Merge b203877 into d98c3ef

uzh-bf · Aug 23, 2024 · c4f1a37 · c4f1a37
2 parents d98c3ef + b203877
commit c4f1a37
Show file tree

Hide file tree

Showing 41 changed files with 975 additions and 543 deletions.
diff --git a/.github/workflows/v3_analytics-prod.yml b/.github/workflows/v3_analytics-prod.yml
@@ -3,9 +3,6 @@ name: Build Docker image for analytics (Production)
 on:
   push:
     tags: ['v*.*.*']
-    paths:
-      - 'apps/analytics/**'
-      - '.github/workflows/v3_analytics**'
 
 env:
   REGISTRY: ghcr.io

diff --git a/.github/workflows/v3_analytics-qa.yml b/.github/workflows/v3_analytics-qa.yml
@@ -5,9 +5,6 @@ on:
     branches:
       - 'v3'
       - 'v3*'
-    paths:
-      - 'apps/analytics/**'
-      - '.github/workflows/v3_analytics**'
   pull_request:
     # branches: [ "v3" ]
     types: [opened, synchronize, reopened, ready_for_review]

diff --git a/.github/workflows/v3_auth-prod.yml b/.github/workflows/v3_auth-prod.yml
@@ -3,9 +3,6 @@ name: Build Docker image for auth (Production)
 on:
   push:
     tags: ['v*.*.*']
-    paths:
-      - 'apps/auth/**'
-      - '.github/workflows/v3_auth**'
 
 env:
   REGISTRY: ghcr.io

diff --git a/.github/workflows/v3_auth-qa.yml b/.github/workflows/v3_auth-qa.yml
@@ -5,9 +5,6 @@ on:
     branches:
       - 'v3'
       - 'v3*'
-    paths:
-      - 'apps/auth/**'
-      - '.github/workflows/v3_auth**'
   pull_request:
     # branches: [ "v3" ]
     types: [opened, synchronize, reopened, ready_for_review]

diff --git a/.github/workflows/v3_backend-docker.yml b/.github/workflows/v3_backend-docker.yml
@@ -6,11 +6,6 @@ on:
     branches:
       - 'v3'
       - 'v3*'
-    paths:
-      - 'apps/backend-docker/**'
-      - 'packages/graphql/**'
-      - 'packages/prisma/**'
-      - '.github/workflows/v3_backend-docker**'
   pull_request:
     # branches: [ "v3" ]
     types: [opened, synchronize, reopened, ready_for_review]

diff --git a/.github/workflows/v3_frontend-control-docker-prod.yml b/.github/workflows/v3_frontend-control-docker-prod.yml
@@ -3,9 +3,6 @@ name: Build Docker image for frontend-control (Production)
 on:
   push:
     tags: ['v*.*.*']
-    paths:
-      - 'apps/frontend-control/**'
-      - '.github/workflows/v3_frontend-control**'
 
 env:
   REGISTRY: ghcr.io

diff --git a/.github/workflows/v3_frontend-control-docker-qa.yml b/.github/workflows/v3_frontend-control-docker-qa.yml
@@ -5,9 +5,6 @@ on:
     branches:
       - 'v3'
       - 'v3*'
-    paths:
-      - 'apps/frontend-control/**'
-      - '.github/workflows/v3_frontend-control**'
   pull_request:
     # branches: [ "v3" ]
     types: [opened, synchronize, reopened, ready_for_review]

diff --git a/.github/workflows/v3_frontend-manage-docker-prod.yml b/.github/workflows/v3_frontend-manage-docker-prod.yml
@@ -3,9 +3,6 @@ name: Build Docker image for frontend-manage (Production)
 on:
   push:
     tags: ['v*.*.*']
-    paths:
-      - 'apps/frontend-manage/**'
-      - '.github/workflows/v3_frontend-manage**'
 
 env:
   REGISTRY: ghcr.io

diff --git a/.github/workflows/v3_frontend-manage-docker-qa.yml b/.github/workflows/v3_frontend-manage-docker-qa.yml
@@ -5,9 +5,6 @@ on:
     branches:
       - 'v3'
       - 'v3*'
-    paths:
-      - 'apps/frontend-manage/**'
-      - '.github/workflows/v3_frontend-manage**'
   pull_request:
     # branches: [ "v3" ]
     types: [opened, synchronize, reopened, ready_for_review]

diff --git a/.github/workflows/v3_frontend-pwa-docker-prod.yml b/.github/workflows/v3_frontend-pwa-docker-prod.yml
@@ -3,9 +3,6 @@ name: Build Docker image for frontend-pwa (Production)
 on:
   push:
     tags: ['v*.*.*']
-    paths:
-      - 'apps/frontend-pwa/**'
-      - '.github/workflows/v3_frontend-pwa**'
 
 env:
   REGISTRY: ghcr.io

diff --git a/.github/workflows/v3_frontend-pwa-docker-qa.yml b/.github/workflows/v3_frontend-pwa-docker-qa.yml
@@ -5,9 +5,6 @@ on:
     branches:
       - 'v3'
       - 'v3*'
-    paths:
-      - 'apps/frontend-pwa/**'
-      - '.github/workflows/v3_frontend-pwa**'
   pull_request:
     # branches: [ "v3" ]
     types: [opened, synchronize, reopened, ready_for_review]

diff --git a/.github/workflows/v3_lti-prod.yml b/.github/workflows/v3_lti-prod.yml
@@ -3,9 +3,6 @@ name: Build Docker image for lti (Production)
 on:
   push:
     tags: ['v*.*.*']
-    paths:
-      - 'apps/lti/**'
-      - '.github/workflows/v3_lti**'
 
 env:
   REGISTRY: ghcr.io

diff --git a/.github/workflows/v3_lti-qa.yml b/.github/workflows/v3_lti-qa.yml
@@ -5,10 +5,6 @@ on:
     branches:
       - 'v3'
       - 'v3*'
-      - 'CI'
-    paths:
-      - 'apps/lti/**'
-      - '.github/workflows/v3_lti**'
   pull_request:
     # branches: [ "v3" ]
     types: [opened, synchronize, reopened, ready_for_review]

diff --git a/apps/auth/src/pages/api/auth/[...nextauth].ts b/apps/auth/src/pages/api/auth/[...nextauth].ts
@@ -217,6 +217,8 @@ export const authOptions: NextAuthOptions = {
 
   callbacks: {
     async signIn({ user, account, profile, email }) {
+      console.log('signIn', user, account, profile, email)
+
       const profileData = profile as ExtendedProfile
       if (profileData?.sub && account?.provider) {
         const userAccount = await prisma.account.findUnique({

diff --git a/apps/backend-docker/package.json b/apps/backend-docker/package.json
@@ -19,7 +19,6 @@
     "@graphql-yoga/redis-event-target": "1.0.0",
     "@klicker-uzh/graphql": "workspace:*",
     "@klicker-uzh/prisma": "workspace:*",
-    "@klicker-uzh/transactional": "workspace:*",
     "@opentelemetry/exporter-trace-otlp-http": "0.52.1",
     "@opentelemetry/instrumentation": "0.52.1",
     "@opentelemetry/resources": "1.25.1",
@@ -76,13 +75,12 @@
     "typescript": "5.4.5"
   },
   "scripts": {
-    "build": "cross-env NODE_ENV=production run-s build:copy build:ts",
+    "build": "cross-env NODE_ENV=production run-s build:ts",
     "build:ts": "tsup",
-    "build:copy": "tsx scripts/copy.ts",
     "build:test": "run-s build:instrument build:ts",
     "build:instrument": "nyc instrument --compact=false src instrumented",
     "check": "tsc --noEmit",
-    "dev": "npm-run-all --parallel build:copy dev:build dev:run",
+    "dev": "npm-run-all --parallel dev:build dev:run",
     "dev:lti": "pnpm run dev",
     "dev:doppler": "doppler run --config dev -- pnpm run dev",
     "dev:build": "tsup --watch",

diff --git a/apps/backend-docker/scripts/copy.ts b/apps/backend-docker/scripts/copy.ts
diff --git a/apps/backend-docker/tsup.config.ts b/apps/backend-docker/tsup.config.ts
@@ -8,5 +8,4 @@ export default defineConfig({
   format: 'esm',
   clean: true,
   target: 'node20',
-  publicDir: 'public',
 })
diff --git a/apps/frontend-pwa/.env.qa b/apps/frontend-pwa/.env.qa
@@ -5,7 +5,7 @@ NEXT_PUBLIC_AVATAR_BASE_PATH="https://sos-ch-dk-2.exo.io/klicker-prod/avatars"
 NEXT_PUBLIC_IMAGE_BASE_PATH="https://sos-ch-dk-2.exo.io/klicker-prod/img"
 NEXT_PUBLIC_ADD_RESPONSE_URL="https://backend-responses$COOKIE_DOMAIN/api/AddResponse"
 NEXT_PUBLIC_API_URL="https://$API_DOMAIN/api/graphql"
-NEXT_PUBLIC_API_URL_SSR="http://klicker-uzh-qa-klicker-uzh-v3-backend-graphql:3000/api/graphql"
+NEXT_PUBLIC_API_URL_SSR="http://klicker-v2-qa-klicker-uzh-v2-backend-graphql:3000/api/graphql"
 NEXT_PUBLIC_WEB_PUSH_PUBLIC_KEY="BFTs2KshUdSwCqQgZzaaCZK7h3L4pd8hjJoLk1jv1-iPN9c-_7JdLkQi5IV_k3Ml4rrx12HOkcANwVk39L_RTOM"
 
 NEXT_PUBLIC_PWA_URL="https://pwa.klicker-qa.bf-app.ch"

diff --git a/apps/frontend-pwa/src/lib/getParticipantToken.ts b/apps/frontend-pwa/src/lib/getParticipantToken.ts
@@ -16,10 +16,14 @@ export default async function getParticipantToken({
 
   const cookies = nookies.get(ctx)
 
+  console.log('cookies', cookies)
+
   // if the user already has a participant token, skip registration
   // fetch the relevant data directly
   let participantToken: string | undefined | null = cookies['participant_token']
 
+  console.log('participantToken', participantToken)
+
   if (participantToken) {
     return {
       participantToken,

diff --git a/apps/frontend-pwa/src/pages/createAccount.tsx b/apps/frontend-pwa/src/pages/createAccount.tsx
@@ -62,8 +62,8 @@ function CreateAccount({
           })
 
           if (login) {
-            await router.replace('/login', {
-              pathname: '/login',
+            await router.replace('/editProfile', {
+              pathname: '/editProfile',
               query: {
                 newAccount: true,
               },
@@ -109,12 +109,16 @@ export async function getServerSideProps(ctx: GetServerSidePropsContext) {
   if (cookies['lti-token'] || query.jwt) {
     const token = cookies['lti-token'] ?? query.jwt
 
+    console.log('token', token)
+
     const parsedToken = JWT.verify(token, process.env.APP_SECRET as string) as {
       sub: string
       email: string
       scope: string
     }
 
+    console.log('parsedToken', parsedToken)
+
     if (parsedToken.scope === 'LTI1.3') {
       signedLtiData.token = token
       signedLtiData.ssoId = parsedToken.sub

diff --git a/apps/lti/src/index.ts b/apps/lti/src/index.ts
@@ -11,7 +11,8 @@ const PROVIDER_OPTIONS = {
     secure: true,
     sameSite: 'none',
   },
-  devMode: process.env.NODE_ENV === 'development', // needs to be set to false in production
+  devMode: process.env.LTI_DEV_MODE === 'true',
+  ltiaas: process.env.LTI_AAS_MODE === 'true',
 }
 
 // Initialize database connection

diff --git a/deploy/charts/klicker-uzh-v2/templates/cm-lti.yaml b/deploy/charts/klicker-uzh-v2/templates/cm-lti.yaml
@@ -20,3 +20,5 @@ data:
   LTI_TOKEN_ENDPOINT: {{ .Values.lti.tokenEndpoint | quote }}
   LTI_KEYS_ENDPOINT: {{ .Values.lti.keysEndpoint | quote }}
   COOKIE_DOMAIN: {{ .Values.lti.cookieDomain | quote }}
+  LTI_DEV_MODE: {{ .Values.lti.devMode | quote }}
+  LTI_AAS_MODE: {{ .Values.lti.ltiaas | quote }}
diff --git a/deploy/charts/klicker-uzh-v2/templates/deployment-app.yaml b/deploy/charts/klicker-uzh-v2/templates/deployment-app.yaml
@@ -430,8 +430,7 @@ spec:
         - name: lti
           securityContext:
             {{- toYaml .Values.lti.securityContext | nindent 12 }}
-          # image: "{{ .Values.lti.image.repository }}:{{ .Values.lti.image.tag | default .Chart.AppVersion }}"
-          image: "{{ .Values.lti.image.repository }}:v3" # TODO: replace with the above once klicker release is out
+          image: "{{ .Values.lti.image.repository }}:{{ .Values.lti.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.lti.image.pullPolicy }}
           ports:
             - name: http

diff --git a/deploy/charts/klicker-uzh-v2/values.yaml b/deploy/charts/klicker-uzh-v2/values.yaml
@@ -276,6 +276,9 @@ lti:
   keysEndpoint:
   port: 4000
 
+  devMode: 'true'
+  ltiaas: 'false'
+
   db:
     type: postgres
     host: ''

diff --git a/deploy/env-qa-v3/helmfile.yaml b/deploy/env-qa-v3/helmfile.yaml
@@ -26,6 +26,9 @@ releases:
             secure: '{{ requiredEnv "EMAIL_SECURE" }}'
             requireTLS: '{{ requiredEnv "EMAIL_STARTTLS" }}'
 
+        eduId:
+          clientSecret: '{{ requiredEnv "EDUID_CLIENT_SECRET" }}'
+
         auth:
           replicaCount: 1
           image:
@@ -90,6 +93,9 @@ releases:
         lti:
           replicaCount: 1
 
+          image:
+            tag: '{{ requiredEnv "APP_VERSION" }}'
+
           appSecret: '{{ requiredEnv "APP_SECRET" }}'
           clientId: '{{ requiredEnv "LTI_CLIENT_ID" }}'
           redirectURL: '{{ requiredEnv "LTI_REDIRECT_URL" }}'

diff --git a/packages/graphql/src/services/accounts.ts b/packages/graphql/src/services/accounts.ts
@@ -236,10 +236,13 @@ export async function sendMagicLink(
     `One-time login token created for ${usernameOrEmail}: ${magicLink}`
   )
 
-  const email = EmailService.hydrateTemplate({
-    templateName: 'MagicLinkRequested',
-    variables: { LINK: magicLink },
-  })
+  const email = await EmailService.hydrateTemplate(
+    {
+      templateName: 'MagicLinkRequested',
+      variables: { LINK: magicLink },
+    },
+    ctx
+  )
 
   if (!email) return false
 
@@ -534,18 +537,21 @@ export async function createParticipantAccount(
     )
 
     const activationLink = `${
-      process.env.NODE_ENV === 'production' ? 'https' : 'http://'
-    }${process.env.APP_STUDENT_DOMAIN}/activation?token=${activationJWT}`
+      process.env.NODE_ENV === 'production' ? 'https' : 'http'
+    }://${process.env.APP_STUDENT_DOMAIN}/activation?token=${activationJWT}`
 
     await sendTeamsNotifications(
       'graphql/createParticipantAccount',
       `New participant account created: ${participant.email} with activation link ${activationLink}`
     )
 
-    const emailHtml = EmailService.hydrateTemplate({
-      templateName: 'ParticipantAccountActivation',
-      variables: { LINK: activationLink },
-    })
+    const emailHtml = await EmailService.hydrateTemplate(
+      {
+        templateName: 'ParticipantAccountActivation',
+        variables: { LINK: activationLink },
+      },
+      ctx
+    )
 
     await EmailService.sendEmail({
       to: email,
@@ -587,20 +593,26 @@ export async function loginParticipantWithLti(
     scope: string
   }
 
+  console.log('ltiData', ltiData)
+
   let account = await ctx.prisma.participantAccount.findUnique({
     where: { ssoId: ltiData.sub as string },
     include: {
       participant: true,
     },
   })
 
+  console.log('account', account)
+
   // check if there is a participant account already given the email address
   // if so, create a new participant account with the LTI data and new sub
   if (!account && ltiData.email) {
     const existingParticipant = await ctx.prisma.participant.findUnique({
       where: { email: ltiData.email },
     })
 
+    console.log('existingParticipant', existingParticipant)
+
     if (!existingParticipant) {
       return null
     }