TourmalineCore
diff --git a/‎.devcontainer/devcontainer.json‎
Lines changed: 28 additions & 0 deletions b/‎.devcontainer/devcontainer.json‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎.editorconfig‎
Lines changed: 13 additions & 4 deletions b/‎.editorconfig‎
Lines changed: 13 additions & 4 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/bug_report.md‎
Lines changed: 29 additions & 0 deletions b/‎.github/ISSUE_TEMPLATE/bug_report.md‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/task-template.md‎
Lines changed: 24 additions & 0 deletions b/‎.github/ISSUE_TEMPLATE/task-template.md‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎.github/workflows/docker-build-and-push.yml‎
Lines changed: 57 additions & 0 deletions b/‎.github/workflows/docker-build-and-push.yml‎
Lines changed: 57 additions & 0 deletions
diff --git a/‎.github/workflows/karate-tests-on-pull-request.yml‎
Lines changed: 101 additions & 0 deletions b/‎.github/workflows/karate-tests-on-pull-request.yml‎
Lines changed: 101 additions & 0 deletions
diff --git a/‎.github/workflows/prod-docker-publish.yml‎
Lines changed: 34 additions & 40 deletions b/‎.github/workflows/prod-docker-publish.yml‎
Lines changed: 34 additions & 40 deletions
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
@@ -0,0 +1,28 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/docker-existing-dockerfile
+{
+	"name": "Existing Dockerfile",
+	"build": {
+		// Sets the run context to one level up instead of the .devcontainer folder.
+		"context": "..",
+		// Update the 'dockerFile' property if you aren't using the standard 'Dockerfile' filename.
+		"dockerfile": "../e2e/KarateDockerfile"
+	},
+	"features": {
+		"ghcr.io/devcontainers/features/docker-outside-of-docker:1.6.0": {}
+	},
+	"runArgs": [
+		"--network=host"
+	],
+	"customizations": {
+		"vscode": {
+			"extensions": [
+				"karatelabs.karate",
+				"bierner.markdown-mermaid"
+			]
+		}
+	},
+	"containerEnv": {
+		"API_ROOT_URL": "http://localhost:6503/api",
+	}
+}
@@ -1,17 +1,26 @@
+# command to run:
+# dotnet format --exclude "**/Migrations/**" --verbosity detailed
+
 [*.cs]
 
 #### Core EditorConfig Options ####
 charset = utf-8
 
 # Indentation and spacing
-indent_size = 4
+indent_size = 2
 indent_style = space
-tab_width = 4
+tab_width = 2
 
 # New line preferences
 end_of_line = lf
-insert_final_newline = false
+insert_final_newline = true
+
+# Wrapping preferences
+csharp_preserve_single_line_blocks = true
+csharp_preserve_single_line_statements = true
 
+# error unnecessary usings
+dotnet_diagnostic.IDE0005.severity = error
 
 #### .NET Coding Conventions ####
 
@@ -199,4 +208,4 @@ dotnet_diagnostic.SA1131.severity = none
 dotnet_diagnostic.SA1118.severity = none
 
 # SA1500: Braces for multi-line statements should not share line
-dotnet_diagnostic.SA1500.severity = none
+dotnet_diagnostic.SA1500.severity = none
@@ -0,0 +1,29 @@
+---
+name: Bug report
+about: Template to describe a bug
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Environment**
+ - Device (desktop / mobile)
+ - OS: [e.g. iOS]
+ - Browser [e.g. chrome, safari]
+ - Version [e.g. 22]
+
+**Additional context**
+Add any other context about the problem here.
+
+**Screenshots / Video**
@@ -0,0 +1,24 @@
+---
+name: Task template
+about: Template to describe a task
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**I as** a <role> 
+**Want to** <goal> 
+**So that** <value / expected outcome>
+
+**Description**
+For example: 
+- Component's fields or design elements (if applicable)
+- Behavior of interactive elements (if applicable) 
+
+**Definition of Done**
+For example: 
+1. Unit or e2e tests are successful in pipeline (if applicable).
+2. <Role> can <do something>. E.g., a user can open and close mobile menu. 
+
+**Additional Info**
@@ -0,0 +1,57 @@
+name: Publish Docker image
+
+on:
+  push:
+    branches:
+      - master
+      - feature/*
+  # to allow to wait for a docker image to be published to proceed in another workflow
+  workflow_call:
+
+jobs:
+  push_to_registry:
+    name: Push Docker image to Git Registry
+    runs-on: ubuntu-22.04
+    permissions:
+      packages: write
+      contents: read
+      attestations: write
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v4
+      # multi-platform build configured using this https://docs.docker.com/build/ci/github-actions/multi-platform/
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+  
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: ghcr.io/tourmalinecore/${{ github.event.repository.name }}
+          tags: |
+            # minimal (short sha)
+            type=sha
+            # full length sha
+            type=sha,format=long
+            # set latest tag for default branch
+            # https://github.com/docker/metadata-action/issues/171 explains how to tag latest only on default branch
+            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
+
+      - name: Build and push Docker image
+        id: push
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: .
+          file: ./Api/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/amd64,linux/arm64
@@ -0,0 +1,101 @@
+name: E2E Tests
+
+on:
+  push:
+    branches:
+      - feature/*
+
+jobs:
+  # this is needed to wait for the new docker image to be build and published to the registry
+  # so that we can use the image to run ui of the needed commit related version as part of local-env
+  # the idea is taken from here https://stackoverflow.com/a/71489231
+  push_to_registry:
+    uses: ./.github/workflows/docker-build-and-push.yml
+    # without this it cannot login to the registry
+    secrets: inherit
+
+  e2e-test-without-local-env:
+    runs-on: ubuntu-24.04
+    steps:
+    - uses: actions/checkout@v4
+    - name: Run service via docker-compose and run Karate-tests
+    # Hide credentials and token from logs, get the number of failed and passed tests
+    # Find text with 'failed' and 'passed' in logs from karate-testing container
+      run: |
+        LOGS=$(docker compose --profile MockForPullRequest up --abort-on-container-exit)
+        FILTERED_LOGS=$(echo "$LOGS" | sed -E 's/"login":"[^"]*"/"login":"****"/g' \
+                                 | sed -E 's/"password":"[^"]*"/"password":"****"/g' \
+                                 | sed -E 's/"accessToken":[^,}]*"[^"]*"/"accessToken":"****"/g' \
+                                 | sed -E 's/"Authorization":"[^"]*"/"Authorization":"****"/g' \
+                                 | sed -E 's/"X-DEBUG-TOKEN":[^,}]*"[^"]*"/"X-DEBUG-TOKEN":"****"/g' \
+                                 | sed -E 's/accessToken":\{[^}]*\}/accessToken":{"value":"****"}/g' \
+                                 | sed -E 's/X-DEBUG-TOKEN: [^ ]*/X-DEBUG-TOKEN: ****/g') 
+        echo "$FILTERED_LOGS"
+        FAILED=$(echo "$FILTERED_LOGS" | grep -oP 'failed: *\K\d+')
+        PASSED=$(echo "$FILTERED_LOGS" | grep -oP 'passed: *\K\d+')
+        echo "Failed tests: $FAILED"
+        echo "Passed tests: $PASSED"
+        if [ "$FAILED" -gt 0 ]; then
+          echo "Failed tests found! Failing the pipeline..."
+          exit 1
+        fi
+        if [ "$PASSED" -eq 0 ]; then
+          echo "No tests passed! Failing the pipeline..."
+          exit 1
+        fi
+      env:
+        TEST_AUTH_LOGIN: ${{ secrets.TEST_AUTH_LOGIN }}
+        TEST_AUTH_PASSWORD: ${{ secrets.TEST_AUTH_PASSWORD }}
+
+  e2e-test-with-local-env:
+    name: Run karate tests in local env
+    runs-on: ubuntu-22.04
+    needs: [push_to_registry]
+    steps:
+      - name: Checkout local-env
+        uses: actions/checkout@v4
+        with:
+          repository: TourmalineCore/inner-circle-local-env
+
+      - name: Deploy Local Env to Kind k8s
+        uses: devcontainers/ci@v0.3
+        with:
+          runCmd: |
+            # we need to override "latest" image tag of ui inside local-env to run e2e against the current commit ui version and not against latest from master
+            # We tried to use yq to change the image tag, but in the values files for helmfile we have non-yaml code that yq can`t parse or ignore
+            # so for that reason we use Stream EDitor which can find needed string using regular expressions and change it to a new value
+            # The -i flag is needed to write new image tag directly to values file
+            sed -i "0,/tag:.*/s//tag: \"sha-${{ github.sha }}\"/" deploy/values-auth-api.yaml.gotmpl
+
+             # we need to override "latest" ref of service chart inside local-env to run tests against the current commit service chart version and not against latest from master
+            sed -i "0,/git+https:\/\/github.com\/TourmalineCore\/${{ github.event.repository.name }}.git?ref=.*/s//git+https:\/\/github.com\/TourmalineCore\/${{ github.event.repository.name }}.git?ref=${{ github.sha }}/" deploy/helmfile.yaml
+            
+            sed -i "0,/git::https:\/\/github.com\/TourmalineCore\/${{ github.event.repository.name }}.git@\/Api\/ci\/values-local-env.yaml?ref=.*/s//git::https:\/\/github.com\/TourmalineCore\/${{ github.event.repository.name }}.git@\/Api\/ci\/values-local-env.yaml?ref=${{ github.sha }}/" deploy/helmfile.yaml
+
+            kind create cluster --name inner-circle --config kind-local-config.yaml --kubeconfig ./.inner-circle-cluster-kubeconfig
+            # we need to properly expose KUBECONFIG as an absolute path, pwd prints current working directory path
+            export KUBECONFIG=$(pwd)/.inner-circle-cluster-kubeconfig
+
+            helmfile --environment local --namespace local -f deploy/helmfile.yaml apply
+          push: never
+
+      - name: Checkout api
+        uses: actions/checkout@v4
+      
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+        
+      - name: Download Karate JAR
+        run: |
+          curl -L https://github.com/karatelabs/karate/releases/download/v1.5.1/karate-1.5.1.jar -o karate.jar
+
+      - name: Run Karate Tests
+        run: |
+          java -jar karate.jar .
+        env:
+          API_ROOT_URL: "http://localhost:30090/api"
+          AUTH_LOGIN: "ceo@tourmalinecore.com"
+          AUTH_PASSWORD: "cEoPa$$wo1d"
@@ -1,54 +1,48 @@
-name: deploy service to prod k8s
+name: Deploy to Prod
 
 on:
   push:
     branches:
       - master
-  pull_request:
-
-env:
-  GITHUB_REGISTRY: ghcr.io
 
 jobs:
+  # this is needed to wait for the new docker image to be build and published to the registry
+  # so that we can use the image to run ui of the needed commit related version as part of local-env
+  # the idea is taken from here https://stackoverflow.com/a/71489231
+  push_to_registry:
+    uses: ./.github/workflows/docker-build-and-push.yml
+    # without this it cannot login to the registry
+    secrets: inherit
 
-  build-image:
-    name: Build and push service image  
+  deploy-to-prod:
+    name: Deploy service to k8s for prod environment  
+    needs: [push_to_registry]
     runs-on: ubuntu-22.04
     steps:
-      - name: checkout
-        uses: actions/checkout@v1
-      - name: Build and push image
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Create default global .kube/config file
         run: |
-          echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin
-          docker build -t $GITHUB_REGISTRY/tourmalinecore/inner-circle/auth-api:latest -t $GITHUB_REGISTRY/tourmalinecore/inner-circle/auth-api:${{ github.sha }} -f Api/Dockerfile .
-          docker push $GITHUB_REGISTRY/tourmalinecore/inner-circle/auth-api:latest
-          docker push $GITHUB_REGISTRY/tourmalinecore/inner-circle/auth-api:${{ github.sha }}
+          cd $HOME
+          mkdir .kube
+          echo "${{ secrets.DEV_KUBECONFIG }}" > .kube/config
 
-  deploy-to-prod-k8s:
-    needs: build-image
-    name: Deploy service to k8s for prod environment 
-    if: github.event_name == 'push'
-    runs-on: ubuntu-22.04
-    steps:
-      - name: checkout
-        uses: actions/checkout@v1
       - name: Deploy
-        uses: WyriHaximus/github-action-helm3@v3
+        uses: helmfile/helmfile-action@v1.9.0
         with:
-          exec: |
-            RELEASE_NAME=auth-api
-            helm repo add bitnami https://charts.bitnami.com/bitnami
-            helm upgrade --install --namespace dev-inner-circle --create-namespace --values ./Api/ci/values.yaml \
-            --set "image.tag=${{ github.sha }}" \
-            --set "ingress.enabled=true" \
-            --set "ingress.hostname=${{ secrets.DEV_HOST }}" \
-            --set "extraSecretEnvVars.ConnectionStrings__DefaultConnection=${{ secrets.DEV_POSTGRESQL_CONNECTION_STRING }}" \
-            --set "extraSecretEnvVars.AuthenticationOptions__PublicSigningKey=${{ secrets.DEV_AUTH_PUBLIC_SIGNING_KEY }}" \
-            --set "extraSecretEnvVars.AuthenticationOptions__PrivateSigningKey=${{ secrets.DEV_AUTH_PRIVATE_SIGNING_KEY }}" \
-            --set "extraSecretEnvVars.InnerCircleServiceUrls__MailServiceUrl=${{ secrets.DEV_MAIL_SERVICE_URL }}" \
-            --set "extraSecretEnvVars.InnerCircleServiceUrls__AuthUIServiceUrl=${{ secrets.DEV_AUTH_UI_SERVICE_URL }}" \
-            --set "extraSecretEnvVars.InnerCircleServiceUrls__AccountsServiceUrl=${{ secrets.DEV_ACCOUNTS_SERVICE_URL }}" \
-            --set "extraSecretEnvVars.InnerCircleServiceUrls__EmployeesServiceUrl=${{ secrets.DEV_EMPLOYEES_SERVICE_URL }}" \
-            "${RELEASE_NAME}" \
-            bitnami/aspnet-core --version 4.4.7
-          kubeconfig: "${{ secrets.DEV_KUBECONFIG }}"
+          helmfile-version: 'v0.164.0'
+          helm-version: 'v3.18.0'
+          helmfile-args: >
+            apply --namespace dev-inner-circle -f Api/ci/helmfile.yaml
+            --state-values-set image.tag=sha-${{ github.sha }} 
+            --state-values-set ingress.enabled=true
+            --state-values-set ingress.hostname=${{ secrets.DEV_HOST }}
+            --state-values-set extraSecretEnvVars.ConnectionStrings__DefaultConnection=${{ secrets.DEV_POSTGRESQL_CONNECTION_STRING }}
+            --state-values-set extraSecretEnvVars.AuthenticationOptions__PublicSigningKey=${{ secrets.DEV_AUTH_PUBLIC_SIGNING_KEY }}
+            --state-values-set extraSecretEnvVars.AuthenticationOptions__PrivateSigningKey=${{ secrets.DEV_AUTH_PRIVATE_SIGNING_KEY }}
+            --state-values-set extraSecretEnvVars.InnerCircleServiceUrls__MailServiceUrl=${{ secrets.DEV_MAIL_SERVICE_URL }}
+            --state-values-set extraSecretEnvVars.InnerCircleServiceUrls__AuthUIServiceUrl=${{ secrets.DEV_AUTH_UI_SERVICE_URL }}
+            --state-values-set extraSecretEnvVars.InnerCircleServiceUrls__AccountsServiceUrl=${{ secrets.DEV_ACCOUNTS_SERVICE_URL }}
+            --state-values-set extraSecretEnvVars.InnerCircleServiceUrls__EmployeesServiceUrl=${{ secrets.DEV_EMPLOYEES_SERVICE_URL }}
+          helmfile-auto-init: "false"
@@ -7,6 +7,7 @@ obj/
 .vs
 *.sln.DotSettings.user
 *.csproj.user
+target
 
 # storage for pgadmin
 */pgadmin/sessions/