGN_ON_PORT=9191
+    echo "Error: SINGLE_SIGN_ON_PORT not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 
 # server: webhook database
 if [ -z "${SINGLE_SIGN_ON_WEBHOOK_DATABASE_PASSWORD}" ]; then
-    export SINGLE_SIGN_ON_WEBHOOK_DATABASE_PASSWORD=webhook_password
+    echo "Error: SINGLE_SIGN_ON_WEBHOOK_DATABASE_PASSWORD not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_WEBHOOK_DATABASE_USERNAME}" ]; then
-    export SINGLE_SIGN_ON_WEBHOOK_DATABASE_USERNAME=${NAMESPACE}_webhook
+    echo "Error: SINGLE_SIGN_ON_WEBHOOK_DATABASE_USERNAME not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_WEBHOOK_DATABASE_NAME}" ]; then
-    export SINGLE_SIGN_ON_WEBHOOK_DATABASE_NAME=${NAMESPACE}_webhook
+    echo "Error: SINGLE_SIGN_ON_WEBHOOK_DATABASE_NAME not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 
 # server: sso database
 if [ -z "${SINGLE_SIGN_ON_SSO_DATABASE_PASSWORD}" ]; then
-    export SINGLE_SIGN_ON_SSO_DATABASE_PASSWORD=sso_password
+    echo "Error: SINGLE_SIGN_ON_SSO_DATABASE_PASSWORD not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_SSO_DATABASE_USERNAME}" ]; then
-    export SINGLE_SIGN_ON_SSO_DATABASE_USERNAME=${NAMESPACE}_sso
+    echo "Error: SINGLE_SIGN_ON_SSO_DATABASE_USERNAME not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_SSO_DATABASE_NAME}" ]; then
-    export SINGLE_SIGN_ON_SSO_DATABASE_NAME=${NAMESPACE}_sso
+    echo "Error: SINGLE_SIGN_ON_SSO_DATABASE_NAME not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 
 # server: notifications database
 if [ -z "${SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_PASSWORD}" ]; then
-    export SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_PASSWORD=notifications_password
+    echo "Error: SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_PASSWORD not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_USERNAME}" ]; then
-    export SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_USERNAME=${NAMESPACE}_notifications
+    echo "Error: SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_USERNAME not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_NAME}" ]; then
-    export SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_NAME=${NAMESPACE}_notifications
+    echo "Error: SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_NAME not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 
 # server: two factor database
 if [ -z "${SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_PASSWORD}" ]; then
-    export SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_PASSWORD=two_factor_password
+    echo "Error: SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_PASSWORD not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_USERNAME}" ]; then
-    export SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_USERNAME=${NAMESPACE}_two_factor
+    echo "Error: SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_USERNAME not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_NAME}" ]; then
-    export SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_NAME=${NAMESPACE}_two_factor
+    echo "Error: SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_NAME not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 
 # database
 if [ -z "${SINGLE_SIGN_ON_POSTGRE_SQL_POSTGRESQL_USERNAME}" ]; then
-    export SINGLE_SIGN_ON_POSTGRE_SQL_POSTGRESQL_USERNAME=postgres
+    echo "Error: SINGLE_SIGN_ON_POSTGRE_SQL_POSTGRESQL_USERNAME not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_POSTGRE_SQL_POSTGRESQL_PASSWORD}" ]; then
-    export SINGLE_SIGN_ON_POSTGRE_SQL_POSTGRESQL_PASSWORD=postgres_password
+    echo "Error: SINGLE_SIGN_ON_POSTGRE_SQL_POSTGRESQL_PASSWORD not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi
 if [ -z "${SINGLE_SIGN_ON_POSTGRE_SQL_POSTGRESQL_DATABASE}" ]; then
-    export SINGLE_SIGN_ON_POSTGRE_SQL_POSTGRESQL_DATABASE=postgres
+    echo "Error: SINGLE_SIGN_ON_POSTGRE_SQL_POSTGRESQL_DATABASE not!" >&2 # Redirect error message to stderr
+    exit 1 # Exit with an error code
 fi

.kubernetes/templates/docker-compose-infra.yml

@@ -27,5 +27,4 @@ services:
       - 'nestjs-mod-sso-postgre-sql-volume:/bitnami/postgresql'
 volumes:
   nestjs-mod-sso-postgre-sql-volume:
-    external: true
     name: 'nestjs-mod-sso-postgre-sql-volume'

.kubernetes/templates/node/8.issuer.yaml

@@ -5,7 +5,7 @@ metadata:
   namespace: cert-manager
 spec:
   acme:
-    email: [email protected]
+    email: %SINGLE_SIGN_ON_SSO_ADMIN_EMAIL%
     server: https://acme-v02.api.letsencrypt.org/directory
     privateKeySecretRef:
       name: letsencrypt-prod

.kubernetes/templates/server/1.configmap.yaml

@@ -11,8 +11,8 @@ data:
   SINGLE_SIGN_ON_SSO_DATABASE_URL: 'postgres://%SINGLE_SIGN_ON_SSO_DATABASE_USERNAME%:%SINGLE_SIGN_ON_SSO_DATABASE_PASSWORD%@10.0.1.1:5432/%SINGLE_SIGN_ON_SSO_DATABASE_NAME%?schema=public'
   SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_URL: 'postgres://%SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_USERNAME%:%SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_PASSWORD%@10.0.1.1:5432/%SINGLE_SIGN_ON_NOTIFICATIONS_DATABASE_NAME%?schema=public'
   SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_URL: 'postgres://%SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_USERNAME%:%SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_PASSWORD%@10.0.1.1:5432/%SINGLE_SIGN_ON_TWO_FACTOR_DATABASE_NAME%?schema=public'
-  SINGLE_SIGN_ON_SSO_ADMIN_EMAIL: '[email protected]'
-  SINGLE_SIGN_ON_SSO_ADMIN_USERNAME: 'admin'
+  SINGLE_SIGN_ON_SSO_ADMIN_EMAIL: '%SINGLE_SIGN_ON_SSO_ADMIN_EMAIL%'
+  SINGLE_SIGN_ON_SSO_ADMIN_USERNAME: '%SINGLE_SIGN_ON_SSO_ADMIN_USERNAME%'
   SINGLE_SIGN_ON_SSO_ADMIN_PASSWORD: '%SINGLE_SIGN_ON_SSO_ADMIN_PASSWORD%'
   SINGLE_SIGN_ON_SSO_ADMIN_SECRET: '%SINGLE_SIGN_ON_SSO_ADMIN_SECRET%'
   SINGLE_SIGN_ON_MINIO_SERVER_HOST: '%NAMESPACE%-minio.%NAMESPACE%'
@@ -24,5 +24,8 @@ data:
   SINGLE_SIGN_ON_SSO_SERVER_URL: 'https://%SINGLE_SIGN_ON_DOMAIN%'
   SINGLE_SIGN_ON_SSO_GOOGLE_OAUTH_CLIENT_ID: '%SINGLE_SIGN_ON_SSO_GOOGLE_OAUTH_CLIENT_ID%'
   SINGLE_SIGN_ON_SSO_GOOGLE_OAUTH_CLIENT_SECRET_KEY: '%SINGLE_SIGN_ON_SSO_GOOGLE_OAUTH_CLIENT_SECRET_KEY%'
-  SINGLE_SIGN_ON_SSO_DEFAULT_PUBLIC_TENANTS: 'Beijing:ru=Пекин,Jq6GQ6Rzz6x8HNOD4x2Hc2eM0cfiCVUzGfsi,X6nk0OZXQJboSEfugnH35e9oSeg5RFlV0DQprtYyYDQjNli9mA;Moscow:ru=Москва,OceX08HGZ89PTkPpg9KDk5ErY1uMfDcfFKkw,VJztpDIwvqG6IkTVEIDEw1Ed2Wu5oHu6zfBe7CCJFrCtyWO2Yv;New York:ru=Нью-Йорк,4OGD25Rmn3W3MP0kMd7c90rGP1WwK8u4wL1w,qm8nc9MgKyvd6Hgl3jY5BjgDFSBqNvxcu6o52kDjIC168OsM1R;'
-  SINGLE_SIGN_ON_SSO_DEFAULT_TENANT: 'default:ru=по умолчанию,KzMRNEZTetzatIgQPVSDYfeGyaZrbLzkcxNc,qaHkVpAtUVIpDdLXMlAOzsBfMRJblWoHpXguYQRBuSEBpGKbWt'
+  SINGLE_SIGN_ON_SSO_DEFAULT_PUBLIC_TENANTS: '%SINGLE_SIGN_ON_SSO_DEFAULT_PUBLIC_TENANTS%'
+  SINGLE_SIGN_ON_SSO_DEFAULT_TENANT: '%SINGLE_SIGN_ON_SSO_DEFAULT_TENANT%'
+  SINGLE_SIGN_ON_NOTIFICATIONS_MAIL_TRANSPORT: '%SINGLE_SIGN_ON_NOTIFICATIONS_MAIL_TRANSPORT%'
+  SINGLE_SIGN_ON_NOTIFICATIONS_MAIL_DEFAULT_SENDER_NAME: '%SINGLE_SIGN_ON_NOTIFICATIONS_MAIL_DEFAULT_SENDER_NAME%'
+  SINGLE_SIGN_ON_NOTIFICATIONS_MAIL_DEFAULT_SENDER_EMAIL: '%SINGLE_SIGN_ON_NOTIFICATIONS_MAIL_DEFAULT_SENDER_EMAIL%'

app-swagger.json

@@ -1,6 +1,5 @@
 import { nxE2EPreset } from '@nx/playwright/preset';
 import { defineConfig, devices } from '@playwright/test';
-import { execSync } from 'child_process';
 import { config } from 'dotenv';
 import { existsSync } from 'fs';
 import { join } from 'path';
@@ -34,9 +33,9 @@ export default defineConfig({
   /* Run tests in files in parallel */
   fullyParallel: false,
   workers: 1,
-  maxFailures: 10,
-  retries: 3,
-  timeout: 120 * 1000,
+  maxFailures: 4,
+  retries: 2,
+  timeout: 30 * 1000,
   reporter: [['list']],
   /* Shared settings for all the projects below. See https://playwright.dev/docs/api/class-testoptions. */
   use: {

apps/client-e2e/playwright.config.ts

@@ -14,6 +14,7 @@ test.describe('Work with profile as "User" role', () => {
     password: faker.internet.password({ length: 8 }),
     site: `http://${faker.internet.domainName()}`,
   };
+
   let page: Page;
 
   test.beforeAll(async ({ browser }) => {
@@ -34,6 +35,10 @@ test.describe('Work with profile as "User" role', () => {
       (minioURL) => localStorage.setItem('minioURL', minioURL),
       get('SINGLE_SIGN_ON_MINIO_URL').required().asString(),
     );
+    await page.evaluate(
+      (code) => localStorage.setItem('x-skip-email-verification', code),
+      get('SINGLE_SIGN_ON_SSO_ADMIN_SECRET').required().asString(),
+    );
   });
 
   test.afterAll(async () => {

apps/client-e2e/src/profile-as-user.spec.ts

@@ -14,6 +14,7 @@ test.describe('Validation with store lang in db (ru)', () => {
     password: faker.internet.password({ length: 8 }),
     site: `http://${faker.internet.domainName()}`,
   };
+
   let page: Page;
 
   test.beforeAll(async ({ browser }) => {
@@ -34,6 +35,10 @@ test.describe('Validation with store lang in db (ru)', () => {
       (minioURL) => localStorage.setItem('minioURL', minioURL),
       get('SINGLE_SIGN_ON_MINIO_URL').required().asString(),
     );
+    await page.evaluate(
+      (code) => localStorage.setItem('x-skip-email-verification', code),
+      get('SINGLE_SIGN_ON_SSO_ADMIN_SECRET').required().asString(),
+    );
   });
 
   test.afterAll(async () => {

apps/client-e2e/src/ru-validation-with-store-lang-in-db.spec.ts

@@ -34,6 +34,10 @@ test.describe('Validation (ru)', () => {
       (minioURL) => localStorage.setItem('minioURL', minioURL),
       get('SINGLE_SIGN_ON_MINIO_URL').required().asString(),
     );
+    await page.evaluate(
+      (code) => localStorage.setItem('x-skip-email-verification', code),
+      get('SINGLE_SIGN_ON_SSO_ADMIN_SECRET').required().asString(),
+    );
   });
 
   test.afterAll(async () => {

apps/client-e2e/src/ru-validation.spec.ts

@@ -16,6 +16,7 @@ test.describe('Work with profile as "User" role (timezone', () => {
     password: faker.internet.password({ length: 8 }),
     site: `http://${faker.internet.domainName()}`,
   };
+
   let page: Page;
 
   test.beforeAll(async ({ browser }) => {
@@ -36,6 +37,10 @@ test.describe('Work with profile as "User" role (timezone', () => {
       (minioURL) => localStorage.setItem('minioURL', minioURL),
       get('SINGLE_SIGN_ON_MINIO_URL').required().asString(),
     );
+    await page.evaluate(
+      (code) => localStorage.setItem('x-skip-email-verification', code),
+      get('SINGLE_SIGN_ON_SSO_ADMIN_SECRET').required().asString(),
+    );
   });
 
   test.afterAll(async () => {