Hartmut/Nexus
1
0
Fork 0
Code Issues 11 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
01f8974314528cbacfbd2882a4152683732ad5b7
Nexus/apps/web/e2e/dev-system/global-setup.ts
T
Hartmut 01f8974314
CI / Architecture Guardrails (pull_request) Successful in 2m59s
Details
CI / Typecheck (pull_request) Successful in 6m41s
Details
CI / Lint (pull_request) Successful in 4m18s
Details
CI / Assistant Split Regression (pull_request) Successful in 5m6s
Details
CI / Unit Tests (pull_request) Successful in 7m21s
Details
CI / Build (pull_request) Successful in 5m21s
Details
CI / Fresh-Linux Docker Deploy (pull_request) Failing after 38s
Details
CI / E2E Tests (pull_request) Successful in 3m28s
Details
CI / Release Images (pull_request) Has been skipped
Details
rename(phase 3): compose/DB/infra names + stray code refs capakraken → nexus 
- docker-compose.yml / .prod.yml / .ci.yml: project names, POSTGRES_DB/USER,
  pg_isready, DATABASE_URL, volume names (nexus_pgdata, nexus_prod_*)
- .github/workflows/ci.yml: POSTGRES_PASSWORD, pg_isready, psql credentials,
  GRANT statements, POSTGRES_PASSWORD=nexus_dev for Docker Deploy job
- scripts/db-target-guard.mjs: expectedDatabase default, NEXUS_EXPECTED_DB_NAME
- scripts/prisma-with-env.mjs, e2e/test-server.mjs: env-var rename
- packages/db/src/safe-destructive-env.ts + reset-dispo-import.ts: DB name set
- packages/db/src/destructive-db-guard.ts: PROTECTED_DATABASE_NAMES → "nexus"
- packages/db/src/destructive-db-guard.test.ts: all fixture DB names + comments
- .env.example, tooling/deploy/deploy.env.example: DATABASE_URL, image refs
- packages/api: Redis channel/key prefixes (rbac-invalidate, sse, ratelimit),
  logger service name, app-base-url log prefix
- E2E: DB container names, localStorage/sessionStorage keys, email domains
- scripts: architecture-guardrails filter, export/import-dev-seed defaults,
  harden-postgres defaults, start.sh pg_isready, worktree-hygiene fixture
- tooling/migrate/rename-to-nexus.sh: new maintenance-window cutover script

Only intentional capakraken survivor: anonymization.ts DEFAULT_ANONYMIZATION_SEED
(functional cryptographic constant — changing it would invalidate stored aliases).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-21 16:35:39 +02:00

104 lines
3.4 KiB
TypeScript
Raw Blame History

/**
* Playwright global setup for dev-system tests.
*
* 1. Logs in once per user role and saves browser storage state to disk.
* Tests use these cached states via `test.use({ storageState })` to avoid
* hitting the auth rate limiter (5 attempts / 15 min / email).
*
* 2. Ensures reset-test@planarchy.dev exists for the password-reset E2E tests.
* If the user is missing, creates them directly in the DB via argon2id hash
* + docker exec psql (no tRPC roundtrip needed in setup).
*/
import { execSync } from "node:child_process";
import { chromium, type FullConfig } from "@playwright/test";
import * as fs from "fs";
import * as path from "path";
const USERS = {
admin: { email: "admin@planarchy.dev", password: "admin123" },
manager: { email: "manager@planarchy.dev", password: "manager123" },
viewer: { email: "viewer@planarchy.dev", password: "viewer123" },
} as const;
const RESET_TEST_USER = {
email: "reset-test@planarchy.dev",
password: "Dev123456!",
};
const DB_CONTAINER = "nexus-postgres-1";
const DB_USER = "nexus";
const DB_NAME = "nexus";
function psqlExec(sql: string): string {
return execSync(
`docker exec -i ${DB_CONTAINER} psql -U ${DB_USER} -d ${DB_NAME} -t -v ON_ERROR_STOP=1`,
{ input: sql, encoding: "utf8" },
).trim();
}
/**
* Ensure reset-test@planarchy.dev exists in the DB.
* Creates the user directly via SQL + argon2id hash — no email / tRPC roundtrip.
*/
async function ensureResetTestUser(): Promise<void> {
const count = psqlExec(`SELECT COUNT(*) FROM users WHERE email='${RESET_TEST_USER.email}';`);
if (parseInt(count, 10) > 0) {
console.log(`[global-setup] reset-test user already exists — skipping`);
return;
}
console.log(`[global-setup] Creating reset-test user…`);
const { hash } = await import("@node-rs/argon2");
const passwordHash = await hash(RESET_TEST_USER.password);
// argon2id hashes use base64 chars only — safe inside a SQL single-quoted string
// Column names are camelCase (Prisma default) — must be double-quoted in SQL
const sql = `
INSERT INTO users (id, email, name, "systemRole", "passwordHash", "createdAt", "updatedAt")
VALUES (
gen_random_uuid()::text,
'${RESET_TEST_USER.email}',
'reset-test',
'USER',
'${passwordHash}',
NOW(),
NOW()
) ON CONFLICT (email) DO NOTHING;
`;
psqlExec(sql);
console.log(`[global-setup] Created reset-test user (${RESET_TEST_USER.email})`);
}
async function globalSetup(config: FullConfig) {
const baseURL = config.projects[0]?.use?.baseURL ?? "http://localhost:3100";
const authDir = path.join(__dirname, ".auth");
fs.mkdirSync(authDir, { recursive: true });
const browser = await chromium.launch();
for (const [role, creds] of Object.entries(USERS)) {
const context = await browser.newContext();
const page = await context.newPage();
await page.goto(`${baseURL}/auth/signin`);
await page.fill('input[type="email"]', creds.email);
await page.fill('input[type="password"]', creds.password);
await page.click('button[type="submit"]');
await page.waitForURL(/\/(dashboard|resources)/, { timeout: 15000 });
await context.storageState({ path: path.join(authDir, `${role}.json`) });
await context.close();
console.log(`[global-setup] Saved auth state for ${role}`);
}
await browser.close();
// Ensure the dedicated password-reset test user exists
await ensureResetTestUser();
}
export default globalSetup;
Reference in New Issue View Git Blame Copy Permalink