cleanup

2025-08-11 13:19:21 +00:00 · 2025-08-04 22:36:41 -07:00
parent 0f9f8697e2
commit 7ecfd8759b
39 changed files with 493 additions and 1486 deletions
--- a/.devcontainer/base/Dockerfile
+++ b/.devcontainer/base/Dockerfile
@@ -1,16 +0,0 @@
-FROM mcr.microsoft.com/devcontainers/typescript-node:20-bookworm
-
-ENV SHELL=/bin/bash \
-    DEBIAN_FRONTEND=noninteractive \
-    LANG=C.UTF-8 \
-    LC_ALL=C.UTF-8 \
-    CI=1 \
-    PNPM_HOME=/home/node/.local/share/pnpm \
-    PATH=/home/node/.local/share/pnpm:$PATH
-
-
-RUN apt-get update && \
-    apt-get --no-install-recommends install -y \
-    libgtk2.0-0 libgtk-3-0 libgbm-dev libnotify-dev libnss3 libxss1 libasound2 libxtst6 xauth xvfb && \
-    apt-get clean && \
-    corepack enable && COREPACK_ENABLE_DOWNLOAD_PROMPT=0 corepack prepare pnpm@9.1.2 --activate
--- a/.devcontainer/base/devcontainer.json
+++ b/.devcontainer/base/devcontainer.json
@@ -1,28 +0,0 @@
-{
-	"$schema": "https://raw.githubusercontent.com/devcontainers/spec/refs/heads/main/schemas/devContainer.schema.json",
-	"name": "devcontainer",
-	"dockerComposeFile": "docker-compose.yml",
-	"service": "devcontainer",
-	"workspaceFolder": "/workspaces",
-	"features": {
-		"ghcr.io/devcontainers/features/go:1": {
-			"version": "1.24"
-		},
-		"ghcr.io/guiyomh/features/golangci-lint:0": {},
-		"ghcr.io/jungaretti/features/make:1": {}
-	},
-	"forwardPorts": [
-		3000,
-		3001,
-		4200,
-		8080
-	],
-	"onCreateCommand": "pnpm install -g sass@1.64.1",
-	"customizations": {
-		"jetbrains": {
-			"settings": {
-				"com.intellij:app:HttpConfigurable.use_proxy_pac": true
-			}
-		}
-	}
-}
--- a/.devcontainer/base/docker-compose.yml
+++ b/.devcontainer/base/docker-compose.yml
@@ -1,239 +0,0 @@
-x-build-cache: &build-cache
-  cache_from:
-    - type=gha
-  cache_to:
-    - type=gha,mode=max
-
-services:
-
-  devcontainer:
-    container_name: devcontainer
-    build:
-      context: .
-      <<: *build-cache
-    volumes:
-      - ../../:/workspaces:cached
-      - /tmp/.X11-unix:/tmp/.X11-unix:cached
-      - home-dir:/home/node:delegated
-    command: sleep infinity
-    working_dir: /workspaces
-    environment:
-      ZITADEL_DATABASE_POSTGRES_HOST: db
-      ZITADEL_EXTERNALSECURE: false
-
-  db:
-    container_name: db
-    image: postgres:17.0-alpine3.19
-    restart: unless-stopped
-    volumes:
-      - postgres-data:/var/lib/postgresql/data
-    environment:
-      PGUSER: postgres
-      POSTGRES_PASSWORD: postgres
-    healthcheck:
-      test: [ "CMD-SHELL", "pg_isready" ]
-      interval: "10s"
-      timeout: "30s"
-      retries: 5
-      start_period: "20s"
-    ports:
-      - "5432:5432"
-
-  mock-zitadel:
-    container_name: mock-zitadel
-    build:
-      context: ../../apps/login/integration/core-mock
-      <<: *build-cache
-    ports:
-      - 22220:22220
-      - 22222:22222
-
-  login-integration:
-    container_name: login-integration
-    build:
-      context: ../..
-      dockerfile: build/login/Dockerfile
-      <<: *build-cache
-    image: "${LOGIN_TAG:-zitadel-login:local}"
-    env_file: ../../apps/login/.env.test
-    network_mode: service:devcontainer
-    environment:
-      NODE_ENV: test
-      PORT: 3001
-    depends_on:
-      mock-zitadel:
-        condition: service_started
-
-  zitadel:
-    image: "${ZITADEL_TAG:-ghcr.io/zitadel/zitadel:v4.0.0-rc.2}"
-    container_name: zitadel
-    command: 'start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --config /zitadel.yaml --steps /zitadel.yaml'
-    volumes:
-      - ../../apps/login/acceptance/pat:/pat:delegated
-      - ../../apps/login/acceptance/zitadel.yaml:/zitadel.yaml:cached
-    network_mode: service:devcontainer
-    healthcheck:
-      test:
-        - CMD
-        - /app/zitadel
-        - ready
-        - --config
-        - /zitadel.yaml
-    depends_on:
-      db:
-        condition: "service_healthy"
-
-  configure-login:
-    container_name: configure-login
-    restart: no
-    build:
-      context: ../../apps/login/acceptance/setup
-      dockerfile: ../go-command.Dockerfile
-      <<: *build-cache
-    entrypoint: "./setup.sh"
-    network_mode: service:devcontainer
-    environment:
-      PAT_FILE: /pat/zitadel-admin-sa.pat
-      ZITADEL_API_URL: http://localhost:8080
-      WRITE_ENVIRONMENT_FILE: /login-env/.env.test.local
-      SINK_EMAIL_INTERNAL_URL: http://sink:3333/email
-      SINK_SMS_INTERNAL_URL: http://sink:3333/sms
-      SINK_NOTIFICATION_URL: http://sink:3333/notification
-      LOGIN_BASE_URL: http://localhost:3000/ui/v2/login/
-      ZITADEL_API_DOMAIN: localhost
-      ZITADEL_ADMIN_USER: zitadel-admin@zitadel.localhost
-    volumes:
-      - ../../apps/login/acceptance/pat:/pat:cached # Read the PAT file from zitadels setup
-      - ../../apps/login:/login-env:delegated # Write the environment variables file for the login
-    depends_on:
-      zitadel:
-        condition: "service_healthy"
-
-  login-acceptance:
-    container_name: login
-    image: "${LOGIN_TAG:-ghcr.io/zitadel/zitadel-login:v4.0.0-rc.2}"
-    network_mode: service:devcontainer
-    volumes:
-      - ../../apps/login/.env.test.local:/env-files/.env:cached
-    depends_on:
-      configure-login:
-        condition: service_completed_successfully
-
-  mock-notifications:
-    container_name: mock-notifications
-    build:
-      context: ../../apps/login/acceptance/sink
-      dockerfile: ../go-command.Dockerfile
-      args:
-        - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
-      <<: *build-cache
-    environment:
-      PORT: '3333'
-    command:
-      - -port
-      - '3333'
-      - -email
-      - '/email'
-      - -sms
-      - '/sms'
-      - -notification
-      - '/notification'
-    ports:
-      - "3333:3333"
-    depends_on:
-      configure-login:
-        condition: "service_completed_successfully"
-
-  mock-oidcrp:
-    container_name: mock-oidcrp
-    build:
-      context: ../../apps/login/acceptance/oidcrp
-      dockerfile: ../go-command.Dockerfile
-      args:
-        - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
-      <<: *build-cache
-    network_mode: service:devcontainer
-    environment:
-      API_URL: 'http://localhost:8080'
-      API_DOMAIN: 'localhost'
-      PAT_FILE: '/pat/zitadel-admin-sa.pat'
-      LOGIN_URL: 'http://localhost:3000/ui/v2/login'
-      ISSUER: 'http://localhost:8000'
-      HOST: 'localhost'
-      PORT: '8000'
-      SCOPES: 'openid profile email'
-    volumes:
-      - ../../apps/login/acceptance/pat:/pat:cached
-    depends_on:
-      configure-login:
-        condition: "service_completed_successfully"
-
-  #  mock-oidcop:
-  #    container_name: mock-oidcop
-  #    build:
-  #      context: ../../apps/login/acceptance/idp/oidc
-  #      dockerfile: ../../go-command.Dockerfile
-  #      args:
-  #        - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
-  #      <<: *build-cache
-  #    network_mode: service:devcontainer
-  #    environment:
-  #      API_URL: 'http://localhost:8080'
-  #      API_DOMAIN: 'localhost'
-  #      PAT_FILE: '/pat/zitadel-admin-sa.pat'
-  #      SCHEMA: 'http'
-  #      HOST: 'localhost'
-  #      PORT: "8004"
-  #    volumes:
-  #      - "../apps/login/packages/acceptance/pat:/pat:cached"
-  #    depends_on:
-  #      configure-login:
-  #        condition: "service_completed_successfully"
-
-  mock-samlsp:
-    container_name: mock-samlsp
-    build:
-      context: ../../apps/login/acceptance/samlsp
-      dockerfile: ../go-command.Dockerfile
-      args:
-        - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
-      <<: *build-cache
-    network_mode: service:devcontainer
-    environment:
-      API_URL: 'http://localhost:8080'
-      API_DOMAIN: 'localhost'
-      PAT_FILE: '/pat/zitadel-admin-sa.pat'
-      LOGIN_URL: 'http://localhost:3000/ui/v2/login'
-      IDP_URL: 'http://localhost:8080/saml/v2/metadata'
-      HOST: 'http://localhost:8001'
-      PORT: '8001'
-    volumes:
-      - "../apps/login/packages/acceptance/pat:/pat:cached"
-    depends_on:
-      configure-login:
-        condition: "service_completed_successfully"
-  #  mock-samlidp:
-  #    container_name: mock-samlidp
-  #    build:
-  #      context: ../../apps/login/acceptance/idp/saml
-  #      dockerfile: ../../go-command.Dockerfile
-  #      args:
-  #        - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
-  #      <<: *build-cache
-  #    network_mode: service:devcontainer
-  #    environment:
-  #      API_URL: 'http://localhost:8080'
-  #      API_DOMAIN: 'localhost'
-  #      PAT_FILE: '/pat/zitadel-admin-sa.pat'
-  #      SCHEMA: 'http'
-  #      HOST: 'localhost'
-  #      PORT: "8003"
-  #    volumes:
-  #      - "../apps/login/packages/acceptance/pat:/pat"
-  #    depends_on:
-  #      configure-login:
-  #        condition: "service_completed_successfully"
-
-volumes:
-  postgres-data:
-  home-dir:
--- a/.devcontainer/login-integration-debug/devcontainer.json
+++ b/.devcontainer/login-integration-debug/devcontainer.json
@@ -1,21 +0,0 @@
-{
-	"$schema": "https://raw.githubusercontent.com/devcontainers/spec/refs/heads/main/schemas/devContainer.schema.json",
-	"name": "login-integration-debug",
-	"dockerComposeFile": [
-		"../base/docker-compose.yml",
-		"docker-compose.yml"
-	],
-	"service": "login-integration-debug",
-	"runServices": ["login-integration-debug"],
-	"workspaceFolder": "/workspaces",
-	"forwardPorts": [3001],
-	"onCreateCommand": "pnpm install --recursive",
-	"postAttachCommand": "pnpm turbo daemon clean; pnpm turbo @zitadel/login#dev test:integration:login:debug",
-	"customizations": {
-		"jetbrains": {
-			"settings": {
-				"com.intellij:app:HttpConfigurable.use_proxy_pac": true
-			}
-		}
-	}
-}
--- a/.devcontainer/login-integration-debug/docker-compose.yml
+++ b/.devcontainer/login-integration-debug/docker-compose.yml
@@ -1,9 +0,0 @@
-services:
-  login-integration-debug:
-    extends:
-      file: ../base/docker-compose.yml
-      service: devcontainer
-    container_name: login-integration-debug
-    depends_on:
-      mock-zitadel:
-        condition: service_started
--- a/.devcontainer/login-integration/devcontainer.json
+++ b/.devcontainer/login-integration/devcontainer.json
@@ -1,19 +0,0 @@
-{
-	"$schema": "https://raw.githubusercontent.com/devcontainers/spec/refs/heads/main/schemas/devContainer.schema.json",
-	"name": "login-integration",
-	"dockerComposeFile": [
-		"../base/docker-compose.yml"
-	],
-	"service": "devcontainer",
-	"runServices": ["login-integration"],
-	"workspaceFolder": "/workspaces",
-	"forwardPorts": [3001],
-	"onCreateCommand": "pnpm install --frozen-lockfile --recursive && cd apps/login/packages/integration && pnpm cypress install && pnpm test:integration:login",
-	"customizations": {
-		"jetbrains": {
-			"settings": {
-				"com.intellij:app:HttpConfigurable.use_proxy_pac": true
-			}
-		}
-	}
-}
--- a/.devcontainer/turbo-lint-unit-debug/devcontainer.json
+++ b/.devcontainer/turbo-lint-unit-debug/devcontainer.json
@@ -1,21 +0,0 @@
-{
-	"$schema": "https://raw.githubusercontent.com/devcontainers/spec/refs/heads/main/schemas/devContainer.schema.json",
-	"name": "turbo-lint-unit-debug",
-	"dockerComposeFile": [
-		"../base/docker-compose.yml",
-		"docker-compose.yml"
-	],
-	"service": "turbo-lint-unit-debug",
-	"runServices": ["turbo-lint-unit-debug"],
-	"workspaceFolder": "/workspaces",
-	"forwardPorts": [3001],
-	"onCreateCommand": "pnpm install --recursive",
-	"postAttachCommand": "pnpm turbo daemon clean; pnpm turbo watch lint test:unit",
-	"customizations": {
-		"jetbrains": {
-			"settings": {
-				"com.intellij:app:HttpConfigurable.use_proxy_pac": true
-			}
-		}
-	}
-}
--- a/.devcontainer/turbo-lint-unit-debug/docker-compose.yml
+++ b/.devcontainer/turbo-lint-unit-debug/docker-compose.yml
@@ -1,6 +0,0 @@
-services:
-  turbo-lint-unit-debug:
-    extends:
-      file: ../base/docker-compose.yml
-      service: devcontainer
-    container_name: turbo-lint-unit-debug
--- a/.devcontainer/turbo-lint-unit/devcontainer.json
+++ b/.devcontainer/turbo-lint-unit/devcontainer.json
@@ -1,18 +0,0 @@
-{
-	"$schema": "https://raw.githubusercontent.com/devcontainers/spec/refs/heads/main/schemas/devContainer.schema.json",
-	"name": "turbo-lint-unit",
-	"dockerComposeFile": [
-		"../base/docker-compose.yml"
-	],
-	"service": "devcontainer",
-	"runServices": ["devcontainer"],
-	"workspaceFolder": "/workspaces",
-	"postStartCommand": "pnpm install --frozen-lockfile --recursive && pnpm turbo lint test:unit",
-	"customizations": {
-		"jetbrains": {
-			"settings": {
-				"com.intellij:app:HttpConfigurable.use_proxy_pac": true
-			}
-		}
-	}
-}
--- a/apps/console/package.json
+++ b/apps/console/package.json
@@ -15,6 +15,11 @@
  },
  "nx": {
    "targets": {
+      "release": {
+        "docker": {
+          "repositoryName": "zitadel/console"
+        }
+      },
      "generate": {
        "outputs": [
          "{projectRoot}/src/app/proto/generated/**"
--- a/apps/login/Dockerfile
+++ b/apps/login/Dockerfile
@@ -1,36 +1,24 @@
-FROM node:20-alpine AS base
+# syntax=docker.io/docker/dockerfile:1
+
+FROM node:22-alpine

-FROM base AS build
-ENV PNPM_HOME="/pnpm"
-ENV PATH="$PNPM_HOME:$PATH"
-RUN corepack enable && COREPACK_ENABLE_DOWNLOAD_PROMPT=0 corepack prepare pnpm@9.1.2 --activate && \
-    apk update && apk add --no-cache && \
-    rm -rf /var/cache/apk/*
 WORKDIR /app
-COPY pnpm-lock.yaml ./
-RUN --mount=type=cache,id=pnpm,target=/root/.local/share/pnpm/store pnpm fetch --frozen-lockfile
-COPY package.json ./
-RUN --mount=type=cache,id=pnpm,target=/root/.local/share/pnpm/store pnpm install --frozen-lockfile --prod
-COPY . .
-RUN pnpm build:login:standalone

-FROM scratch AS build-out
-COPY --from=build /app/.next/standalone /
-COPY --from=build /app/.next/static /.next/static
-COPY --from=build /app/public /public
+ENV NODE_ENV=production
+
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 nextjs
+
+COPY public ./public
+COPY .next/standalone ./
+COPY .next/static ./.next/static
+RUN ls .next/static

-FROM base AS login-standalone
-WORKDIR /runtime
-RUN addgroup --system --gid 1001 nodejs && \
-    adduser --system --uid 1001 nextjs
-# If /.env-file/.env is mounted into the container, its variables are made available to the server before it starts up.
-RUN mkdir -p /.env-file && touch /.env-file/.env && chown -R nextjs:nodejs /.env-file
-COPY ./scripts/ ./
-COPY --chown=nextjs:nodejs --from=build-out / ./
 USER nextjs
-ENV HOSTNAME="0.0.0.0"
+
+EXPOSE 3000
+
 ENV PORT=3000
-# TODO: Check healthy, not ready
-HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
-CMD ["/bin/sh", "-c", "node ./healthcheck.js http://localhost:${PORT}/ui/v2/login/healthy"]
-ENTRYPOINT ["./entrypoint.sh"]
+
+ENV HOSTNAME="0.0.0.0"
+CMD ["node", "server.js"]
--- a/apps/login/docker-bake-release.hcl
+++ b/apps/login/docker-bake-release.hcl
@@ -1,3 +0,0 @@
-target "release" {
-  platforms = ["linux/amd64", "linux/arm64"]
-}
--- a/apps/login/docker-bake.hcl
+++ b/apps/login/docker-bake.hcl
@@ -1,25 +0,0 @@
-variable "LOGIN_TAG" {
-  default = "zitadel-login:local"
-}
-
-group "default" {
-  targets = ["login-standalone"]
-}
-
-# The release target is overwritten in docker-bake-release.hcl
-# It makes sure the image is built for multiple platforms.
-# By default the platforms property is empty, so images are only built for the current bake runtime platform.
-target "release" {}
-
-target "docker-metadata-action" {
-  # In the pipeline, this target is overwritten by the docker metadata action.
-  tags = ["${LOGIN_TAG}"]
-}
-
-# We run integration and acceptance tests against the next standalone server for docker.
-target "login-standalone" {
-  inherits = [
-    "docker-metadata-action",
-    "release",
-  ]
-}
--- a/apps/login/integration/.eslintrc.cjs
+++ b/apps/login/integration/.eslintrc.cjs
@@ -1,10 +0,0 @@
-module.exports = {
-  root: true,
-  // Use basic ESLint config since the login app has its own detailed config
-  extends: ["eslint:recommended"],
-  settings: {
-    next: {
-      rootDir: ["apps/*/"],
-    },
-  },
-};
--- a/apps/login/integration/.gitignore
+++ b/apps/login/integration/.gitignore
@@ -1,2 +0,0 @@
-screenshots
-videos
--- a/apps/login/integration/.npmrc
+++ b/apps/login/integration/.npmrc
@@ -1 +0,0 @@
-side-effects-cache=false
--- a/apps/login/integration/core-mock/Dockerfile
+++ b/apps/login/integration/core-mock/Dockerfile
@@ -1,15 +0,0 @@
-FROM bufbuild/buf:1.54.0 AS proto-files
-RUN buf export https://github.com/envoyproxy/protoc-gen-validate.git --path validate --output /proto-files && \
-    buf export https://github.com/grpc-ecosystem/grpc-gateway.git --path protoc-gen-openapiv2 --output /proto-files && \
-    buf export https://github.com/googleapis/googleapis.git --path protos/zitadelgoogle/api/annotations.proto --path google/api/http.proto --path google/api/field_behavior.proto --output /proto-files && \
-    buf export https://github.com/zitadel/zitadel.git --path ./proto/zitadel --output /proto-files
-
-FROM golang:1.20.5-alpine3.18 AS mock-zitadel
-
-RUN go install github.com/eliobischof/grpc-mock/cmd/grpc-mock@01b09f60db1b501178af59bed03b2c22661df48c
-
-COPY mocked-services.cfg .
-COPY initial-stubs initial-stubs
-COPY --from=proto-files /proto-files/ ./
-
-ENTRYPOINT [ "sh", "-c", "grpc-mock -v 1 -proto $(tr '\n' ',' < ./mocked-services.cfg) -stub-dir ./initial-stubs -mock-addr :22222" ]
--- a/apps/login/integration/core-mock/initial-stubs/zitadel.settings.v2.SettingsService.json
+++ b/apps/login/integration/core-mock/initial-stubs/zitadel.settings.v2.SettingsService.json
@@ -1,66 +0,0 @@
-[
-  {
-    "service": "zitadel.settings.v2.SettingsService",
-    "method": "GetBrandingSettings",
-    "out": {
-      "data": {}
-    }
-  },
-  {
-    "service": "zitadel.settings.v2.SettingsService",
-    "method": "GetSecuritySettings",
-    "out": {
-      "data": {}
-    }
-  },
-  {
-    "service": "zitadel.settings.v2.SettingsService",
-    "method": "GetLegalAndSupportSettings",
-    "out": {
-      "data": {
-        "settings": {
-          "tosLink": "http://whatever.com/help",
-          "privacyPolicyLink": "http://whatever.com/help",
-          "helpLink": "http://whatever.com/help"
-        }
-      }
-    }
-  },
-  {
-    "service": "zitadel.settings.v2.SettingsService",
-    "method": "GetActiveIdentityProviders",
-    "out": {
-      "data": {
-        "identityProviders": [
-          {
-            "id": "123",
-            "name": "Hubba bubba",
-            "type": 10
-          }
-        ]
-      }
-    }
-  },
-  {
-    "service": "zitadel.settings.v2.SettingsService",
-    "method": "GetPasswordComplexitySettings",
-    "out": {
-      "data": {
-        "settings": {
-          "minLength": 8,
-          "requiresUppercase": true,
-          "requiresLowercase": true,
-          "requiresNumber": true,
-          "requiresSymbol": true
-        }
-      }
-    }
-  },
-  {
-    "service": "zitadel.settings.v2.SettingsService",
-    "method": "GetHostedLoginTranslation",
-    "out": {
-      "data": {}
-    }
-  }
-]
--- a/apps/login/integration/core-mock/mocked-services.cfg
+++ b/apps/login/integration/core-mock/mocked-services.cfg
@@ -1,7 +0,0 @@
-zitadel/user/v2/user_service.proto
-zitadel/org/v2/org_service.proto
-zitadel/session/v2/session_service.proto
-zitadel/settings/v2/settings_service.proto
-zitadel/management.proto
-zitadel/auth.proto
-zitadel/admin.proto
--- a/apps/login/integration/cypress.config.ts
+++ b/apps/login/integration/cypress.config.ts
@@ -1,14 +0,0 @@
-import { defineConfig } from "cypress";
-
-export default defineConfig({
-  reporter: "list",
-
-  e2e: {
-    baseUrl: process.env.LOGIN_BASE_URL || "http://localhost:3001/ui/v2/login",
-    specPattern: "integration/**/*.cy.{js,jsx,ts,tsx}",
-    supportFile: "support/e2e.{js,jsx,ts,tsx}",
-    setupNodeEvents(on, config) {
-      // implement node event listeners here
-    },
-  },
-});
--- a/apps/login/integration/fixtures/example.json
+++ b/apps/login/integration/fixtures/example.json
@@ -1,5 +0,0 @@
-{
-  "name": "Using fixtures to represent data",
-  "email": "hello@cypress.io",
-  "body": "Fixtures are a great way to mock data for responses to routes"
-}
--- a/apps/login/integration/integration/invite.cy.ts
+++ b/apps/login/integration/integration/invite.cy.ts
@@ -1,110 +0,0 @@
-import { stub } from "../support/e2e";
-
-describe("verify invite", () => {
-  beforeEach(() => {
-    stub("zitadel.org.v2.OrganizationService", "ListOrganizations", {
-      data: {
-        details: {
-          totalResult: 1,
-        },
-        result: [{ id: "256088834543534543" }],
-      },
-    });
-
-    stub("zitadel.user.v2.UserService", "ListAuthenticationMethodTypes", {
-      data: {
-        authMethodTypes: [], // user with no auth methods was invited
-      },
-    });
-
-    stub("zitadel.user.v2.UserService", "GetUserByID", {
-      data: {
-        user: {
-          userId: "221394658884845598",
-          state: 1,
-          username: "john@zitadel.com",
-          loginNames: ["john@zitadel.com"],
-          preferredLoginName: "john@zitadel.com",
-          human: {
-            userId: "221394658884845598",
-            state: 1,
-            username: "john@zitadel.com",
-            loginNames: ["john@zitadel.com"],
-            preferredLoginName: "john@zitadel.com",
-            profile: {
-              givenName: "John",
-              familyName: "Doe",
-              avatarUrl: "https://zitadel.com/avatar.jpg",
-            },
-            email: {
-              email: "john@zitadel.com",
-              isVerified: false,
-            },
-          },
-        },
-      },
-    });
-
-    stub("zitadel.session.v2.SessionService", "CreateSession", {
-      data: {
-        details: {
-          sequence: 859,
-          changeDate: new Date("2024-04-04T09:40:55.577Z"),
-          resourceOwner: "220516472055706145",
-        },
-        sessionId: "221394658884845598",
-        sessionToken: "SDMc7DlYXPgwRJ-Tb5NlLqynysHjEae3csWsKzoZWLplRji0AYY3HgAkrUEBqtLCvOayLJPMd0ax4Q",
-        challenges: undefined,
-      },
-    });
-
-    stub("zitadel.session.v2.SessionService", "GetSession", {
-      data: {
-        session: {
-          id: "221394658884845598",
-          creationDate: new Date("2024-04-04T09:40:55.577Z"),
-          changeDate: new Date("2024-04-04T09:40:55.577Z"),
-          sequence: 859,
-          factors: {
-            user: {
-              id: "221394658884845598",
-              loginName: "john@zitadel.com",
-            },
-            password: undefined,
-            webAuthN: undefined,
-            intent: undefined,
-          },
-          metadata: {},
-        },
-      },
-    });
-
-    stub("zitadel.settings.v2.SettingsService", "GetLoginSettings", {
-      data: {
-        settings: {
-          passkeysType: 1,
-          allowUsernamePassword: true,
-        },
-      },
-    });
-  });
-
-  it.only("shows authenticators after successful invite verification", () => {
-    stub("zitadel.user.v2.UserService", "VerifyInviteCode");
-
-    cy.visit("/verify?userId=221394658884845598&code=abc&invite=true");
-    cy.url({ timeout: 10_000 }).should("include", Cypress.config().baseUrl + "/authenticator/set");
-  });
-
-  it("shows an error if invite code validation failed", () => {
-    stub("zitadel.user.v2.UserService", "VerifyInviteCode", {
-      code: 3,
-      error: "error validating code",
-    });
-
-    // TODO: Avoid uncaught exception in application
-    cy.once("uncaught:exception", () => false);
-    cy.visit("/verify?userId=221394658884845598&code=abc&invite=true");
-    cy.contains("Could not verify invite", { timeout: 10_000 });
-  });
-});
--- a/apps/login/integration/integration/login.cy.ts
+++ b/apps/login/integration/integration/login.cy.ts
@@ -1,172 +0,0 @@
-import { stub } from "../support/e2e";
-
-describe("login", () => {
-  beforeEach(() => {
-    stub("zitadel.org.v2.OrganizationService", "ListOrganizations", {
-      data: {
-        details: {
-          totalResult: 1,
-        },
-        result: [{ id: "256088834543534543" }],
-      },
-    });
-    stub("zitadel.session.v2.SessionService", "CreateSession", {
-      data: {
-        details: {
-          sequence: 859,
-          changeDate: new Date("2024-04-04T09:40:55.577Z"),
-          resourceOwner: "220516472055706145",
-        },
-        sessionId: "221394658884845598",
-        sessionToken: "SDMc7DlYXPgwRJ-Tb5NlLqynysHjEae3csWsKzoZWLplRji0AYY3HgAkrUEBqtLCvOayLJPMd0ax4Q",
-        challenges: undefined,
-      },
-    });
-
-    stub("zitadel.session.v2.SessionService", "GetSession", {
-      data: {
-        session: {
-          id: "221394658884845598",
-          creationDate: new Date("2024-04-04T09:40:55.577Z"),
-          changeDate: new Date("2024-04-04T09:40:55.577Z"),
-          sequence: 859,
-          factors: {
-            user: {
-              id: "221394658884845598",
-              loginName: "john@zitadel.com",
-            },
-            password: undefined,
-            webAuthN: undefined,
-            intent: undefined,
-          },
-          metadata: {},
-        },
-      },
-    });
-
-    stub("zitadel.settings.v2.SettingsService", "GetLoginSettings", {
-      data: {
-        settings: {
-          passkeysType: 1,
-          allowUsernamePassword: true,
-        },
-      },
-    });
-  });
-  describe("password login", () => {
-    beforeEach(() => {
-      stub("zitadel.user.v2.UserService", "ListUsers", {
-        data: {
-          details: {
-            totalResult: 1,
-          },
-          result: [
-            {
-              userId: "221394658884845598",
-              state: 1,
-              username: "john@zitadel.com",
-              loginNames: ["john@zitadel.com"],
-              preferredLoginName: "john@zitadel.com",
-              human: {
-                userId: "221394658884845598",
-                state: 1,
-                username: "john@zitadel.com",
-                loginNames: ["john@zitadel.com"],
-                preferredLoginName: "john@zitadel.com",
-                profile: {
-                  givenName: "John",
-                  familyName: "Doe",
-                  avatarUrl: "https://zitadel.com/avatar.jpg",
-                },
-                email: {
-                  email: "john@zitadel.com",
-                  isVerified: true,
-                },
-              },
-            },
-          ],
-        },
-      });
-      stub("zitadel.user.v2.UserService", "ListAuthenticationMethodTypes", {
-        data: {
-          authMethodTypes: [1], // 1 for password authentication
-        },
-      });
-    });
-    it("should redirect a user with password authentication to /password", () => {
-      cy.visit("/loginname?loginName=john%40zitadel.com&submit=true");
-      cy.url({ timeout: 10_000 }).should("include", Cypress.config().baseUrl + "/password");
-    });
-    describe("with passkey prompt", () => {
-      beforeEach(() => {
-        stub("zitadel.session.v2.SessionService", "SetSession", {
-          data: {
-            details: {
-              sequence: 859,
-              changeDate: "2023-07-04T07:58:20.126Z",
-              resourceOwner: "220516472055706145",
-            },
-            sessionToken: "SDMc7DlYXPgwRJ-Tb5NlLqynysHjEae3csWsKzoZWLplRji0AYY3HgAkrUEBqtLCvOayLJPMd0ax4Q",
-            challenges: undefined,
-          },
-        });
-      });
-      // it("should prompt a user to setup passwordless authentication if passkey is allowed in the login settings", () => {
-      //   cy.visit("/loginname?loginName=john%40zitadel.com&submit=true");
-      //   cy.location("pathname", { timeout: 10_000 }).should("eq", "/password");
-      //   cy.get('input[type="password"]').focus().type("MyStrongPassword!1");
-      //   cy.get('button[type="submit"]').click();
-      //   cy.location("pathname", { timeout: 10_000 }).should(
-      //     "eq",
-      //     "/passkey/set",
-      //   );
-      // });
-    });
-  });
-  describe("passkey login", () => {
-    beforeEach(() => {
-      stub("zitadel.user.v2.UserService", "ListUsers", {
-        data: {
-          details: {
-            totalResult: 1,
-          },
-          result: [
-            {
-              userId: "221394658884845598",
-              state: 1,
-              username: "john@zitadel.com",
-              loginNames: ["john@zitadel.com"],
-              preferredLoginName: "john@zitadel.com",
-              human: {
-                userId: "221394658884845598",
-                state: 1,
-                username: "john@zitadel.com",
-                loginNames: ["john@zitadel.com"],
-                preferredLoginName: "john@zitadel.com",
-                profile: {
-                  givenName: "John",
-                  familyName: "Doe",
-                  avatarUrl: "https://zitadel.com/avatar.jpg",
-                },
-                email: {
-                  email: "john@zitadel.com",
-                  isVerified: true,
-                },
-              },
-            },
-          ],
-        },
-      });
-      stub("zitadel.user.v2.UserService", "ListAuthenticationMethodTypes", {
-        data: {
-          authMethodTypes: [2], // 2 for passwordless authentication
-        },
-      });
-    });
-
-    it("should redirect a user with passwordless authentication to /passkey", () => {
-      cy.visit("/loginname?loginName=john%40zitadel.com&submit=true");
-      cy.url({ timeout: 10_000 }).should("include", Cypress.config().baseUrl + "/passkey");
-    });
-  });
-});
--- a/apps/login/integration/integration/register-idp.cy.ts
+++ b/apps/login/integration/integration/register-idp.cy.ts
@@ -1,21 +0,0 @@
-import { stub } from "../support/e2e";
-
-const IDP_URL = "https://example.com/idp/url";
-
-describe("register idps", () => {
-  beforeEach(() => {
-    stub("zitadel.user.v2.UserService", "StartIdentityProviderIntent", {
-      data: {
-        authUrl: IDP_URL,
-      },
-    });
-  });
-
-  it("should redirect the user to the correct url", () => {
-    cy.visit("/idp");
-    cy.get('button[e2e="google"]').click();
-    cy.origin(IDP_URL, { args: IDP_URL }, (url) => {
-      cy.location("href", { timeout: 10_000 }).should("eq", url);
-    });
-  });
-});
--- a/apps/login/integration/integration/register.cy.ts
+++ b/apps/login/integration/integration/register.cy.ts
@@ -1,73 +0,0 @@
-import { stub } from "../support/e2e";
-
-describe("register", () => {
-  beforeEach(() => {
-    stub("zitadel.org.v2.OrganizationService", "ListOrganizations", {
-      data: {
-        details: {
-          totalResult: 1,
-        },
-        result: [{ id: "256088834543534543" }],
-      },
-    });
-    stub("zitadel.settings.v2.SettingsService", "GetLoginSettings", {
-      data: {
-        settings: {
-          passkeysType: 1,
-          allowRegister: true,
-          allowUsernamePassword: true,
-          defaultRedirectUri: "",
-        },
-      },
-    });
-    stub("zitadel.user.v2.UserService", "AddHumanUser", {
-      data: {
-        userId: "221394658884845598",
-      },
-    });
-    stub("zitadel.session.v2.SessionService", "CreateSession", {
-      data: {
-        details: {
-          sequence: 859,
-          changeDate: new Date("2024-04-04T09:40:55.577Z"),
-          resourceOwner: "220516472055706145",
-        },
-        sessionId: "221394658884845598",
-        sessionToken: "SDMc7DlYXPgwRJ-Tb5NlLqynysHjEae3csWsKzoZWLplRji0AYY3HgAkrUEBqtLCvOayLJPMd0ax4Q",
-        challenges: undefined,
-      },
-    });
-
-    stub("zitadel.session.v2.SessionService", "GetSession", {
-      data: {
-        session: {
-          id: "221394658884845598",
-          creationDate: new Date("2024-04-04T09:40:55.577Z"),
-          changeDate: new Date("2024-04-04T09:40:55.577Z"),
-          sequence: 859,
-          factors: {
-            user: {
-              id: "221394658884845598",
-              loginName: "john@zitadel.com",
-            },
-            password: undefined,
-            webAuthN: undefined,
-            intent: undefined,
-          },
-          metadata: {},
-        },
-      },
-    });
-  });
-
-  it("should redirect a user who selects passwordless on register to /passkey/set", () => {
-    cy.visit("/register");
-    cy.get('input[data-testid="firstname-text-input"]').focus().type("John");
-    cy.get('input[data-testid="lastname-text-input"]').focus().type("Doe");
-    cy.get('input[data-testid="email-text-input"]').focus().type("john@zitadel.com");
-    cy.get('input[type="checkbox"][value="privacypolicy"]').check();
-    cy.get('input[type="checkbox"][value="tos"]').check();
-    cy.get('button[type="submit"]').click();
-    cy.url({ timeout: 10_000 }).should("include", Cypress.config().baseUrl + "/passkey/set");
-  });
-});
--- a/apps/login/integration/integration/verify.cy.ts
+++ b/apps/login/integration/integration/verify.cy.ts
@@ -1,95 +0,0 @@
-import { stub } from "../support/e2e";
-
-describe("verify email", () => {
-  beforeEach(() => {
-    stub("zitadel.org.v2.OrganizationService", "ListOrganizations", {
-      data: {
-        details: {
-          totalResult: 1,
-        },
-        result: [{ id: "256088834543534543" }],
-      },
-    });
-
-    stub("zitadel.user.v2.UserService", "ListAuthenticationMethodTypes", {
-      data: {
-        authMethodTypes: [1], // set one method such that we know that the user was not invited
-      },
-    });
-
-    stub("zitadel.user.v2.UserService", "SendEmailCode");
-
-    stub("zitadel.user.v2.UserService", "GetUserByID", {
-      data: {
-        user: {
-          userId: "221394658884845598",
-          state: 1,
-          username: "john@zitadel.com",
-          loginNames: ["john@zitadel.com"],
-          preferredLoginName: "john@zitadel.com",
-          human: {
-            userId: "221394658884845598",
-            state: 1,
-            username: "john@zitadel.com",
-            loginNames: ["john@zitadel.com"],
-            preferredLoginName: "john@zitadel.com",
-            profile: {
-              givenName: "John",
-              familyName: "Doe",
-              avatarUrl: "https://zitadel.com/avatar.jpg",
-            },
-            email: {
-              email: "john@zitadel.com",
-              isVerified: false, // email is not verified yet
-            },
-          },
-        },
-      },
-    });
-
-    stub("zitadel.session.v2.SessionService", "CreateSession", {
-      data: {
-        details: {
-          sequence: 859,
-          changeDate: new Date("2024-04-04T09:40:55.577Z"),
-          resourceOwner: "220516472055706145",
-        },
-        sessionId: "221394658884845598",
-        sessionToken: "SDMc7DlYXPgwRJ-Tb5NlLqynysHjEae3csWsKzoZWLplRji0AYY3HgAkrUEBqtLCvOayLJPMd0ax4Q",
-        challenges: undefined,
-      },
-    });
-
-    stub("zitadel.session.v2.SessionService", "GetSession", {
-      data: {
-        session: {
-          id: "221394658884845598",
-          creationDate: new Date("2024-04-04T09:40:55.577Z"),
-          changeDate: new Date("2024-04-04T09:40:55.577Z"),
-          sequence: 859,
-          factors: {
-            user: {
-              id: "221394658884845598",
-              loginName: "john@zitadel.com",
-            },
-            password: undefined,
-            webAuthN: undefined,
-            intent: undefined,
-          },
-          metadata: {},
-        },
-      },
-    });
-  });
-
-  it("shows an error if email code validation failed", () => {
-    stub("zitadel.user.v2.UserService", "VerifyEmail", {
-      code: 3,
-      error: "error validating code",
-    });
-    // TODO: Avoid uncaught exception in application
-    cy.once("uncaught:exception", () => false);
-    cy.visit("/verify?userId=221394658884845598&code=abc");
-    cy.contains("Could not verify email", { timeout: 10_000 });
-  });
-});
--- a/apps/login/integration/support/e2e.ts
+++ b/apps/login/integration/support/e2e.ts
@@ -1,29 +0,0 @@
-const url = Cypress.env("CORE_MOCK_STUBS_URL") || "http://mock-zitadel:22220/v1/stubs";
-
-function removeStub(service: string, method: string) {
-  return cy.request({
-    url,
-    method: "DELETE",
-    qs: {
-      service,
-      method,
-    },
-  });
-}
-
-export function stub(service: string, method: string, out?: any) {
-  removeStub(service, method);
-  return cy.request({
-    url,
-    method: "POST",
-    body: {
-      stubs: [
-        {
-          service,
-          method,
-          out,
-        },
-      ],
-    },
-  });
-}
--- a/apps/login/integration/tsconfig.json
+++ b/apps/login/integration/tsconfig.json
@@ -1,8 +0,0 @@
-{
-  "compilerOptions": {
-    "target": "es5",
-    "lib": ["es5", "dom"],
-    "types": ["cypress", "node"]
-  },
-  "include": ["**/*.ts"]
-}
--- a/apps/login/package.json
+++ b/apps/login/package.json
@@ -22,6 +22,11 @@
    "test:acceptance:setup:dev": "cd ../.. && make login_test_acceptance_setup_dev"
  },
  "nx": {
+    "release": {
+      "docker": {
+        "repositoryName": "zitadel/login"
+      }
+    },
    "targets": {
      "build": {
        "outputs": [
--- a/apps/login/turbo.json
+++ b/apps/login/turbo.json
@@ -1,22 +0,0 @@
-{
-  "extends": ["//"],
-  "tasks": {
-    "build": {
-      "outputs": ["dist/**", ".next/**", "!.next/cache/**"],
-      "dependsOn": ["@zitadel/client#build"]
-    },
-    "build:login:standalone": {
-      "outputs": ["dist/**", ".next/**", "!.next/cache/**"],
-      "dependsOn": ["@zitadel/client#build"]
-    },
-    "dev": {
-      "dependsOn": ["@zitadel/client#build"]
-    },
-    "test": {
-      "dependsOn": ["@zitadel/client#build"]
-    },
-    "test:unit": {
-      "dependsOn": ["@zitadel/client#build"]
-    }
-  }
-}
--- a/build/login/.dockerignore
+++ b/build/login/.dockerignore
@@ -1,37 +0,0 @@
-*
-
-!apps/login/constants
-!apps/login/scripts
-!apps/login/src
-!apps/login/public
-!apps/login/locales
-!apps/login/next.config.mjs
-!apps/login/next-env-vars.d.ts
-!apps/login/next-env.d.ts
-!apps/login/tailwind.config.js
-!apps/login/tsconfig.json
-!apps/login/package.json
-!apps/login/turbo.json
-
-!package.json
-!pnpm-lock.yaml
-!pnpm-workspace.yaml
-!turbo.json
-
-!packages/zitadel-proto/package.json
-!packages/zitadel-proto/buf.gen.yaml
-!packages/zitadel-proto/turbo.json
-
-!packages/zitadel-client/package.json
-!packages/zitadel-client/src
-!packages/zitadel-client/tsconfig.json
-!packages/zitadel-client/tsup.config.ts
-!packages/zitadel-client/turbo.json
-
-!proto
-
-*.md
-*.png
-node_modules
-*.test.ts
-*.test.tsx
--- a/build/login/Dockerfile
+++ b/build/login/Dockerfile
@@ -1,45 +0,0 @@
-FROM node:20-alpine AS base
-
-FROM base AS build
-ENV PNPM_HOME="/pnpm"
-ENV PATH="$PNPM_HOME:$PATH"
-RUN corepack enable && COREPACK_ENABLE_DOWNLOAD_PROMPT=0 corepack prepare pnpm@9.1.2 --activate && \
-    apk update && apk add --no-cache && \
-    rm -rf /var/cache/apk/*
-WORKDIR /app
-COPY pnpm-lock.yaml pnpm-workspace.yaml  ./
-RUN --mount=type=cache,id=pnpm,target=/root/.local/share/pnpm/store pnpm fetch --frozen-lockfile \
-    --filter @zitadel/login \
-    --filter @zitadel/client \
-    --filter @zitadel/proto
-COPY package.json ./
-COPY apps/login/package.json ./apps/login/package.json
-COPY packages/zitadel-proto/package.json ./packages/zitadel-proto/package.json
-COPY packages/zitadel-client/package.json ./packages/zitadel-client/package.json
-RUN --mount=type=cache,id=pnpm,target=/root/.local/share/pnpm/store pnpm install --frozen-lockfile \
-    --filter @zitadel/login \
-    --filter @zitadel/client \
-    --filter @zitadel/proto
-COPY . .
-RUN pnpm turbo build:login:standalone
-
-FROM scratch AS build-out
-COPY --from=build /app/apps/login/.next/standalone /
-COPY --from=build /app/apps/login/.next/static /.next/static
-COPY --from=build /app/apps/login/public /public
-
-FROM base AS login-standalone
-WORKDIR /runtime
-RUN addgroup --system --gid 1001 nodejs && \
-    adduser --system --uid 1001 nextjs
-# If /.env-file/.env is mounted into the container, its variables are made available to the server before it starts up.
-RUN mkdir -p /.env-file && touch /.env-file/.env && chown -R nextjs:nodejs /.env-file
-COPY apps/login/scripts ./
-COPY --chown=nextjs:nodejs --from=build-out . .
-USER nextjs
-ENV HOSTNAME="0.0.0.0"
-ENV PORT=3000
-# TODO: Check healthy, not ready
-HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
-    CMD ["/bin/sh", "-c", "node ./healthcheck.js http://localhost:${PORT}/ui/v2/login/healthy"]
-ENTRYPOINT ["./entrypoint.sh"]
--- a/build/zitadel/.dockerignore
+++ b/build/zitadel/.dockerignore
@@ -1,3 +0,0 @@
-*
-!build/zitadel/entrypoint.sh
-!zitadel
--- a/build/zitadel/Dockerfile
+++ b/build/zitadel/Dockerfile
@@ -1,33 +0,0 @@
-FROM --platform=$TARGETPLATFORM debian:latest as artifact
-ENV ZITADEL_ARGS=
-ARG TARGETPLATFORM
-
-RUN apt-get update && apt-get install ca-certificates -y
-
-COPY build/zitadel/entrypoint.sh /app/entrypoint.sh
-COPY zitadel /app/zitadel
-
-RUN useradd -s "" --home / zitadel && \
-    chown zitadel /app/zitadel && \
-    chmod +x /app/zitadel && \
-    chown zitadel /app/entrypoint.sh && \
-    chmod +x /app/entrypoint.sh
-
-WORKDIR /app
-ENV PATH="/app:${PATH}"
-
-USER zitadel
-ENTRYPOINT ["/app/entrypoint.sh"]
-
-FROM --platform=$TARGETPLATFORM scratch as final
-ARG TARGETPLATFORM
-
-COPY --from=artifact /etc/passwd /etc/passwd
-COPY --from=artifact /etc/ssl/certs /etc/ssl/certs
-COPY --from=artifact /app/zitadel /app/zitadel
-
-HEALTHCHECK NONE
-EXPOSE 8080
-
-USER zitadel
-ENTRYPOINT ["/app/zitadel"]
--- a/build/zitadel/entrypoint.sh
+++ b/build/zitadel/entrypoint.sh
@@ -1,17 +0,0 @@
-#!/bin/bash
-
-case $@ in 
-    sh*)
-        ${@:3}
-        ;;
-    bash*)
-        ${@:5}
-        ;;
-    *)
-        if [[ ! -z "$@" ]]
-        then
-            ZITADEL_ARGS="$@"
-        fi
-        /app/zitadel ${ZITADEL_ARGS}
-        ;;
-esac
--- a/nx.json
+++ b/nx.json
@@ -1,5 +1,25 @@
 {
  "$schema": "./node_modules/nx/schemas/nx-schema.json",
+  "release": {
+    "releaseTagPattern": "release/{projectName}/{version}",
+    "groups": {
+      "test": {
+        "projects": ["@zitadel/login", "@zitadel/console"],
+        "projectsRelationship": "fixed",
+        "docker": {
+          "skipVersionActions": true,
+          "registryUrl": "ghcr.io",
+          "groupPreVersionCommand": "echo BEFORE VERSIONING"
+        },
+        "changelog": {
+          "projectChangelogs": true
+        }
+      }
+    },
+    "version": {
+      "conventionalCommits": true
+    }
+  },
  "namedInputs": {
    "proto": [
      "{workspaceRoot}/proto/**"
@@ -93,5 +113,14 @@
      "cache": false
    }
  },
-  "nxCloudId": "688a9021d48dce0efe0f119f"
+  "nxCloudId": "688a9021d48dce0efe0f119f",
+  "plugins": [
+    {
+      "plugin": "@nx/docker",
+      "options": {
+        "buildTarget": "docker:build",
+        "runTarget": "docker:run"
+      }
+    }
+  ]
 }
--- a/package.json
+++ b/package.json
@@ -5,7 +5,7 @@
  "scripts": {
    "build": "make compile"
  },
-"nx": {
+  "nx": {
    "targets": {
      "build": {
        "outputs": [
@@ -25,10 +25,11 @@
    }
  },
  "devDependencies": {
+    "@bufbuild/buf": "^1.55.1",
    "@changesets/cli": "^2.29.5",
    "@devcontainers/cli": "^0.80.0",
-    "nx":"21.3.10",
-    "@bufbuild/buf": "^1.55.1",
+    "@nx/docker": "21.4.0-beta.5",
+    "nx": "21.4.0-beta.5",
    "sass": "1.64.1"
  }
 }
--- a/packages/zitadel-client/package.json
+++ b/packages/zitadel-client/package.json
@@ -102,6 +102,7 @@
    "knip": "^5.61.3",
    "tsup": "^8.4.0",
    "typescript": "^5.8.3",
-    "vitest": "^2.0.0"
+    "vitest": "^2.0.0",
+    "@nx/js": "^21.3.11"
  }
 }
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml