Files
sciagent/scripts/test-verify-prod-env.sh
T
Thinh Lam 688fac73e9
CI/CD / backend (push) Failing after 2m8s
CI/CD / frontend (push) Failing after 1m40s
CI/CD / deploy (push) Has been skipped
sciagent code + Gitea Actions CI/CD
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-30 09:38:30 +07:00

44 lines
1.2 KiB
Bash
Executable File

#!/usr/bin/env bash
# Smoke-test verify-prod-env.sh rejects insecure values.
set -euo pipefail
ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
TMP="$(mktemp)"
trap 'rm -f "$TMP"' EXIT
cat >"$TMP" <<'EOF'
PUBLIC_HOST=example.com
FE_PORT=8081
MINIO_API_PORT=19000
MINIO_CONSOLE_PORT=19001
MINIO_ROOT_USER=minio_user
MINIO_ROOT_PASSWORD=long_random_minio_secret_value
POSTGRES_USER=initiative
POSTGRES_PASSWORD=long_random_postgres_secret
POSTGRES_DB=initiatives
JWT_SECRET=short
MINIO_API_CORS_ALLOW_ORIGIN=*
EOF
if ENV_FILE="$TMP" "$ROOT/scripts/verify-prod-env.sh" >/dev/null 2>&1; then
echo "FAIL: verify-prod-env.sh should reject short JWT_SECRET and CORS *" >&2
exit 1
fi
cat >"$TMP" <<'EOF'
PUBLIC_HOST=example.com
FE_PORT=8081
MINIO_API_PORT=19000
MINIO_CONSOLE_PORT=19001
MINIO_ROOT_USER=minio_user
MINIO_ROOT_PASSWORD=long_random_minio_secret_value
POSTGRES_USER=initiative
POSTGRES_PASSWORD=long_random_postgres_secret
POSTGRES_DB=initiatives
JWT_SECRET=this-is-a-valid-production-jwt-secret-32chars-min
MINIO_API_CORS_ALLOW_ORIGIN=https://example.com
EOF
ENV_FILE="$TMP" "$ROOT/scripts/verify-prod-env.sh" >/dev/null
echo "OK — verify-prod-env.sh accepts secure sample .env"