dropme: remove other drone tasks for faster debugging

wip: feat(ci): Build docker container
Add seed script for admin user
2025-08-21 12:38:33 +02:00 · 2025-08-21 12:38:32 +02:00 · 2025-08-15 10:11:12 +02:00 · 2025-08-14 16:57:25 +02:00 · 2025-08-14 16:55:21 +02:00 · 2025-08-14 14:24:02 +02:00
6 changed files with 42 additions and 80 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -8,98 +8,37 @@ services:
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
+  - name: docker
+    image: docker:dind
+    privileged: true
+    volumes:
+      - name: dockersock
+        path: /var/run

 trigger:
  event:
    - push

 steps:
-  - name: compute cache key
-    image: docker.io/library/elixir:1.18.3-otp-27
-    commands:
-      - mix_lock_hash=$(sha256sum mix.lock | cut -d ' ' -f 1)
-      - echo "$DRONE_REPO_OWNER/$DRONE_REPO_NAME/$mix_lock_hash" >> .cache_key
-      # Print cache key for debugging
-      - cat .cache_key
-
-  - name: restore-cache
-    image: drillster/drone-volume-cache
-    settings:
-      restore: true
-      mount:
-        - ./deps
-        - ./_build
-      ttl: 30
+  - name: build & publish container?
+    image: docker:dind
    volumes:
-      - name: cache
-        path: /cache
-
-  - name: lint
-    image: docker.io/library/elixir:1.18.3-otp-27
+      - name: dockersock
+        path: /var/run
    commands:
-      # Install hex package manager
-      - mix local.hex --force
-      # Fetch dependencies
-      - mix deps.get
-      # Check for compilation errors & warnings
-      - mix compile --warnings-as-errors
-      # Check formatting
-      - mix format --check-formatted
-      # Security checks
-      - mix sobelow --config
-      # Check dependencies for known vulnerabilities
-      - mix deps.audit
-      # Check for dependencies that are not maintained anymore
-      - mix hex.audit
-      # Provide hints for improving code quality
-      - mix credo
-
-  - name: wait_for_postgres
-    image: docker.io/library/postgres:17.5
-    commands:
-      # Wait for postgres to become available
-      - |
-        for i in {1..20}; do
-          if pg_isready -h postgres -U postgres; then
-            exit 0
-          else
-            true
-          fi
-          sleep 2
-        done
-        echo "Postgres did not become available, aborting."
-        exit 1
-
-  - name: test
-    image: docker.io/library/elixir:1.18.3-otp-27
-    environment:
-      MIX_ENV: test
-      TEST_POSTGRES_HOST: postgres
-      TEST_POSTGRES_PORT: 5432
-    commands:
-      # Install hex package manager
-      - mix local.hex --force
-      # Fetch dependencies
-      - mix deps.get
-      # Run tests
-      - mix test
-
-  - name: rebuild-cache
-    image: drillster/drone-volume-cache
-    settings:
-      rebuild: true
-      mount:
-        - ./deps
-        - ./_build
-    volumes:
-      - name: cache
-        path: /cache
+      - sleep 6 # give docker time to start
+      - docker build --tag git.local-it.org/ci-builder/mitgliederverwaltung:latest .
+      - docker login --username $DRONE_FORGEJO_ACCOUNT_USERNAME --password $DRONE_FORGEJO_ACCOUNT_PASSWORD git.local-it.org
+      - docker push git.local-it.org/ci-builder/mitgliederverwaltung:latest

 volumes:
  - name: cache
    host:
      path: /tmp/drone_cache

+  - name: dockersock
+    temp: {}
+
 ---
 kind: pipeline
 type: docker
@ -109,7 +48,6 @@ trigger:
  event:
    - cron
    - custom
-    - push
  branch:
    - main

--- a/.env.example
+++ b/.env.example
@ -0,0 +1 @@
+OIDC_CLIENT_SECRET=
--- a/README.md
+++ b/README.md
@ -1,2 +1,18 @@
 # mitgliederverwaltung

+## Testing SSO with rauthy
+
+1. `just run`
+1. go to [localhost:8080](http://localhost:8080), go to the Admin area
+1. Login with "admin@localhost" and password from `BOOTSTRAP_ADMIN_PASSWORD_PLAIN` in docker-compose.yml
+1. add client from the admin panel
+    - Client ID: mv
+    - redirect uris: http://localhost:4000/auth/user/rauthy/callback
+    - Authorization Flows: authorization_code
+    - allowed origins: http://localhost:4000
+    - access/id token algortihm: RS256 (EDDSA did not work for me, found just few infos in the ashauthentication docs)
+1. copy client secret to `.env` file
+1. abort and run `just run` again
+
+
+
--- a/lib/accounts/user.ex
+++ b/lib/accounts/user.ex
@ -65,6 +65,7 @@ defmodule Mv.Accounts.User do

    create :create_user do
      accept [:email]
+      upsert? true
    end

    update :update_user do
--- a/mix.lock
+++ b/mix.lock
@ -28,7 +28,7 @@
  "expo": {:hex, :expo, "1.1.0", "f7b9ed7fb5745ebe1eeedf3d6f29226c5dd52897ac67c0f8af62a07e661e5c75", [:mix], [], "hexpm", "fbadf93f4700fb44c331362177bdca9eeb8097e8b0ef525c9cc501cb9917c960"},
  "file_system": {:hex, :file_system, "1.1.0", "08d232062284546c6c34426997dd7ef6ec9f8bbd090eb91780283c9016840e8f", [:mix], [], "hexpm", "bfcf81244f416871f2a2e15c1b515287faa5db9c6bcf290222206d120b3d43f6"},
  "finch": {:hex, :finch, "0.20.0", "5330aefb6b010f424dcbbc4615d914e9e3deae40095e73ab0c1bb0968933cadf", [:mix], [{:mime, "~> 1.0 or ~> 2.0", [hex: :mime, repo: "hexpm", optional: false]}, {:mint, "~> 1.6.2 or ~> 1.7", [hex: :mint, repo: "hexpm", optional: false]}, {:nimble_options, "~> 0.4 or ~> 1.0", [hex: :nimble_options, repo: "hexpm", optional: false]}, {:nimble_pool, "~> 1.1", [hex: :nimble_pool, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "2658131a74d051aabfcba936093c903b8e89da9a1b63e430bee62045fa9b2ee2"},
-  "fine": {:hex, :fine, "0.1.2", "85cf7dd190c7c6c54c2840754ae977c9acc0417316255b674fad9f2678e4ecc7", [], [], "hexpm", "9113531982c2b60dbea6c7233917ddf16806947cd7104b5d03011bf436ca3072"},
+  "fine": {:hex, :fine, "0.1.2", "85cf7dd190c7c6c54c2840754ae977c9acc0417316255b674fad9f2678e4ecc7", [:mix], [], "hexpm", "9113531982c2b60dbea6c7233917ddf16806947cd7104b5d03011bf436ca3072"},
  "gettext": {:hex, :gettext, "0.26.2", "5978aa7b21fada6deabf1f6341ddba50bc69c999e812211903b169799208f2a8", [:mix], [{:expo, "~> 0.5.1 or ~> 1.0", [hex: :expo, repo: "hexpm", optional: false]}], "hexpm", "aa978504bcf76511efdc22d580ba08e2279caab1066b76bb9aa81c4a1e0a32a5"},
  "glob_ex": {:hex, :glob_ex, "0.1.11", "cb50d3f1ef53f6ca04d6252c7fde09fd7a1cf63387714fe96f340a1349e62c93", [:mix], [], "hexpm", "342729363056e3145e61766b416769984c329e4378f1d558b63e341020525de4"},
  "heroicons": {:git, "https://github.com/tailwindlabs/heroicons.git", "0435d4ca364a608cc75e2f8683d374e55abbae26", [tag: "v2.2.0", sparse: "optimized", depth: 1]},
--- a/priv/repo/seeds.exs
+++ b/priv/repo/seeds.exs
@ -4,6 +4,7 @@
 #

 alias Mv.Membership
+alias Mv.Accounts

 for attrs <- [
      %{
@ -41,3 +42,8 @@ for attrs <- [
    upsert_identity: :unique_name
  )
 end
+
+# Create admin user for testing
+Accounts.create_user!(%{email: "admin@mv.local"}, upsert?: true, upsert_identity: :unique_email)
+|> Ash.Changeset.for_update(:admin_set_password, %{password: "testpassword"})
+|> Ash.update!()
Author	SHA1	Message	Date
Rafael Epplée	92588cbef2	dropme: remove other drone tasks for faster debugging	2025-08-21 12:38:33 +02:00
Rafael Epplée	61dc095498	wip: feat(ci): Build docker container	2025-08-21 12:38:32 +02:00
Rafael Epplée	dd77be0388	Add seed script for admin user	2025-08-15 10:11:12 +02:00
carla	9e462a1c16	Merge pull request 'Add docs for testing SSO' (#101 ) from push-okkoxvykzxmz into main Reviewed-on: #101 Reviewed-by: carla <carla@noreply.git.local-it.org>	2025-08-14 16:57:25 +02:00
carla	11b8bac3c3	Merge branch 'main' into push-okkoxvykzxmz	2025-08-14 16:55:21 +02:00
Rafael Epplée	c7bdd5501d	Dont run renovate on every push	2025-08-14 14:24:02 +02:00
Rafael Epplée	1782210950	docs: Add docs for testing SSO Some checks are pending continuous-integration/drone/push Build is pending Details	2025-08-14 13:45:41 +02:00
Rafael Epplée	2818a00548	docs: Add .env.example file	2025-08-14 13:38:52 +02:00