Filtering in front of HTTPX calls is less secure, because it's vulnerable to
DNS rebinding. In addition to that it's also duplicate work, because all affected
callsites would have to make sure to "remember" SSRF filtering.
This SSRF filter is inspired by the original HTTPX SSRF Filter, but using our custom
IP address matcher that allows to configure safe IP addresses or ranges.
The serve:test command was broken, because it
used an unsupported command-line option. Thus the
frontend container would not start at all, thus breaking asset
delivery during tests.
A healthcheck was introduced as well, so that a non starting frontend
container is easier to spot going forward.
It seems to be fine to have these ports settings as well as
__VITE_ADDITIONAL_SERVER_ALLOWED_HOSTS envvar set in docker-compose.yml
directly. So, there is less to override to get your docker TLS dev stack working.
The latest upgrades to our frontend stack prohibited access through the
openproject.local hostname and also caused trouble with the previous setup
where the frontend stack would proxy requests to the backend.
Thus the default setup was now changed so that both frontend and backend
are exposed to the browser via different hostnames. The main service to start
will be the backend, which will redirect requests to certain assets to the frontend
service (this was already integrated into the rails routes previously).
fix: Replace unsupported repeated yaml anchors with merge
`docker compose` v2.17.2 fails with the following syntax error due to
go/yaml/v3 update.
```sh
❯ docker compose config
yaml: unmarshal errors:
line 40: mapping key "<<" already defined at line 39
line 40: mapping key "<<" already defined at line 39
line 40: mapping key "<<" already defined at line 39
```
"goyaml/v3 does not support repeated anchors (due to internal storage
using << as key during parsing) but allows use of multi-values in
anchors"
See: https://github.com/docker/compose/issues/10411#issuecomment-1488019350https://yaml.org/type/merge.html
If you have a `.env` file in the repository that specifies mal settings,
these can overwrite the default mailing settings for the testing setup.
This commit explicitly sets the appropriate env variable correctly.
Squash commit of storybook addition to aid design system documentation efforts.
The older commit titles were:
* Initial storybook commit
* Fix documentation.json links
* Don't track documentation.json in git
* Enable sass in storybook
* Initial version of a story that uses angular components
* Remove example stories, clean up button story
* More example stories
* Fix sb build
* Always use dev
* Try without auth header
* Update workflow name
* More logs
* Check if token set
* Use release/storybook branch for testing
* Send ref input to workflow
* Escape input to curl call
* Adding logging
* Different type of escaping
* Fix JOSN
* Use dev branch for opf/design-system storybook publishing
* Add plugin to message path to parent window
* Remove extraneous story
* Add a ton of docs
* Update stories
* Fix syntax error caused by multiple newlines inside of a JSX component
* Add text-field story
* Add basic html stories that don't work yet
* Try to get plain HTML examples working
* HTML Examples work, but slowly revert to components anyway
* Fix HTML examples
* Remove extraneous files
* Put storybook eslint rules back in
* Improve docs
* Show docs tab by default
* Add pullpreview for storybook
* Use the same pullpreview tag for both storybook and normal deployments
* Change name of second pullpreview workflow
* Pin node version to 16.17.0
* Initial update to docs
Added/updated:
Foundation pages:
- Colours (major update)
- Shadows (minor)
- Typography (new)
Blocks
- Checkbox (minor)
- Action bar (major)
- Buttons (new)
- Link (major)
- Modal Dialogue (new)
- Selector Field (new)
* Make sure all code is available during storybook pp build
* Change storybook pullpreview file name
* Add production target to docker-compose sb pp
* Fix acme check for sb pp
* Only run cd-storybook on dev branch
* Run without https on 8080
* Added intro and new page
- Introduction renamed to "Design System", page rewritten completely
- Added page "Devices and Accessibility"
* Remove domain from caddy
* Add port to listen command
* Remove double pullpreview workflows
* Added Divider component
* Change sorting of stories
* Update section titles and order for styles and blocks
* add extra action bar story
* Updated organising + new page
- Updated organisation into Styles, Components and Patterns.
- Added page "Using Storybook" (mostly a skeleton for now)
* Added note about colours not being implemented yet
* Minor
Co-authored-by: Parimal Satyal <88370597+psatyal@users.noreply.github.com>
* Add basic assignee autocompleter
* Add basic principal store
* Improve Principal typing, working principal adding in resource table
* Small improvements to comments
* Simpler handling
* Better add button
* Add assignee remove button
* Basic spec
* Working team planner assignee spec
* Spec is a little better
* Fixed work package loading and specs
* Fix linting issues
* Fix linting issues
* Fix spec
* Remove @ts-ignore usage
Co-authored-by: Oliver Günther <mail@oliverguenther.de>
Co-authored-by: Oliver Günther <mail@oliverguenther.de>
Commit e37b29b8fc updated the selenium driver and webdriver from v3 to v4, but failed to address local docker
development. This commit updatesthe docker selenium setup, and pins the docker images to a specific version, something
that wasn't done before.
* Lazy load prettier dependency
* Remove tickety-tick-formatter completely
* Also escape dollar signs
* Fix branch name formatting
* Reduce commit message transformation for git-actions service to make it more in line with the tickety-tick formatter
* Update git commit formatter
* More fixes to formatter
* Fix regexes to work globally
* Also remove quotes from branch names
* Still trying to get these specs green
* Another tyr
Jan Sandbrink