letsbe/letsbe-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Audit remediation + Stripe webhook + test suites
Some checks failed
Build and Push Docker Image / lint-and-typecheck (push) Failing after 1m47s
Details
Build and Push Docker Image / build (push) Has been skipped
Details

Browse Source 
- Apply 3 Prisma schema changes (Pending2FASession, hubApiKeyHash, SecurityVerificationCode attempts)
- Add Stripe webhook handler (checkout.session.completed -> User + Subscription + Order)
- Add stripe-service, api-key-service, rate-limit middleware
- Add security headers (CSP, HSTS, X-Frame-Options) in next.config.ts
- Harden auth routes, require ADMIN_API_KEY for orchestrator endpoints
- Add Docker auto-migration via startup.sh
- Add 7 unit test suites (api-key, dns, config-generator, automation-worker, permission, security-verification, auth-helpers)
- Fix Prisma 7 compatibility with adapter-pg mock for vitest

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Matt
2026-02-07 08:02:33 +01:00
parent bcc1e17934
commit 1c96c3a85e
36 changed files with 3255 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
Dockerfile
View File

@@ -9,8 +9,9 @@ WORKDIR /app
COPY package.json package-lock.json* ./
RUN npm install
# Generate Prisma Client
# Generate Prisma Client (Prisma 7 uses prisma.config.mjs for datasource URL)
COPY prisma ./prisma/
COPY prisma.config.mjs ./
RUN npx prisma generate
# Rebuild the source code only when needed
@@ -61,14 +62,20 @@ RUN chown nextjs:nodejs .next
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
# Copy Prisma (client, schema, and config for migrations)
# Copy Prisma client and schema (for runtime + migrations)
COPY --from=deps /app/node_modules/.prisma ./node_modules/.prisma
COPY --from=deps /app/node_modules/@prisma ./node_modules/@prisma
COPY prisma ./prisma/
COPY prisma.config.mjs ./
# Install Prisma CLI and dotenv globally for migrations
RUN npm install -g prisma@7 dotenv
# Install Prisma CLI globally for running migrations on startup
# (copying just node_modules/prisma misses transitive deps like valibot)
RUN npm install -g prisma@7
# Copy startup script (runs migrations before starting app)
# Use tr to strip Windows CRLF line endings (more reliable than sed on Alpine)
COPY startup.sh /tmp/startup.sh
RUN tr -d '\r' < /tmp/startup.sh > startup.sh && chmod +x startup.sh && rm /tmp/startup.sh
USER nextjs
@@ -77,4 +84,4 @@ EXPOSE 3000
ENV PORT=3000
ENV HOSTNAME="0.0.0.0"
CMD ["node", "server.js"]
CMD ["./startup.sh"]