# Which Problems Are Solved
Login integration tests are not executed in the pipeline
# How the Problems Are Solved
The login integration tests are fixed and added as a pipeline workflow.
It tests against the built login docker image.
On pipeline failures, developers are guided on how to fix them using a
dev container configured for this purpose.
# Additional Changes
- email domains are replaced by example.com. In case the tests were
accidentally run against a cloud instance, it wouldn't cause bounces.
- pnpm is upgraded, because the --filter argument doesn't work for the
install command on the old version.
- The login Dockerfile is optimized for docker image builds
# Additional Changes From Review for
https://github.com/zitadel/zitadel/pull/10305
These changes were requested from @peintnermax
- The base dev container starts without any services besides the
database and the dev container itself
- CONTRIBUTING.md is restructured
- To reproduce pipeline checks, only the devcontainer CLI and Docker are
needed. This is described in the CONTRIBUTING.md
- The convenience npm script "generate" is added
# Additional Context
- Follow-up for PR https://github.com/zitadel/zitadel/pull/10305
- Base for https://github.com/zitadel/zitadel/issues/10277
# Which Problems Are Solved
The broken login image is fixed.
# How the Problems Are Solved
The most important learnings from
https://github.com/zitadel/zitadel/pull/10318 are applied:
- Path in entrypoint is fixed: `exec node /runtime/apps/login/server.js`
- .dockerignore is updated so CSS styles are built into the image
- `source: .` is passed to the docker-bake action. Without this,
docker-bake builds from a remote context, which seems to be slow and not
updated on new PR commits. Looks like the bake action uploads an
artifact that [conflicts with the compile
workflow](https://github.com/zitadel/zitadel/actions/runs/16620417216/job/47023478437).
Therefore, a pattern is added to the compile workflow so only relevant
artifacts are selected.
# Which Problems Are Solved
- The previous monorepo in monorepo structure for the login app and its
related packages was fragmented, complicated and buggy.
- The process for building and testing the login container was
inconsistent between local development and CI.
- Lack of clear documentation as well as easy and reliable ways for
non-frontend developers to reproduce and fix failing PR checks locally.
# How the Problems Are Solved
- Consolidated the login app and its related npm packages by moving the
main package to `apps/login/apps/login` and merging
`apps/login/packages/integration` and `apps/login/packages/acceptance`
into the main `apps/login` package.
- Migrated from Docker Compose-based test setups to dev container-based
setups, adding support for multiple dev container configurations:
- `.devcontainer/base`
- `.devcontainer/turbo-lint-unit`
- `.devcontainer/turbo-lint-unit-debug`
- `.devcontainer/login-integration`
- `.devcontainer/login-integration-debug`
- Added npm scripts to run the new dev container setups, enabling exact
reproduction of GitHub PR checks locally, and updated the pipeline to
use these containers.
- Cleaned up Dockerfiles and docker-bake.hcl files to only build the
production image for the login app.
- Cleaned up compose files to focus on dev environments in dev
containers.
- Updated `CONTRIBUTING.md` with guidance on running and debugging PR
checks locally using the new dev container approach.
- Introduced separate Dockerfiles for the login app to distinguish
between using published client packages and building clients from local
protos.
- Ensured the login container is always built in the pipeline for use in
integration and acceptance tests.
- Updated Makefile and GitHub Actions workflows to use
`--frozen-lockfile` for installing pnpm packages, ensuring reproducible
installs.
- Disabled GitHub release creation by the changeset action.
- Refactored the `/build` directory structure for clarity and
maintainability.
- Added a `clean` command to `docks/package.json`.
- Experimentally added `knip` to the `zitadel-client` package for
improved linting of dependencies and exports.
# Additional Changes
- Fixed Makefile commands for consistency and reliability.
- Improved the structure and clarity of the `/build` directory to
support seamless integration of the login build.
- Enhanced documentation and developer experience for running and
debugging CI checks locally.
# Additional Context
- See updated `CONTRIBUTING.md` for new local development and debugging
instructions.
- These changes are a prerequisite for further improvements to the CI
pipeline and local development workflow.
- Closes#10276
# Which Problems Are Solved
E2E tests in pipelines started to fail randomly. While debugging it, i
noticed that we use the `latest` tag of cockroach's docker image. They
tagged 25.1 as latest yesterday.
# How the Problems Are Solved
Since we drop support for CRDB with version 3 as there are anyway
multiple issues with various versions, I pinned the docker image tag to
`latest-v24.3`.
# Additional Changes
None
# Additional Context
relates to https://github.com/zitadel/zitadel/actions/runs/13917603587
and https://github.com/zitadel/zitadel/actions/runs/13904928050
* pipeline runs on ubuntu instead of docker
* added Makefile to build zitadel core (backend) and console (frontend)
* pipeline runs in parallel where possible
* pipeline is split into multiple jobs
* removed goreleaser
* added command to check if zitadel instance is running
This PR adds support for userinfo and introspection of V2 tokens. Further V2 access tokens and session tokens can be used for authentication on the ZITADEL API (like the current access tokens).
chore: Apply OCI source label to Docker image
This patch adds the `org.opencontainers.image.source` label to
the Zitadel Docker image. This label is used by dependency update
tools like Dependabot and Renovate to look up release notes for
Docker image updates.
Co-authored-by: Elio Bischof <elio@zitadel.com>
* feat: add v2alpha policies service
* feat: add v2alpha policies service
* fix: rename of attributes and messages in v2alpha api
* fix: rename of attributes and messages in v2alpha api
* fix: linter corrections
* fix: review corrections
* fix: review corrections
* fix: review corrections
* fix: review corrections
* fix grpc
* refactor: rename to settings and more
* Apply suggestions from code review
Co-authored-by: Fabi <fabienne.gerschwiler@gmail.com>
* add service to docs and rename legal settings
* unit tests for converters
* go mod tidy
* ensure idp name and return list details
* fix: use correct resource owner for active idps
* change query to join
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
* chore(proto): update versions
* change protoc plugin
* some cleanups
* define api for setting emails in new api
* implement user.SetEmail
* move SetEmail buisiness logic into command
* resuse newCryptoCode
* command: add ChangeEmail unit tests
Not complete, was not able to mock the generator.
* Revert "resuse newCryptoCode"
This reverts commit c89e90ae35.
* undo change to crypto code generators
* command: use a generator so we can test properly
* command: reorganise ChangeEmail
improve test coverage
* implement VerifyEmail
including unit tests
* add URL template tests
* proto: change context to object
* remove old auth option
* remove old auth option
* fix linting errors
run gci on modified files
* add permission checks and fix some errors
* comments
* comments
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
* integrate docs into nav
* generator for local use, production needs to be set by env
* fix typo
* local dev
* docs: annotate the first user endpoints in the management api
* docs: annotate the first user endpoints in the management api
* docs: annotate the first user endpoints in the management api
* docs: annotate the first user endpoints in the management api
* docs: add header params
* rewrite docs links and improve ci
* tweak build command
* fix path
* Update docs/docusaurus.config.js
Co-authored-by: Max Peintner <max@caos.ch>
* fix docker
* docs: add header params
* docs: Add tags to management api. add some descriptions
* docs: more descriptions
* docs: more descriptions
* docs: required fields
* docs: example request
* docs: example request
* docs: example request
* docs: example request
* docs: example request
* docs: user metadata requests
* docs: user requests
* docs: user requests
* docs: user requests
* docs: user requests
* docs: change nav add first methods to authentication api
* docs: auth api
* docs: auth api
* docs: auth api
* docs: auth api
* docs: auth api
* docs: api sidenav
* chore: use buf without docker
* fix deploy
* fix ci
* fix vercel
* docs: admin
* docs: admin api docs
* docs: admin api docs
* docs: admin api docs
* docs: admin api docs
* docs: security
* docs: security
* docs: admin api
* docs: change to env vars
* docs: auth api
* docs: remove assets, deprecated requests, menu
* reworked page with PaloAltoNetworks/docusaurus-openapi-docs
* works with the resolutions
* fix broken build by adding assets again
* add tags to menu
* chore: improve build speed
* no-minify
* test ssr
* ssr 20
* use lazy
* increase mem
* use default mem
* change names
* docs: remove assets, deprecated requests, menu
* docs: management api
* docs: management api
* docs: management api
* docs: sidebar
* not the best word smithing but it is ;-)
* more typos
* merge main
* fix some error
* trial
* update grpc gateway
* trigger vercel build
* docs: deprecated requests
* docs: deprecated requests
---------
Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
* docs: update cockroachdb version to 22.2
* feat(adminAPI): ListEventTypes returns the list of event types ZITADEL implements
* feat(adminAPI): ListAggregateTypes returns the list of aggregate types ZITADEL implements
* feat(adminAPI): ListEvents allows `IAM_OWNERS` to search for events
* feat(import): add functionality to import data into an instance
* feat(import): move import to admin api and additional checks for nil pointer
* fix(export): export implementation with filtered members and grants
* fix: export and import implementation
* fix: add possibility to export hashed passwords with the user
* fix(import): import with structure of v1 and v2
* docs: add v1 proto
* fix(import): check im imported user is already existing
* fix(import): add otp import function
* fix(import): add external idps, domains, custom text and messages
* fix(import): correct usage of default values from login policy
* fix(export): fix renaming of add project function
* fix(import): move checks for unit tests
* expect filter
* fix(import): move checks for unit tests
* fix(import): move checks for unit tests
* fix(import): produce prerelease from branch
* fix(import): correctly use provided user id for machine user imports
* fix(import): corrected otp import and added guide for export and import
* fix: import verified and primary domains
* fix(import): add reading from gcs, s3 and localfile with tracing
* fix(import): gcs and s3, file size correction and error logging
* Delete docker-compose.yml
* fix(import): progress logging and count of resources
* fix(import): progress logging and count of resources
* log subscription
* fix(import): incorporate review
* fix(import): incorporate review
* docs: add suggestion for import
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* fix(import): add verification otp event and handling of deleted but existing users
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* fix: compatability for cockroach v22.1
* update cr version in docs and compose
* bind dev cockroach to 127.0.0.1
* Revert "bind dev cockroach to 127.0.0.1"
This reverts commit 1c7c6304ae.
* remove --listen-addr flag
* use v2.0.0-v2-alpha.16
* use v2.0.0-v2-alpha.17
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* feat: add system api proto
* Update proto/zitadel/instance.proto
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* Update proto/zitadel/instance.proto
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* Update proto/zitadel/instance.proto
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: add system api proto
* feat: add system api proto
* feat: add system api proto
* feat: add system api proto
* generate grpc
* feat: remove region from system proto
* fix: remove metrics endpoint
* fix: add md file
* rebuild proto
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* not working
* test ci
* correct path
* test
* test
* test
* remove k8s & test
* test
* test image
* typo
* test
* fix
* test
* fix
* test
* fix
* fix windows
* fix
* fix
* fix codecov
* fix with arch
* test
* test
* test
* test
* trial
* trial
* trial
* trial
* trial
* trial
* trial
* try
* try
* first improvement
* trial
* improve
* improve
* improve
* use bash
* trial
* random test
* wip
* test with goreleaser and semrel
* fix typo
* trial
* add buildx
* define default
* force buildkit
* use buildx
* debug GH docker
* use images
* debug docker
* work around image name issues
* trial
* test
* test with prebuilt image
* fix
* use load
* test
* use only docker
* trial
* test
* use load
* test
* test with docker driver
* trial
* trial
* trial
* use arm
* upload artifacts
* try to cache grpc base
* try to use a cache
* fall back
* test
* fix
* improve
* upload artifacts
* fix
* name things
* add tag if poc
* args for protos
* remove v2 build
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
