feat: test 2

feat: github workflow for api diff check, ts check and lint check on PR

.github/workflows/check-api-for-breaking-changes.yml

@@ -0,0 +1,49 @@
+name: "Check Backend Breaking API Changes"
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+    paths:
+      - "backend/src/server/routes/**"
+
+jobs:
+  check-be-api-changes:
+    name: Check API Changes
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@v3
+      - name: Setup Node 20
+        uses: actions/setup-node@v3
+        with:
+          node-version: "20"
+      # uncomment this when testing locally using nektos/act
+      # - uses: KengoTODA/actions-setup-docker-compose@v1
+      #   if: ${{ env.ACT }}
+      #   name: Install `docker-compose` for local simulations
+      #   with:
+      #     version: "2.14.2"
+      - name: 📦Build the latest image
+        run: docker build --tag infisical-api .
+        working-directory: backend
+      - name: Start postgres and redis
+        run: touch .env && docker-compose -f "docker-compose.pg.yml" up db redis -d
+      - name: Start the server
+        run: docker run --name infisical-api -d -p 4000:4000 -e DB_CONNECTION_URI=$DB_CONNECTION_URI -e REDIS_URL=$REDIS_URL -e JWT_AUTH_SECRET=$JWT_AUTH_SECRET --entrypoint '/bin/sh' infisical-api -c "npm run migration:latest && ls && node dist/main.mjs"
+        env:
+          REDIS_URL=redis://host.docker.internal:6379
+          DB_CONNECTION_URI=postgres://infisical:infisical@host.docker.internal:5432/infisical?sslmode=disable
+          JWT_AUTH_SECRET=something-random
+      - name: Install openapi api diff
+        run: npm install -g openapi-diff
+      - name: Wait for containers to be stable
+        run: timeout 60s sh -c 'until docker ps | grep infisical-api | grep -q healthy; do echo "Waiting for container to be healthy..."; sleep 2; done'
+      - name: Get changes made in API
+        id: openapi-diff
+        run: openapi-diff https://app.infisical.com/api/docs/json http://localhost:4000/api/docs/json
+      - name: cleanup
+        run: | 
+          docker-compose -f "docker-compose.pg.yml" down
+          docker stop infisical-api
+          docker remove infisical-api

.github/workflows/check-be-pull-request.yml

@@ -1,43 +0,0 @@
-name: "Check Backend Pull Request"
-
-on:
-  pull_request:
-    types: [opened, synchronize]
-    paths:
-      - "backend/**"
-      - "!backend/README.md"
-      - "!backend/.*"
-      - "backend/.eslintrc.js"
-
-jobs:
-  check-be-pr:
-    name: Check
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-
-    steps:
-      - name: ☁️ Checkout source
-        uses: actions/checkout@v3
-      - name: 🔧 Setup Node 16
-        uses: actions/setup-node@v3
-        with:
-          node-version: "16"
-          cache: "npm"
-          cache-dependency-path: backend/package-lock.json
-      - name: 📦 Install dependencies
-        run: npm ci --only-production
-        working-directory: backend
-      # - name: 🧪 Run tests
-      #   run: npm run test:ci
-      #   working-directory: backend
-      # - name: 📁 Upload test results
-      #   uses: actions/upload-artifact@v3
-      #   if: always()
-      #   with:
-      #     name: be-test-results
-      #     path: |
-      #       ./backend/reports
-      #       ./backend/coverage
-      - name: 🏗️ Run build
-        run: npm run build
-        working-directory: backend

.github/workflows/check-be-ts-and-lint.yml

@@ -0,0 +1,35 @@
+name: "Check Backend PR types and lint"
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+    paths:
+      - "backend/**"
+      - "!backend/README.md"
+      - "!backend/.*"
+      - "backend/.eslintrc.js"
+
+jobs:
+  check-be-pr:
+    name: Check TS and Lint
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+
+    steps:
+      - name: ☁️ Checkout source
+        uses: actions/checkout@v3
+      - name: 🔧 Setup Node 20
+        uses: actions/setup-node@v3
+        with:
+          node-version: "20"
+          cache: "npm"
+          cache-dependency-path: backend/package-lock.json
+      - name: Install dependencies
+        run: npm install
+        working-directory: backend
+      - name: Run type check
+        run: npm run type:check
+        working-directory: backend
+      - name: Run lint check
+        run: npm run lint
+        working-directory: backend

backend/src/ee/services/license/license-service.ts

@@ -44,7 +44,7 @@ type TLicenseServiceFactoryDep = {
 export type TLicenseServiceFactory = ReturnType<typeof licenseServiceFactory>;
 
 const LICENSE_SERVER_CLOUD_LOGIN = "/api/auth/v1/license-server-login";
-const LICENSE_SERVER_ON_PREM_LOGIN = "/api/auth/v1/licence-login";
+const LICENSE_SERVER_ON_PREM_LOGIN = "/api/auth/v1/license-login";
 
 const FEATURE_CACHE_KEY = (orgId: string, projectId?: string) => `${orgId}-${projectId || ""}`;
 export const licenseServiceFactory = ({ orgDAL, permissionService, licenseDAL }: TLicenseServiceFactoryDep) => {
@@ -92,7 +92,7 @@ export const licenseServiceFactory = ({ orgDAL, permissionService, licenseDAL }:
       // else it would reach catch statement
       isValidLicense = true;
     } catch (error) {
-      logger.error(`init-license: encountered an error when init license [error]`, error);
+      logger.error(error, `init-license: encountered an error when init license`);
     }
   };
 

backend/src/lib/config/env.ts

@@ -95,7 +95,7 @@ const envSchema = z
     SECRET_SCANNING_GIT_APP_ID: zpStr(z.string().optional()),
     SECRET_SCANNING_PRIVATE_KEY: zpStr(z.string().optional()),
     // LICENCE
-    LICENSE_SERVER_URL: zpStr(z.string().optional()),
+    LICENSE_SERVER_URL: zpStr(z.string().optional().default("https://portal.infisical.com")),
     LICENSE_SERVER_KEY: zpStr(z.string().optional()),
     LICENSE_KEY: zpStr(z.string().optional()),
     STANDALONE_MODE: z

backend/src/server/routes/v3/secret-router.ts

@@ -39,8 +39,6 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
     method: "GET",
     schema: {
       querystring: z.object({
-        workspaceId: z.string().trim().optional(),
-        environment: z.string().trim().optional(),
         secretPath: z.string().trim().default("/").transform(removeTrailingSlash),
         include_imports: z
           .enum(["true", "false"])
@@ -606,12 +604,11 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
             secret: SecretsSchema.omit({ secretBlindIndex: true }).merge(
               z.object({
                 _id: z.string(),
-                workspace: z.string(),
+                workspace: z.string()
-                environment: z.string()
               })
             )
           }),
-          z.object({ approval: SecretApprovalRequestsSchema }).describe("When secret protection policy is enabled")
+          z.object({ approval: SecretApprovalRequestsSchema }).describe("Whennn secret protection policy is enabled")
         ])
       }
     },

backend/src/services/secret/secret-service.ts

@@ -549,7 +549,7 @@ export const secretServiceFactory = ({
       secretType = SecretType.Shared;
     }
 
-    const secret = await (typeof version === undefined
+    const secret = await (version === undefined
       ? secretDAL.findOne({
           folderId,
           type: secretType,

docker-compose.pg.yml

@@ -62,8 +62,11 @@ services:
       dockerfile: Dockerfile.dev
     depends_on:
       - db
+      - redis
     env_file:
       - .env
+    ports:
+      - 4000:4000
     environment:
       - NODE_ENV=development
       - DB_CONNECTION_URI=postgres://infisical:infisical@db/infisical?sslmode=disable

frontend/src/layouts/AppLayout/AppLayout.tsx

@@ -272,7 +272,7 @@ export const AppLayout = ({ children }: LayoutProps) => {
       createNotification({ text: "Failed to create workspace", type: "error" });
     }
   };
-
+  
   return (
     <>
       <div className="dark hidden h-screen w-full flex-col overflow-x-hidden md:flex">
@@ -604,16 +604,18 @@ export const AppLayout = ({ children }: LayoutProps) => {
                           </MenuItem>
                         </a>
                       </Link>
-                      <Link href={`/org/${currentOrg?.id}/billing`} passHref>
+                      {(window.location.origin.includes("https://app.infisical.com")) && (
-                        <a>
+                        <Link href={`/org/${currentOrg?.id}/billing`} passHref>
-                          <MenuItem
+                          <a>
-                            isSelected={router.asPath === `/org/${currentOrg?.id}/billing`}
+                            <MenuItem
-                            icon="system-outline-103-coin-cash-monetization"
+                              isSelected={router.asPath === `/org/${currentOrg?.id}/billing`}
-                          >
+                              icon="system-outline-103-coin-cash-monetization"
-                            Usage & Billing
+                            >
-                          </MenuItem>
+                              Usage & Billing
-                        </a>
+                            </MenuItem>
-                      </Link>
+                          </a>
+                        </Link>
+                      )}
                       <Link href={`/org/${currentOrg?.id}/settings`} passHref>
                         <a>
                           <MenuItem