diff --git a/Dockerfile.dev b/Dockerfile.dev new file mode 100644 index 0000000..3a1a399 --- /dev/null +++ b/Dockerfile.dev @@ -0,0 +1,17 @@ +# --- Build stage --- +FROM node:22 AS build +ENV NODE_ENV=production +ENV ORIGIN=https://tatort-dev.innovation-hub-niedersachsen.de +WORKDIR /app +COPY package*.json ./ +RUN npm ci +COPY . ./ +COPY config_dev.json ./config.json +RUN npm run build + +# --- Production stage --- +FROM node:22-alpine3.20 +COPY --from=build /app . +ENV HOST=0.0.0.0 +EXPOSE 3000 +CMD ["sh", "-c", "ORIGIN=https://tatort-dev.innovation-hub-niedersachsen.de node build/index.js"] \ No newline at end of file diff --git a/Dockerfile b/Dockerfile.prod similarity index 91% rename from Dockerfile rename to Dockerfile.prod index 50a19b5..66a3f39 100644 --- a/Dockerfile +++ b/Dockerfile.prod @@ -6,6 +6,7 @@ WORKDIR /app COPY package*.json ./ RUN npm ci COPY . ./ +COPY config_prod.json ./config.json RUN npm run build # --- Production stage --- @@ -14,4 +15,3 @@ COPY --from=build /app . ENV HOST=0.0.0.0 EXPOSE 3000 CMD ["sh", "-c", "ORIGIN=https://tatort.innovation-hub-niedersachsen.de node build/index.js"] - diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..6d2f479 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,103 @@ +/* groovylint-disable-next-line UnusedVariable */ +@Library('InnoHub-Library') _ + +Boolean didRun = false + +pipeline { + agent any + + tools { + nodejs 'NodeJS-24.2.0' + } + + environment { + REGISTRY = 'https://gitea.innovation-hub-niedersachsen.de/' + USER = 'jenkins' + TOKEN = credentials('JenkinsGitea') + } + + parameters { + string(name: 'REPO_NAME', defaultValue: '', description: 'Repo Name') + string(name: 'GIT_REF', defaultValue: '', description: 'Git Ref') + } + + options { + buildDiscarder( + BuildHistoryManager([ + [ continueAfterMatch: false, matchAtMost: 5 ], + [ actions: [ DeleteBuild() ] ] + ]) + ) + } + + stages { + stage('Validate Repository') { + steps { + script { + checkRepoName(params.REPO_NAME, true) + } + } + } + + stage('Install Dependencies') { + steps { + script { + didRun = true + } + sh 'npm ci' + } + } + + stage('Test & Security Audit') { + steps { + script { + didRun = true + } + echo 'Start checking security vulnerabilities in npm packages' + sh 'npm audit --audit-level=moderate' + } + } + + stage('SonarQube Analysis') { + steps { + withSonarQubeEnv('sonarqube') { + sh 'sonar-scanner -Dsonar.projectKey=tatort -Dsonar.sources=src' + } + } + } + + stage('Push image to gitea registry') { + when { + branch 'development' + } + steps { + script { + didRun = true + def tag = "innohub/tatort-dev:0.${env.BUILD_ID}" + docker.withRegistry('https://gitea.innovation-hub-niedersachsen.de', 'JenkinsGitea') { + docker.build(tag, '-f Dockerfile.dev .').push('latest') + } + } + } + } + } + + post { + success { + script { + if (didRun) { + echo 'Pipeline erfolgreich!' + discordSend description: "Running ${env.BUILD_ID} on ${env.JENKINS_URL}, ${params.GIT_REF}", footer: 'Pipeline succeeded', link: env.BUILD_URL, result: currentBuild.currentResult, title: env.JOB_NAME, webhookURL: 'https://discordapp.com/api/webhooks/1389470542691831819/NdMO17sLBG2dplp_-oh6Ff0cbPOoADl0QwXKM9UzduxU44av_ZQkQjKTmpdK7YuwcZDc' + } + } + } + failure { + script { + if (didRun) { + echo 'Pipeline fehlgeschlagen!' + discordSend description: "Running ${env.BUILD_ID} on ${env.JENKINS_URL}, ${params.GIT_REF}", footer: 'Pipeline failed', link: env.BUILD_URL, result: currentBuild.currentResult, title: env.JOB_NAME, webhookURL: 'https://discordapp.com/api/webhooks/1389470542691831819/NdMO17sLBG2dplp_-oh6Ff0cbPOoADl0QwXKM9UzduxU44av_ZQkQjKTmpdK7YuwcZDc' + } + } + } + } +} diff --git a/config_dev.json b/config_dev.json new file mode 100644 index 0000000..8ab9cb8 --- /dev/null +++ b/config_dev.json @@ -0,0 +1,17 @@ +{ + "minio": { + "endPoint": "sws3.innovation-hub-niedersachsen.de", + "port": 443, + "useSSL": true, + "accessKey": "wjpKrmaqXra99rX3D61H", + "secretKey": "fTPi0u0FR6Lv9Y9IKydWv6WM0EA5XrsK008HCt9u" + }, + "jwt": { + "secret": "@S2!q@@wXz$dCQ8JoVsHLpzaJ6JCfB", + "expiresIn": 3600 + }, + "auth": { + "admin": { "password": "A-InnoHUB_2025!", "admin": true }, + "user": { "password": "U-InnoHUB_2025!", "admin": false } + } +} \ No newline at end of file diff --git a/config.json b/config_prod.json similarity index 94% rename from config.json rename to config_prod.json index 8490de6..126d80d 100644 --- a/config.json +++ b/config_prod.json @@ -8,10 +8,10 @@ }, "jwt": { "secret": "@S2!q@@wXz$dCQ8JoVsHLpzaJ6JCfB", - "expiresIn": 36000 + "expiresIn": 3600 }, "auth": { "admin": { "password": "A-InnoHUB_2025!", "admin": true }, "user": { "password": "U-InnoHUB_2025!", "admin": false } } -} +} \ No newline at end of file diff --git a/src/routes/(angemeldet)/+layout.server.ts b/src/routes/(angemeldet)/+layout.server.ts index 5251779..94cce7a 100644 --- a/src/routes/(angemeldet)/+layout.server.ts +++ b/src/routes/(angemeldet)/+layout.server.ts @@ -5,5 +5,6 @@ export const load: PageServerLoad = (event: ServerLoadEvent) => { if (!event.locals.user && event.url.pathname !== '/anmeldung') throw redirect(303, '/anmeldung'); return { user: event.locals.user + }; } diff --git a/src/routes/api/list/[[vorgang]]/+server.ts b/src/routes/api/list/[vorgang]/+server.ts similarity index 100% rename from src/routes/api/list/[[vorgang]]/+server.ts rename to src/routes/api/list/[vorgang]/+server.ts diff --git a/src/routes/api/tatort/+server.ts b/src/routes/api/list/[vorgang]/[tatort]/+server.ts similarity index 100% rename from src/routes/api/tatort/+server.ts rename to src/routes/api/list/[vorgang]/[tatort]/+server.ts diff --git a/src/routes/api/list/[[vorgang]]/code/+server.ts b/src/routes/api/list/[vorgang]/code/+server.ts similarity index 100% rename from src/routes/api/list/[[vorgang]]/code/+server.ts rename to src/routes/api/list/[vorgang]/code/+server.ts