forked from baron/baron-sso
137 lines
8.5 KiB
Bash
137 lines
8.5 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
|
|
COMPOSE_FILE="$ROOT_DIR/docker-compose.yaml"
|
|
USERFRONT_DOCKERFILE="$ROOT_DIR/userfront/Dockerfile"
|
|
USERFRONT_DEV_SERVER="$ROOT_DIR/userfront/scripts/dev-server.sh"
|
|
|
|
fail() {
|
|
echo "ERROR: $*" >&2
|
|
exit 1
|
|
}
|
|
|
|
assert_contains() {
|
|
local pattern="$1"
|
|
grep -Fq -- "$pattern" "$COMPOSE_FILE" || fail "docker-compose.yaml must contain: $pattern"
|
|
}
|
|
|
|
assert_not_contains() {
|
|
local pattern="$1"
|
|
if grep -Fq -- "$pattern" "$COMPOSE_FILE"; then
|
|
fail "docker-compose.yaml must not contain stale frontend mount: $pattern"
|
|
fi
|
|
}
|
|
|
|
assert_service_contains() {
|
|
local service="$1"
|
|
local pattern="$2"
|
|
awk -v service=" $service:" '
|
|
$0 == service { in_service = 1; next }
|
|
in_service && /^ [[:alnum:]_-]+:/ { in_service = 0 }
|
|
in_service { print }
|
|
' "$COMPOSE_FILE" | grep -Fq -- "$pattern" || fail "$service service must contain: $pattern"
|
|
}
|
|
|
|
assert_service_not_contains() {
|
|
local service="$1"
|
|
local pattern="$2"
|
|
if awk -v service=" $service:" '
|
|
$0 == service { in_service = 1; next }
|
|
in_service && /^ [[:alnum:]_-]+:/ { in_service = 0 }
|
|
in_service { print }
|
|
' "$COMPOSE_FILE" | grep -Fq -- "$pattern"; then
|
|
fail "$service service must not contain: $pattern"
|
|
fi
|
|
}
|
|
|
|
for app in adminfront devfront orgfront; do
|
|
assert_contains "./$app:/workspace/$app"
|
|
assert_contains "/workspace/$app/node_modules"
|
|
assert_not_contains "./$app:/app"
|
|
assert_service_contains "$app" "target: dev"
|
|
assert_service_contains "$app" "working_dir: /workspace/$app"
|
|
assert_service_contains "$app" 'command: ["npm", "run", "dev", "--", "--host", "0.0.0.0", "--port",'
|
|
assert_service_contains "$app" 'DEV_SERVER_WATCH_POLLING=${DEV_SERVER_WATCH_POLLING:-true}'
|
|
assert_service_not_contains "$app" "serve_frontend_prod.mjs"
|
|
grep -Fq -- "FROM deps AS dev" "$ROOT_DIR/$app/Dockerfile" || fail "$app Dockerfile must define a deps-based dev target"
|
|
grep -Fq -- 'CMD ["npm", "run", "dev", "--", "--host", "0.0.0.0", "--port",' "$ROOT_DIR/$app/Dockerfile" || fail "$app Dockerfile dev target must run Vite dev server"
|
|
grep -Fq -- "FROM deps AS build" "$ROOT_DIR/$app/Dockerfile" || fail "$app Dockerfile must keep production build separate from dev"
|
|
grep -Fq -- "FROM node:24-alpine AS production" "$ROOT_DIR/$app/Dockerfile" || fail "$app Dockerfile must keep production static serving target"
|
|
done
|
|
|
|
assert_contains 'target: ${USERFRONT_BUILD_TARGET:-dev}'
|
|
assert_contains "./userfront/lib:/workspace/userfront/lib"
|
|
assert_contains "./userfront/assets:/workspace/userfront/assets"
|
|
assert_contains "./userfront/web:/workspace/userfront/web"
|
|
assert_contains "./userfront/scripts:/workspace/userfront/scripts:ro"
|
|
assert_contains "./scripts:/workspace/scripts:ro"
|
|
assert_contains "./locales:/workspace/locales:ro"
|
|
grep -Fq -- "AS dev" "$USERFRONT_DOCKERFILE" || fail "userfront Dockerfile must define a dev build target"
|
|
grep -Fq -- "AS production" "$USERFRONT_DOCKERFILE" || fail "userfront Dockerfile must keep an explicit production target"
|
|
grep -Fq -- "flutter run" "$USERFRONT_DEV_SERVER" || fail "userfront dev server must use flutter run"
|
|
grep -Fq -- "--wasm" "$USERFRONT_DEV_SERVER" || fail "userfront dev server must keep WebAssembly enabled"
|
|
grep -Fq -- "--dart-define=BACKEND_URL=" "$USERFRONT_DEV_SERVER" || fail "userfront dev server must pass backend URL through dart-define"
|
|
grep -Fq -- "--dart-define=CLIENT_LOG_DEBUG=" "$USERFRONT_DEV_SERVER" || fail "userfront dev server must pass client log debug mode through dart-define"
|
|
grep -Fq -- "--dart-define=APP_ENV=" "$USERFRONT_DEV_SERVER" || fail "userfront dev server must pass app env through dart-define"
|
|
grep -Fq -- "--dart-define=USERFRONT_URL=" "$USERFRONT_DEV_SERVER" || fail "userfront dev server must pass userfront URL through dart-define"
|
|
grep -Fq -- 'USERFRONT_FLUTTER_RUN_FLAGS' "$USERFRONT_DEV_SERVER" || fail "userfront dev server must accept optional Flutter run flags"
|
|
grep -Fq -- 'USERFRONT_FLUTTER_RUN_FLAGS="${USERFRONT_FLUTTER_RUN_FLAGS:---debug}"' "$USERFRONT_DEV_SERVER" || fail "userfront dev server must keep Flutter debug mode as the default"
|
|
grep -Fq -- 'warm_userfront_once' "$USERFRONT_DEV_SERVER" || fail "userfront dev server must run a one-shot boot warmup"
|
|
grep -Fq -- 'rm -rf build/web' "$USERFRONT_DEV_SERVER" || fail "userfront dev server must remove stale build/web before flutter run"
|
|
grep -Fq -- 'USERFRONT_BOOT_BUILD_MARKER' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must track the current flutter run build start"
|
|
grep -Fq -- 'USERFRONT_BOOT_LOG' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must capture flutter run output"
|
|
grep -Fq -- 'wait_for_userfront_serve_log' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must wait for Flutter serve completion log"
|
|
grep -Fq -- 'lib/main.dart is being served at' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must start only after Flutter serves main.dart"
|
|
grep -Fq -- 'tee "$USERFRONT_BOOT_LOG"' "$USERFRONT_DEV_SERVER" || fail "userfront dev server must preserve flutter output while tracking serve readiness"
|
|
grep -Fq -- '-nt "$USERFRONT_BOOT_BUILD_MARKER"' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must only accept build/web from the current flutter run"
|
|
grep -Fq -- 'USERFRONT_BOOT_WARMUP_LOCALES' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must declare the language matrix"
|
|
grep -Fq -- 'USERFRONT_BOOT_WARMUP_VIEWPORTS' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must declare the viewport matrix"
|
|
grep -Fq -- 'Accept-Language:' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must GET each route with the locale header"
|
|
grep -Fq -- 'Viewport-Width:' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must GET each route with viewport width metadata"
|
|
grep -Fq -- '/signin' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must cover signin routes"
|
|
grep -Fq -- '/flutter_bootstrap.js' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must load the Flutter bootstrap entrypoint"
|
|
grep -Fq -- 'warm_flutter_bootstrap_assets' "$USERFRONT_DEV_SERVER" || fail "userfront boot warmup must discover hashed Flutter assets from flutter_bootstrap.js"
|
|
if grep -Fq -- '/main.dart.mjs' "$USERFRONT_DEV_SERVER" || grep -Fq -- '/main.dart.wasm' "$USERFRONT_DEV_SERVER"; then
|
|
fail "userfront boot warmup must not use stale unversioned Flutter wasm entrypoint paths"
|
|
fi
|
|
if grep -Fq -- 'client.navigate' "$USERFRONT_DEV_SERVER"; then
|
|
fail "userfront dev service worker reset must not navigate clients during Flutter bootstrap"
|
|
fi
|
|
grep -Fq -- 'disable_userfront_dev_service_worker' "$USERFRONT_DEV_SERVER" || fail "userfront dev boot must disable Flutter service worker navigation loops"
|
|
warmup_timer_line="$(grep -nF 'started_at="$(date +%s)"' "$USERFRONT_DEV_SERVER" | cut -d: -f1)"
|
|
warmup_start_log_line="$(grep -nF 'one-shot warmup starting' "$USERFRONT_DEV_SERVER" | cut -d: -f1)"
|
|
http_readiness_skip_line="$(grep -nF 'readiness attempts' "$USERFRONT_DEV_SERVER" | tail -n 1 | cut -d: -f1)"
|
|
if [ "$warmup_timer_line" -le "$http_readiness_skip_line" ] || [ "$warmup_timer_line" -ge "$warmup_start_log_line" ]; then
|
|
fail "userfront warmup timer must start after current Flutter server readiness and immediately before warmup start log"
|
|
fi
|
|
assert_contains 'CLIENT_LOG_DEBUG=${CLIENT_LOG_DEBUG:-false}'
|
|
assert_contains 'BACKEND_URL=${BACKEND_URL:-}'
|
|
assert_contains 'USERFRONT_URL=${USERFRONT_URL}'
|
|
assert_contains 'USERFRONT_FLUTTER_RUN_FLAGS=${USERFRONT_FLUTTER_RUN_FLAGS:-}'
|
|
if grep -Fq -- "while true" "$USERFRONT_DEV_SERVER"; then
|
|
fail "userfront boot warmup must not run as a periodic health check"
|
|
fi
|
|
if grep -Fq -- "--release" "$USERFRONT_DEV_SERVER"; then
|
|
fail "userfront dev server must not run Flutter in release mode"
|
|
fi
|
|
|
|
assert_contains "./common:/workspace/common"
|
|
assert_contains "/workspace/common/node_modules"
|
|
assert_contains "./locales:/workspace/locales"
|
|
|
|
for runtime in \
|
|
"$ROOT_DIR/adminfront/scripts/runtime-mode.sh" \
|
|
"$ROOT_DIR/devfront/scripts/runtime-mode.sh" \
|
|
"$ROOT_DIR/orgfront/scripts/runtime-mode.sh"
|
|
do
|
|
grep -Fq -- "/workspace/common" "$runtime" || fail "$runtime must install dependencies from /workspace/common"
|
|
grep -Fq -- "pnpm install --filter" "$runtime" || fail "$runtime must install only its workspace slice"
|
|
grep -Fq -- "--frozen-lockfile --ignore-scripts" "$runtime" || fail "$runtime must preserve the workspace lockfile with pnpm"
|
|
if grep -Fq -- "npm install --no-workspaces" "$runtime"; then
|
|
fail "$runtime must not install common dependencies outside the workspace graph"
|
|
fi
|
|
done
|
|
|
|
echo "OK: frontend dev containers bind-mount source into Dockerfile WORKDIR paths"
|