sciagent code + Gitea Actions CI/CD
CI/CD / backend (push) Failing after 2m8s
CI/CD / frontend (push) Failing after 1m40s
CI/CD / deploy (push) Has been skipped

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Thinh Lam
2026-06-30 09:38:30 +07:00
commit 688fac73e9
1167 changed files with 158244 additions and 0 deletions
+43
View File
@@ -0,0 +1,43 @@
#!/usr/bin/env bash
# Smoke-test verify-prod-env.sh rejects insecure values.
set -euo pipefail
ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
TMP="$(mktemp)"
trap 'rm -f "$TMP"' EXIT
cat >"$TMP" <<'EOF'
PUBLIC_HOST=example.com
FE_PORT=8081
MINIO_API_PORT=19000
MINIO_CONSOLE_PORT=19001
MINIO_ROOT_USER=minio_user
MINIO_ROOT_PASSWORD=long_random_minio_secret_value
POSTGRES_USER=initiative
POSTGRES_PASSWORD=long_random_postgres_secret
POSTGRES_DB=initiatives
JWT_SECRET=short
MINIO_API_CORS_ALLOW_ORIGIN=*
EOF
if ENV_FILE="$TMP" "$ROOT/scripts/verify-prod-env.sh" >/dev/null 2>&1; then
echo "FAIL: verify-prod-env.sh should reject short JWT_SECRET and CORS *" >&2
exit 1
fi
cat >"$TMP" <<'EOF'
PUBLIC_HOST=example.com
FE_PORT=8081
MINIO_API_PORT=19000
MINIO_CONSOLE_PORT=19001
MINIO_ROOT_USER=minio_user
MINIO_ROOT_PASSWORD=long_random_minio_secret_value
POSTGRES_USER=initiative
POSTGRES_PASSWORD=long_random_postgres_secret
POSTGRES_DB=initiatives
JWT_SECRET=this-is-a-valid-production-jwt-secret-32chars-min
MINIO_API_CORS_ALLOW_ORIGIN=https://example.com
EOF
ENV_FILE="$TMP" "$ROOT/scripts/verify-prod-env.sh" >/dev/null
echo "OK — verify-prod-env.sh accepts secure sample .env"