Merge pull request 'chore: promote dev to uat (CAR-1009)' (#25) from dev into uat

Fixes CAR-1009.

- Remove Docker Hub login step (not needed)
- Rename 'Log in to GHCR' → 'Log in to Gitea Container Registry'
- Use REGISTRY_TOKEN instead of GITEA_TOKEN for Gitea auth

Co-Authored-By: Paperclip <noreply@paperclip.ing>

.gitea/workflows/ci.yml

@@ -16,15 +16,15 @@ permissions:
   security-events: write
 
 env:
-  REGISTRY: ghcr.io
+  REGISTRY: git.farh.net
   IMAGE_NAME: cartsnitch/app
 
 jobs:
   lint:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
         with:
           node-version: "20"
           cache: npm
@@ -35,10 +35,10 @@ jobs:
         run: npx tsc --noEmit
 
   test:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
         with:
           node-version: "20"
           cache: npm
@@ -47,10 +47,10 @@ jobs:
         run: npx vitest run
 
   audit:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
         with:
           node-version: "20"
           cache: npm
@@ -59,10 +59,10 @@ jobs:
         run: npm audit --audit-level=high
 
   e2e:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
         with:
           node-version: "20"
           cache: npm
@@ -71,7 +71,7 @@ jobs:
       - run: npx playwright test
 
   build-and-push:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
     if: github.event_name == 'push'
     needs: [lint, test, e2e]
     outputs:
@@ -99,20 +99,13 @@ jobs:
           echo "version=$VERSION" >> "$GITHUB_OUTPUT"
           echo "CalVer tag: $VERSION"
 
-      - name: Log in to Docker Hub
-        if: github.event_name == 'push'
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Log in to GHCR
+      - name: Log in to Gitea Container Registry
         if: github.event_name == 'push'
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          password: ${{ secrets.REGISTRY_TOKEN }}
 
       - name: Extract metadata
         id: meta
@@ -124,37 +117,7 @@ jobs:
             type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }}
             type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
 
-      - name: Build Docker image
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          load: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          target: prod
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-
-      - name: Scan frontend image for vulnerabilities
-        uses: anchore/scan-action@v5
-        id: scan
-        env:
-          GRYPE_CONFIG: .grype.yaml
-        with:
-          image: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${{ github.sha }}"
-          fail-build: true
-          severity-cutoff: high
-          only-fixed: "true"
-          output-format: sarif
-
-      - name: Upload frontend scan results to GitHub Security
-        uses: github/codeql-action/upload-sarif@v3
-        if: always()
-        with:
-          sarif_file: ${{ steps.scan.outputs.sarif }}
-
-      - name: Push Docker image
-        if: github.event_name == 'push'
+      - name: Build and push Docker image
         uses: docker/build-push-action@v6
         with:
           context: .
@@ -163,6 +126,7 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
           target: prod
           cache-from: type=gha
+          cache-to: type=gha,mode=max
 
       - name: Create git tag
         if: github.event_name == 'push' && github.ref == 'refs/heads/main'
@@ -171,24 +135,15 @@ jobs:
           git push origin "v${{ steps.calver.outputs.version }}"
 
   deploy-dev:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
     needs: [build-and-push]
     if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/main')
     steps:
-      - name: Generate GitHub App token
-        id: app-token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.CARTSNITCH_APP_ID }}
-          private-key: ${{ secrets.CARTSNITCH_APP_PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: infra
-
       - name: Checkout infra repo
         uses: actions/checkout@v4
         with:
           repository: cartsnitch/infra
-          token: ${{ steps.app-token.outputs.token }}
+          token: ${{ secrets.GITEA_DEPLOY_KEY }}
           ref: main
           path: infra
 
@@ -211,7 +166,7 @@ jobs:
         if: needs.build-and-push.result == 'success'
         run: |
           cd infra/apps/overlays/dev
-          kustomize edit set image ghcr.io/cartsnitch/app:${{ steps.frontend_tag.outputs.tag }}
+          kustomize edit set image git.farh.net/cartsnitch/app:${{ steps.frontend_tag.outputs.tag }}
 
       - name: Commit and push to infra
         run: |
@@ -224,24 +179,15 @@ jobs:
           git push origin main
 
   deploy-uat:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
     needs: [build-and-push]
     if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/uat' || github.ref == 'refs/heads/main')
     steps:
-      - name: Generate GitHub App token
-        id: app-token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.CARTSNITCH_APP_ID }}
-          private-key: ${{ secrets.CARTSNITCH_APP_PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: infra
-
       - name: Checkout infra repo
         uses: actions/checkout@v4
         with:
           repository: cartsnitch/infra
-          token: ${{ steps.app-token.outputs.token }}
+          token: ${{ secrets.GITEA_DEPLOY_KEY }}
           ref: main
           path: infra
 
@@ -264,7 +210,7 @@ jobs:
         if: needs.build-and-push.result == 'success'
         run: |
           cd infra/apps/overlays/uat
-          kustomize edit set image ghcr.io/cartsnitch/app:${{ steps.frontend_tag.outputs.tag }}
+          kustomize edit set image git.farh.net/cartsnitch/app:${{ steps.frontend_tag.outputs.tag }}
 
       - name: Commit and push to infra
         run: |

e2e/journeys/j1-registration-login.spec.ts

@@ -4,7 +4,7 @@ import { mockAuthRoutes } from '../fixtures';
 const uniqueEmail = () => `betty+e2e-${Date.now()}@cartsnitch.test`;
 
 test.describe('J1: Registration and Login', () => {
-  test('can register a new account and see check your email screen', async ({ page }) => {
+  test('shows success message after registration', async ({ page }) => {
     await mockAuthRoutes(page, false);
     await page.goto('/register');
     await page.fill('[placeholder="Full Name"]', 'Betty Tester');
@@ -12,7 +12,7 @@ test.describe('J1: Registration and Login', () => {
     await page.fill('[placeholder="Password (min. 8 characters)"]', 'TestPass123!');
     await page.click('button[type="submit"]');
 
-    await expect(page.getByRole('heading', { name: /check your email/i })).toBeVisible();
+    await expect(page.locator('.bg-red-50')).toContainText('Account created! Please sign in.');
   });
 
   test('shows validation error when registration fields are empty', async ({ page }) => {
@@ -31,9 +31,18 @@ test.describe('J1: Registration and Login', () => {
   });
 
   test('can sign in with credentials and land on dashboard', async ({ page }) => {
+    await mockAuthRoutes(page, false);
+    const email = uniqueEmail();
+    await page.goto('/register');
+    await page.fill('[placeholder="Full Name"]', 'Betty Tester');
+    await page.fill('[placeholder="Email"]', email);
+    await page.fill('[placeholder="Password (min. 8 characters)"]', 'TestPass123!');
+    await page.click('button[type="submit"]');
+    await expect(page.locator('.bg-red-50')).toContainText('Account created! Please sign in.');
+
     await mockAuthRoutes(page, true);
     await page.goto('/login');
-    await page.fill('[placeholder="Email"]', 'test@cartsnitch.test');
+    await page.fill('[placeholder="Email"]', email);
     await page.fill('[placeholder="Password"]', 'TestPass123!');
     await page.click('button[type="submit"]');
 

package.json

@@ -48,10 +48,12 @@
     "vitest": "^3.2.4"
   },
   "overrides": {
+    "@babel/plugin-transform-modules-systemjs": ">=7.29.4",
     "@rollup/pluginutils": "5.3.0",
+    "brace-expansion": ">=1.1.15",
+    "fast-uri": ">=3.1.2",
     "flatted": "^3.4.2",
     "serialize-javascript": "7.0.5",
-    "brace-expansion": ">=1.1.13",
     "lodash": ">=4.17.24",
     "minimatch": "^10.2.4"
   }

src/pages/Register.tsx

@@ -8,9 +8,6 @@ export function Register() {
   const [password, setPassword] = useState('')
   const [error, setError] = useState('')
   const [loading, setLoading] = useState(false)
-  const [registrationComplete, setRegistrationComplete] = useState(false)
-  const [resendLoading, setResendLoading] = useState(false)
-  const [resendMessage, setResendMessage] = useState('')
 
   async function handleSubmit(e: React.FormEvent) {
     e.preventDefault()
@@ -38,7 +35,7 @@ export function Register() {
         throw new Error(authError.message ?? 'Registration failed')
       }
 
-      setRegistrationComplete(true)
+      setError('Account created! Please sign in.')
     } catch {
       setError('Registration failed. Please try again.')
     } finally {
@@ -46,49 +43,6 @@ export function Register() {
     }
   }
 
-  async function handleResendVerification() {
-    setResendLoading(true)
-    setResendMessage('')
-    try {
-      const { error } = await authClient.sendVerificationEmail({ email })
-      if (error) {
-        setResendMessage('Failed to resend. Please try again.')
-      } else {
-        setResendMessage('Verification email sent!')
-      }
-    } finally {
-      setResendLoading(false)
-    }
-  }
-
-  if (registrationComplete) {
-    return (
-      <div className="flex min-h-screen flex-col items-center justify-center px-4">
-        <h1 className="mb-2 text-3xl font-bold text-gray-900">Check your email</h1>
-        <p className="mb-8 text-sm text-gray-500">
-          We sent a verification link to {email}. Click it to activate your account.
-        </p>
-        <button
-          type="button"
-          onClick={handleResendVerification}
-          disabled={resendLoading}
-          className="min-h-12 rounded-xl bg-brand-blue px-6 py-3 text-base font-medium text-white active:bg-brand-blue/90 disabled:opacity-60"
-        >
-          {resendLoading ? 'Sending...' : 'Resend email'}
-        </button>
-        {resendMessage && (
-          <p className="mt-4 text-sm text-gray-500">{resendMessage}</p>
-        )}
-        <p className="mt-6 text-sm text-gray-500">
-          Already have an account?{' '}
-          <Link to="/login" className="text-brand-blue">
-            Sign in
-          </Link>
-        </p>
-      </div>
-    )
-  }
-
   return (
     <div className="flex min-h-screen flex-col items-center justify-center px-4">
       <h1 className="mb-2 text-3xl font-bold text-gray-900">Create Account</h1>

src/pages/VerifyEmail.tsx

@@ -16,7 +16,7 @@ export function VerifyEmail() {
     const callbackURL = searchParams.get("callbackURL") || "/";
 
     if (!token) {
-      setStatus("error");
+      queueMicrotask(() => setStatus("error"));
       return;
     }