feat(test): Add support to HTTPS via Nginx

manoelhc commented 1 month ago

Summary by CodeRabbit

New Features
- Introduced SSL certificate and private key for enhanced security.
- Configured NGINX as a reverse proxy with SSL termination for improved security and performance.
Chores
- Added environment configuration variables for development setup.
- Updated pre-commit hooks to use a new Docker image for TruffleHog and modified arguments for security tools.
Refactor
- Added Docker Compose configurations for web and nginx services, including port mapping, environment variables, and service dependencies.

coderabbitai[bot] commented 1 month ago

Walkthrough

The changes encompass significant enhancements for a development environment, covering environment variables, SSL/TLS configuration, and NGINX as a reverse proxy. Security measures are bolstered through updated pre-commit hooks, with the addition of a .trufflehogignore file to exclude specific directories. Docker Compose configurations for web and nginx services streamline development, ensuring SSL termination and improved security.

Changes

File Path	Summary
`.env.local`	Introduces environment config variables for development, incl. port, DB URI, and JWT settings.
`.pre-commit-config.yaml`, `.trufflehogignore`	Updates TruffleHog Docker image, modifies args for `trivyfs-docker`, `trivyconfig-docker`, and excludes `confs/`.
`confs/docker-compose/nginx/certs/...certificate.crt`, `.../ssl_certificate.key`, `.../nginx.conf`	Adds SSL certificate, private key, configures NGINX as reverse proxy with enhanced security.
`docker-compose.yaml`	Defines settings for `web` and `nginx` services, incl. build, ports, and dependencies.
`.github/workflows/zap-scanner.yaml`, `justfile`	Updates ZAP scanner target URL, simplifies `run-ci` with `docker-compose up` in `justfile`.

[!TIP]

New Features and Improvements
## Review Settings Introduced new personality profiles for code reviews. Users can now select between "Chill" and "Assertive" review tones to tailor feedback styles according to their preferences. The "Assertive" profile posts more comments and nitpicks the code more aggressively, while the "Chill" profile is more relaxed and posts fewer comments. ## AST-based Instructions CodeRabbit offers customizing reviews based on the Abstract Syntax Tree (AST) pattern matching. Read more about AST-based instructions in the [documentation](https://docs.coderabbit.ai/guides/review-instructions#ast-based). ## Community-driven AST-based Rules We are kicking off a community-driven initiative to create and share AST-based rules. Users can now contribute their AST-based rules to detect security vulnerabilities, code smells, and anti-patterns. Please see the [ast-grep-essentials](https://github.com/coderabbitai/ast-grep-essentials) repository for more information. ## New Static Analysis Tools We are continually expanding our support for static analysis tools. We have added support for `biome`, `hadolint`, and `ast-grep`. Update the settings in your `.coderabbit.yaml` file or head over to the settings page to enable or disable the tools you want to use. ## Tone Settings Users can now customize CodeRabbit to review code in the style of their favorite characters or personalities. Here are some of our favorite examples: - Mr. T: "You must talk like Mr. T in all your code reviews. I pity the fool who doesn't!" - Pirate: "Arr, matey! Ye must talk like a pirate in all yer code reviews. Yarrr!" - Snarky: "You must be snarky in all your code reviews. Snark, snark, snark!" ## Revamped Settings Page We have redesigned the settings page for a more intuitive layout, enabling users to find and adjust settings quickly. This change was long overdue; it not only improves the user experience but also allows our development team to add more settings in the future with ease. Going forward, the changes to `.coderabbit.yaml` will be reflected in the settings page, and vice versa. ## Miscellaneous - Turn off free summarization: You can switch off free summarization of PRs opened by users not on a paid plan using the `enable_free_tier` setting. - Knowledge-base scope: You can now set the scope of the knowledge base to either the repository (`local`) or the organization (`global`) level using the `knowledge_base` setting. In addition, you can specify Jira project keys and Linear team keys to limit the knowledge base scope for those integrations. - High-level summary placement: You can now customize the location of the high-level summary in the PR description using the `high_level_summary_placeholder` setting (default `@coderabbitai summary`). - Revamped request changes workflow: You can now configure CodeRabbit to auto-approve or request changes on PRs based on the review feedback using the `request_changes_workflow` setting.

Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger a review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

deepsource-io[bot] commented 1 month ago

Here's the code health analysis summary for commits 4e1d849..d34b909. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
Python	✅ Success		View Check ↗
Test coverage	✅ Success		View Check ↗

Code Coverage Report

Metric	Aggregate	Python
Branch Coverage	87.9%	87.9%
Condition Coverage	87.9%	87.9%
Composite Coverage	96.2%	96.2%
Line Coverage	97.5%	97.5%

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

github-actions[bot] commented 1 month ago

No tag was generated due to PR title not compatible with Conventional Commits.

codecov[bot] commented 1 month ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 97.81%. Comparing base (4e1d849) to head (d34b909).

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #61 +/- ## ======================================= Coverage 97.81% 97.81% ======================================= Files 10 10 Lines 411 411 Branches 76 76 ======================================= Hits 402 402 Misses 9 9 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.