cartsnitch/app
12
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: cartsnitch/app:main
Branches Tags
cartsnitch/app:main cartsnitch/app:dev cartsnitch/app:betty/car-1147-fix-infra-403 cartsnitch/app:uat cartsnitch/app:betty/car-1022-direct-test cartsnitch/app:betty/car-1009-ghcr-gitea-migration cartsnitch/app:barcode-betty/ghcr-to-gitea-registry cartsnitch/app:betty/delete-stale-ci-yml cartsnitch/app:betty/car-987-fix-ci-docker-socket-and-infra-403 cartsnitch/app:barcode-betty/car-964-full cartsnitch/app:barcode-betty/car-964-gitea-registry-v2 cartsnitch/app:betty/car-964-gitea-registry-v2 cartsnitch/app:barcode-betty/gitea-registry cartsnitch/app:disable-lighthouse-ci-v2 cartsnitch/app:disable-lighthouse-ci cartsnitch/app:betty/car-935-fix-setup-node cartsnitch/app:barcode-betty/move-workflows-to-gitea cartsnitch/app:betty/car-869-gitea-actions-app
cartsnitch/app:v2026.04.19
..
pull from: cartsnitch/app:disable-lighthouse-ci
Branches Tags
cartsnitch/app:dev cartsnitch/app:betty/car-1147-fix-infra-403 cartsnitch/app:main cartsnitch/app:uat cartsnitch/app:betty/car-1022-direct-test cartsnitch/app:betty/car-1009-ghcr-gitea-migration cartsnitch/app:barcode-betty/ghcr-to-gitea-registry cartsnitch/app:betty/delete-stale-ci-yml cartsnitch/app:betty/car-987-fix-ci-docker-socket-and-infra-403 cartsnitch/app:barcode-betty/car-964-full cartsnitch/app:barcode-betty/car-964-gitea-registry-v2 cartsnitch/app:betty/car-964-gitea-registry-v2 cartsnitch/app:barcode-betty/gitea-registry cartsnitch/app:disable-lighthouse-ci-v2 cartsnitch/app:disable-lighthouse-ci cartsnitch/app:betty/car-935-fix-setup-node cartsnitch/app:barcode-betty/move-workflows-to-gitea cartsnitch/app:betty/car-869-gitea-actions-app
cartsnitch/app:v2026.04.19

1 Commits
main .. disable-lighthouse-ci

Author SHA1 Message Date
Gandalf the Greybeard 87fcb154ec ci: disable lighthouse job (CAR-938)
CI / lint (pull_request) Has been cancelled
Details
CI / test (pull_request) Has been cancelled
Details
CI / audit (pull_request) Has been cancelled
Details
CI / e2e (pull_request) Has been cancelled
Details
CI / build-and-push (pull_request) Has been cancelled
Details
CI / deploy-dev (pull_request) Has been cancelled
Details
CI / deploy-uat (pull_request) Has been cancelled
Details 
Remove lighthouse job from CI as lhci crashes silently in Gitea Actions environment.
CTO decision to unblock PR #11 merge and dev->uat promotion.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-21 20:57:50 +00:00
7 changed files with 1046 additions and 928 deletions
Expand all files Collapse all files
.gitea/workflows/ci.yml → .github/workflows/ci.yml
+74 -20
View File
@@ -16,15 +16,15 @@ permissions:
security-events: write security-events: write
env: env:
REGISTRY: git.farh.net REGISTRY: ghcr.io
IMAGE_NAME: cartsnitch/app IMAGE_NAME: cartsnitch/app
jobs: jobs:
lint: lint:
runs-on: ubuntu-latest runs-on: runners-cartsnitch
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 - uses: actions/setup-node@v4
with: with:
node-version: "20" node-version: "20"
cache: npm cache: npm
@@ -35,10 +35,10 @@ jobs:
run: npx tsc --noEmit run: npx tsc --noEmit
test: test:
runs-on: ubuntu-latest runs-on: runners-cartsnitch
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 - uses: actions/setup-node@v4
with: with:
node-version: "20" node-version: "20"
cache: npm cache: npm
@@ -47,10 +47,10 @@ jobs:
run: npx vitest run run: npx vitest run
audit: audit:
runs-on: ubuntu-latest runs-on: runners-cartsnitch
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 - uses: actions/setup-node@v4
with: with:
node-version: "20" node-version: "20"
cache: npm cache: npm
@@ -59,10 +59,10 @@ jobs:
run: npm audit --audit-level=high run: npm audit --audit-level=high
e2e: e2e:
runs-on: ubuntu-latest runs-on: runners-cartsnitch
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 - uses: actions/setup-node@v4
with: with:
node-version: "20" node-version: "20"
cache: npm cache: npm
@@ -71,7 +71,7 @@ jobs:
- run: npx playwright test - run: npx playwright test
build-and-push: build-and-push:
runs-on: ubuntu-latest runs-on: runners-cartsnitch
if: github.event_name == 'push' if: github.event_name == 'push'
needs: [lint, test, e2e] needs: [lint, test, e2e]
outputs: outputs:
@@ -99,13 +99,20 @@ jobs:
echo "version=$VERSION" >> "$GITHUB_OUTPUT" echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "CalVer tag: $VERSION" echo "CalVer tag: $VERSION"
- name: Log in to Gitea Container Registry - name: Log in to Docker Hub
if: github.event_name == 'push'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log in to GHCR
if: github.event_name == 'push' if: github.event_name == 'push'
uses: docker/login-action@v3 uses: docker/login-action@v3
with: with:
registry: ${{ env.REGISTRY }} registry: ${{ env.REGISTRY }}
username: ${{ github.actor }} username: ${{ github.actor }}
password: ${{ secrets.REGISTRY_TOKEN }} password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata - name: Extract metadata
id: meta id: meta
@@ -117,7 +124,37 @@ jobs:
type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }}
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
- name: Build and push Docker image - name: Build Docker image
uses: docker/build-push-action@v6
with:
context: .
load: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
target: prod
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Scan frontend image for vulnerabilities
uses: anchore/scan-action@v5
id: scan
env:
GRYPE_CONFIG: .grype.yaml
with:
image: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${{ github.sha }}"
fail-build: true
severity-cutoff: high
only-fixed: "true"
output-format: sarif
- name: Upload frontend scan results to GitHub Security
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
- name: Push Docker image
if: github.event_name == 'push'
uses: docker/build-push-action@v6 uses: docker/build-push-action@v6
with: with:
context: . context: .
@@ -126,7 +163,6 @@ jobs:
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
target: prod target: prod
cache-from: type=gha cache-from: type=gha
cache-to: type=gha,mode=max
- name: Create git tag - name: Create git tag
if: github.event_name == 'push' && github.ref == 'refs/heads/main' if: github.event_name == 'push' && github.ref == 'refs/heads/main'
@@ -135,15 +171,24 @@ jobs:
git push origin "v${{ steps.calver.outputs.version }}" git push origin "v${{ steps.calver.outputs.version }}"
deploy-dev: deploy-dev:
runs-on: ubuntu-latest runs-on: runners-cartsnitch
needs: [build-and-push] needs: [build-and-push]
if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/main') if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/main')
steps: steps:
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ secrets.CARTSNITCH_APP_ID }}
private-key: ${{ secrets.CARTSNITCH_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
repositories: infra
- name: Checkout infra repo - name: Checkout infra repo
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
repository: cartsnitch/infra repository: cartsnitch/infra
token: ${{ secrets.GITEA_DEPLOY_KEY }} token: ${{ steps.app-token.outputs.token }}
ref: main ref: main
path: infra path: infra
@@ -166,7 +211,7 @@ jobs:
if: needs.build-and-push.result == 'success' if: needs.build-and-push.result == 'success'
run: | run: |
cd infra/apps/overlays/dev cd infra/apps/overlays/dev
kustomize edit set image git.farh.net/cartsnitch/app:${{ steps.frontend_tag.outputs.tag }} kustomize edit set image ghcr.io/cartsnitch/app:${{ steps.frontend_tag.outputs.tag }}
- name: Commit and push to infra - name: Commit and push to infra
run: | run: |
@@ -179,15 +224,24 @@ jobs:
git push origin main git push origin main
deploy-uat: deploy-uat:
runs-on: ubuntu-latest runs-on: runners-cartsnitch
needs: [build-and-push] needs: [build-and-push]
if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/uat' || github.ref == 'refs/heads/main') if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/uat' || github.ref == 'refs/heads/main')
steps: steps:
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ secrets.CARTSNITCH_APP_ID }}
private-key: ${{ secrets.CARTSNITCH_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
repositories: infra
- name: Checkout infra repo - name: Checkout infra repo
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
repository: cartsnitch/infra repository: cartsnitch/infra
token: ${{ secrets.GITEA_DEPLOY_KEY }} token: ${{ steps.app-token.outputs.token }}
ref: main ref: main
path: infra path: infra
@@ -210,7 +264,7 @@ jobs:
if: needs.build-and-push.result == 'success' if: needs.build-and-push.result == 'success'
run: | run: |
cd infra/apps/overlays/uat cd infra/apps/overlays/uat
kustomize edit set image git.farh.net/cartsnitch/app:${{ steps.frontend_tag.outputs.tag }} kustomize edit set image ghcr.io/cartsnitch/app:${{ steps.frontend_tag.outputs.tag }}
- name: Commit and push to infra - name: Commit and push to infra
run: | run: |
.mcp.json
-11
View File
@@ -1,11 +0,0 @@
{
"mcpServers": {
"gitea": {
"type": "http",
"url": "https://git-mcp.farh.net/mcp",
"headers": {
"Authorization": "Bearer ${GITEA_TOKEN}"
}
}
}
}
e2e/journeys/j1-registration-login.spec.ts
+3 -12
View File
@@ -4,7 +4,7 @@ import { mockAuthRoutes } from '../fixtures';
const uniqueEmail = () => `betty+e2e-${Date.now()}@cartsnitch.test`; const uniqueEmail = () => `betty+e2e-${Date.now()}@cartsnitch.test`;
test.describe('J1: Registration and Login', () => { test.describe('J1: Registration and Login', () => {
test('shows success message after registration', async ({ page }) => { test('can register a new account and see check your email screen', async ({ page }) => {
await mockAuthRoutes(page, false); await mockAuthRoutes(page, false);
await page.goto('/register'); await page.goto('/register');
await page.fill('[placeholder="Full Name"]', 'Betty Tester'); await page.fill('[placeholder="Full Name"]', 'Betty Tester');
@@ -12,7 +12,7 @@ test.describe('J1: Registration and Login', () => {
await page.fill('[placeholder="Password (min. 8 characters)"]', 'TestPass123!'); await page.fill('[placeholder="Password (min. 8 characters)"]', 'TestPass123!');
await page.click('button[type="submit"]'); await page.click('button[type="submit"]');
await expect(page.locator('.bg-red-50')).toContainText('Account created! Please sign in.'); await expect(page.getByRole('heading', { name: /check your email/i })).toBeVisible();
}); });
test('shows validation error when registration fields are empty', async ({ page }) => { test('shows validation error when registration fields are empty', async ({ page }) => {
@@ -31,18 +31,9 @@ test.describe('J1: Registration and Login', () => {
}); });
test('can sign in with credentials and land on dashboard', async ({ page }) => { test('can sign in with credentials and land on dashboard', async ({ page }) => {
await mockAuthRoutes(page, false);
const email = uniqueEmail();
await page.goto('/register');
await page.fill('[placeholder="Full Name"]', 'Betty Tester');
await page.fill('[placeholder="Email"]', email);
await page.fill('[placeholder="Password (min. 8 characters)"]', 'TestPass123!');
await page.click('button[type="submit"]');
await expect(page.locator('.bg-red-50')).toContainText('Account created! Please sign in.');
await mockAuthRoutes(page, true); await mockAuthRoutes(page, true);
await page.goto('/login'); await page.goto('/login');
await page.fill('[placeholder="Email"]', email); await page.fill('[placeholder="Email"]', 'test@cartsnitch.test');
await page.fill('[placeholder="Password"]', 'TestPass123!'); await page.fill('[placeholder="Password"]', 'TestPass123!');
await page.click('button[type="submit"]'); await page.click('button[type="submit"]');
package-lock.json
Generated
+920 -880
View File
File diff suppressed because it is too large Load Diff
package.json
+1 -3
View File
@@ -48,12 +48,10 @@
"vitest": "^3.2.4" "vitest": "^3.2.4"
}, },
"overrides": { "overrides": {
"@babel/plugin-transform-modules-systemjs": ">=7.29.4",
"@rollup/pluginutils": "5.3.0", "@rollup/pluginutils": "5.3.0",
"brace-expansion": ">=1.1.15",
"fast-uri": ">=3.1.2",
"flatted": "^3.4.2", "flatted": "^3.4.2",
"serialize-javascript": "7.0.5", "serialize-javascript": "7.0.5",
"brace-expansion": ">=1.1.13",
"lodash": ">=4.17.24", "lodash": ">=4.17.24",
"minimatch": "^10.2.4" "minimatch": "^10.2.4"
} }
src/pages/Register.tsx
+47 -1
View File
@@ -8,6 +8,9 @@ export function Register() {
const [password, setPassword] = useState('') const [password, setPassword] = useState('')
const [error, setError] = useState('') const [error, setError] = useState('')
const [loading, setLoading] = useState(false) const [loading, setLoading] = useState(false)
const [registrationComplete, setRegistrationComplete] = useState(false)
const [resendLoading, setResendLoading] = useState(false)
const [resendMessage, setResendMessage] = useState('')
async function handleSubmit(e: React.FormEvent) { async function handleSubmit(e: React.FormEvent) {
e.preventDefault() e.preventDefault()
@@ -35,7 +38,7 @@ export function Register() {
throw new Error(authError.message ?? 'Registration failed') throw new Error(authError.message ?? 'Registration failed')
} }
setError('Account created! Please sign in.') setRegistrationComplete(true)
} catch { } catch {
setError('Registration failed. Please try again.') setError('Registration failed. Please try again.')
} finally { } finally {
@@ -43,6 +46,49 @@ export function Register() {
} }
} }
async function handleResendVerification() {
setResendLoading(true)
setResendMessage('')
try {
const { error } = await authClient.sendVerificationEmail({ email })
if (error) {
setResendMessage('Failed to resend. Please try again.')
} else {
setResendMessage('Verification email sent!')
}
} finally {
setResendLoading(false)
}
}
if (registrationComplete) {
return (
<div className="flex min-h-screen flex-col items-center justify-center px-4">
<h1 className="mb-2 text-3xl font-bold text-gray-900">Check your email</h1>
<p className="mb-8 text-sm text-gray-500">
We sent a verification link to {email}. Click it to activate your account.
</p>
<button
type="button"
onClick={handleResendVerification}
disabled={resendLoading}
className="min-h-12 rounded-xl bg-brand-blue px-6 py-3 text-base font-medium text-white active:bg-brand-blue/90 disabled:opacity-60"
>
{resendLoading ? 'Sending...' : 'Resend email'}
</button>
{resendMessage && (
<p className="mt-4 text-sm text-gray-500">{resendMessage}</p>
)}
<p className="mt-6 text-sm text-gray-500">
Already have an account?{' '}
<Link to="/login" className="text-brand-blue">
Sign in
</Link>
</p>
</div>
)
}
return ( return (
<div className="flex min-h-screen flex-col items-center justify-center px-4"> <div className="flex min-h-screen flex-col items-center justify-center px-4">
<h1 className="mb-2 text-3xl font-bold text-gray-900">Create Account</h1> <h1 className="mb-2 text-3xl font-bold text-gray-900">Create Account</h1>
src/pages/VerifyEmail.tsx
+1 -1
View File
@@ -16,7 +16,7 @@ export function VerifyEmail() {
const callbackURL = searchParams.get("callbackURL") || "/"; const callbackURL = searchParams.get("callbackURL") || "/";
if (!token) { if (!token) {
queueMicrotask(() => setStatus("error")); setStatus("error");
return; return;
} }