Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(api): Add prod env schema in env file #436

Merged
merged 1 commit into from
Sep 16, 2024
Merged

feat(api): Add prod env schema in env file #436

merged 1 commit into from
Sep 16, 2024

Conversation

unamdev0
Copy link
Contributor

@unamdev0 unamdev0 commented Sep 16, 2024
edited by codiumai-pr-agent-free bot
Loading

User description

Description

Added prod env schema in env file

Fixes #357

PR Type

enhancement

Description

  • Introduced a new prodSchema to define environment variables for the production environment, ensuring all necessary variables are validated.
  • Renamed generalSchema to devSchema to better reflect its purpose.
  • Updated the EnvSchemaType to infer from the newly added prodSchema.
  • Included the prodSchema in the EnvSchema discriminated union to support multiple environment configurations.

Changes walkthrough 📝

Relevant files
Enhancement
env.schema.ts
Add production environment schema and update type inference

apps/api/src/common/env/env.schema.ts

  • Renamed generalSchema to devSchema.
  • Added a new prodSchema for production environment variables.
  • Updated EnvSchemaType to infer from prodSchema.
  • Included prodSchema in the EnvSchema discriminated union.
    		•  +60/-3   

    💡 PR-Agent usage:
    Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

    @unamdev0 unamdev0 requested a review from rajdip-b as a code owner September 16, 2024 15:21
    @codiumai-pr-agent-free CodiumAI PR-Agent (Free)
    Copy link
    Contributor

    PR Reviewer Guide 🔍

    ⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
    🧪 No relevant tests
    🔒 Security concerns

    Sensitive information exposure:
    The prodSchema includes validation for sensitive information such as DATABASE_URL, REDIS_PASSWORD, GITHUB_CLIENT_SECRET, GOOGLE_CLIENT_SECRET, GITLAB_CLIENT_SECRET, SMTP_PASSWORD, and JWT_SECRET. While the schema itself doesn't expose these values, it's crucial to ensure that these environment variables are properly protected and not logged or exposed in any part of the application.

    ⚡ Key issues to review

    Inconsistent Validation
    The prodSchema uses .min(1) for most string fields, but some fields like JWT_SECRET use .min(3). This inconsistency should be reviewed to ensure all minimum lengths are appropriate.

    Potential Oversight
    The devSchema (formerly generalSchema) lacks many of the fields present in prodSchema. It should be reviewed to ensure all necessary fields for the development environment are included.

    @codiumai-pr-agent-free CodiumAI PR-Agent (Free)
    Copy link
    Contributor

    PR Code Suggestions ✨

    CategorySuggestion                                                                                                                                    Score
    Best practice
    Use appropriate data types for numeric environment variables

    Consider using z.coerce.number() for numeric environment variables like API_PORT,
    SMTP_PORT, MINIO_PORT, etc., to automatically convert string inputs to numbers.

    apps/api/src/common/env/env.schema.ts [96-115]

    -API_PORT: z.string().min(1),
+API_PORT: z.coerce.number().int().positive(),
 
 GOOGLE_CLIENT_ID: z.string().min(1),
 GOOGLE_CLIENT_SECRET: z.string().min(1),
 GOOGLE_CALLBACK_URL: z.string().min(1),
 
 GITLAB_CLIENT_ID: z.string().min(1),
 GITLAB_CLIENT_SECRET: z.string().min(1),
 GITLAB_CALLBACK_URL: z.string().min(1),
 
 SENTRY_DSN: z.string().min(1),
 SENTRY_ORG: z.string().min(1),
 SENTRY_PROJECT: z.string().min(1),
-SENTRY_TRACES_SAMPLE_RATE: z.string().min(1),
-SENTRY_PROFILES_SAMPLE_RATE: z.string().min(1),
+SENTRY_TRACES_SAMPLE_RATE: z.coerce.number().min(0).max(1),
+SENTRY_PROFILES_SAMPLE_RATE: z.coerce.number().min(0).max(1),
 SENTRY_ENV: z.string().min(1),
 
 SMTP_HOST: z.string().min(1),
-SMTP_PORT: z.string().min(1),
+SMTP_PORT: z.coerce.number().int().positive(),
    • Apply this suggestion
    Suggestion importance[1-10]: 9

    Why: Using z.coerce.number() for numeric environment variables ensures that inputs are correctly parsed as numbers, improving data integrity and reducing potential runtime errors.

    		9
    Use appropriate data type for boolean environment variables

    Consider using z.boolean() for the MINIO_USE_SSL environment variable to ensure it's
    properly parsed as a boolean value.

    apps/api/src/common/env/env.schema.ts [135]

    -MINIO_USE_SSL: z.string().min(1),
+MINIO_USE_SSL: z.coerce.boolean(),
    • Apply this suggestion
    Suggestion importance[1-10]: 9

    Why: Changing the type to z.coerce.boolean() for MINIO_USE_SSL ensures that the environment variable is correctly interpreted as a boolean, which is crucial for its intended use.

    		9
    Enhancement
    Improve the regex pattern for email address validation with display names

    Consider using a more specific regex pattern for FROM_EMAIL validation to ensure it
    matches the exact format required for email addresses with display names.

    apps/api/src/common/env/env.schema.ts [117-121]

     FROM_EMAIL: z
   .string()
   .regex(
-    /^[a-zA-Z0-9._%+-]+(?: [a-zA-Z0-9._%+-]+)* <[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}>$/
+    /^"?([^"<]+)"?\s*<([a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,})>$/
   ),
    • Apply this suggestion
    Suggestion importance[1-10]: 8

    Why: The improved regex pattern provides a more precise validation for email addresses with display names, enhancing the robustness of the validation logic.

    		8
    Improve validation for URL-related environment variables

    Consider adding more specific validation for URL-related environment variables using
    z.string().url() instead of just z.string().min(1).

    apps/api/src/common/env/env.schema.ts [94-104]

    -GITHUB_CALLBACK_URL: z.string().min(1),
+GITHUB_CALLBACK_URL: z.string().url(),
 
-API_PORT: z.string().min(1),
+API_PORT: z.coerce.number().int().positive(),
 
 GOOGLE_CLIENT_ID: z.string().min(1),
 GOOGLE_CLIENT_SECRET: z.string().min(1),
-GOOGLE_CALLBACK_URL: z.string().min(1),
+GOOGLE_CALLBACK_URL: z.string().url(),
 
 GITLAB_CLIENT_ID: z.string().min(1),
 GITLAB_CLIENT_SECRET: z.string().min(1),
-GITLAB_CALLBACK_URL: z.string().min(1),
+GITLAB_CALLBACK_URL: z.string().url(),
    • Apply this suggestion
    Suggestion importance[1-10]: 8

    Why: The suggestion to use z.string().url() for URL-related variables enhances validation accuracy, ensuring that only valid URLs are accepted, which is important for application reliability.

    		8

    @rajdip-b rajdip-b changed the title Feat (api): added prod env schema in env file feat(api): Add prod env schema in env file Sep 16, 2024
    @rajdip-b rajdip-b merged commit 21c3004 into keyshade-xyz:develop Sep 16, 2024
    4 checks passed
    @unamdev0 unamdev0 deleted the fix/create-prod-env branch September 16, 2024 16:01
    Kiranchaudhary537 pushed a commit to Kiranchaudhary537/keyshade that referenced this pull request Oct 13, 2024
    @unamdev0 @Kiranchaudhary537
    feat(api): Add prod env schema in env file (keyshade-xyz#436)
    3c81364
    rajdip-b pushed a commit that referenced this pull request Oct 24, 2024
    @semantic-release-bot
    chore(release): 2.6.0 [skip ci]
    58d912f 
    ## [2.6.0](v2.5.0...v2.6.0) (2024-10-24)

### 🚀 Features

* **api:**  Add icon and remove description field from workspace ([#435](#435)) ([a99c0db](a99c0db))
* **api-client:** Added workspace-membership and related tests ([#452](#452)) ([6a1c091](6a1c091))
* **api-client:** Create controller for User module ([#484](#484)) ([f9d8e83](f9d8e83))
* **api:** Add prod env schema in env file ([#436](#436)) ([21c3004](21c3004))
* **api:** Add resend otp implementation ([#445](#445)) ([4dc6aa1](4dc6aa1))
* **api:** Fetch total count of environments, [secure]s and variables in project ([#434](#434)) ([0c9e50a](0c9e50a))
* **api:** Replace `projectId` with `name` and `slug` in workspace-role response.  ([#432](#432)) ([af06071](af06071))
* **cli:** Add functionality to operate on Secrets ([#504](#504)) ([1b4bf2f](1b4bf2f))
* **cli:** Add project command ([#451](#451)) ([70448e1](70448e1))
* **cli:** Add workspace operations ([#441](#441)) ([ed38d22](ed38d22))
* **cli:** implement commands to get, list, update, and delete, workspace roles ([#469](#469)) ([957ea8d](957ea8d))
* **cli:** Implemented pagination support ([#453](#453)) ([feb1806](feb1806))
* **cli:** Secret scan ([#438](#438)) ([85cb8ab](85cb8ab))
* **cli:** Update environment command outputs ([f4af874](f4af874))
* **platform:** Clearing email field after waitlisting the user email ([#481](#481)) ([256d659](256d659))
* Remove project IDs from workspace role export data and update tests ([#448](#448)) ([8fdb328](8fdb328))
* **web:** Configured extra check for waitlisted users already in the list and created toast message for them ([#492](#492)) ([2ddd0ef](2ddd0ef))
* **web:** show the toast only when email add successfully ([#490](#490)) ([783c411](783c411))

### 🐛 Bug Fixes

* **api,api-client:** Add environmentSlug in multiple places across the variable module ([#468](#468)) ([d970aff](d970aff))
* **api:** Replace the id with slug in the global-search service ([#455](#455)) ([74804b1](74804b1))
* **platform:** Fixed duplicate Google Logo UI fix  ([#450](#450)) ([fb0d6f7](fb0d6f7))
* resolve footer website name cut-off or overlap issue ([#444](#444)) ([fe03ba2](fe03ba2))
* **web:** Horizontal Scrolling issue on the website ([#440](#440)) ([655177b](655177b))

### 📚 Documentation

* Add documentation for environment in CLI ([#462](#462)) ([dad7394](dad7394))
* Add documentation for project in CLI ([#466](#466)) ([341fb32](341fb32))
* Add documentation for scan in CLI ([#461](#461)) ([72281e6](72281e6))
* Add documentation for workspace command ([#464](#464)) ([4aad8a2](4aad8a2))
* Add instructions for resetting the local Prisma database ([#495](#495)) ([#501](#501)) ([b07ea17](b07ea17))
* Added docker support documentation ([#465](#465)) ([bc04be4](bc04be4))
* Added documentation for running the platform ([#473](#473)) ([8b8386b](8b8386b))
* Added missing mappings to pages ([5de9fd8](5de9fd8))
* Fix Documentation Hyperlink and update expired Discord invite link ([#496](#496)) ([5a10e39](5a10e39))
* Updated CLI docs ([#460](#460)) ([c7e0f13](c7e0f13))

### 🔧 Miscellaneous Chores

* Add more logging to Sentry init ([#470](#470)) ([de4925d](de4925d))
* **api:** Optimise API docker image size ([#360](#360)) ([ea40dc1](ea40dc1))
* **api:** Updated lockfile ([a968e78](a968e78))
* **CI:** Add [secure] scan validation ([f441262](f441262))
* **cli:** Update controller invocation in environment commands ([#477](#477)) ([596bd1a](596bd1a))
* Minor changes to variables ([fe01ca6](fe01ca6))
* **[secure]-scan:** Failing lint issues ([#507](#507)) ([48f45df](48f45df))
* **[secure]-scan:** Formatted files ([5884833](5884833))
* Update .env.example ([70ad4f7](70ad4f7))
* Updated scripts ([9eb76a7](9eb76a7))
* **web:** email validation ([#487](#487)) ([e8e737a](e8e737a))
    @rajdip-b
    Copy link
    Member

    🎉 This PR is included in version 2.6.0 🎉

    The release is available on GitHub release

    Your semantic-release bot 📦🚀

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Reviewers

    @rajdip-b rajdip-b rajdip-b approved these changes

    Assignees
    No one assigned
    Labels
    enhancement released Review effort [1-5]: 2
    Projects
    None yet
    Milestone
    No milestone
    Development

    Successfully merging this pull request may close these issues.

    API: Add prod environment
    2 participants
    @unamdev0 @rajdip-b