till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 21:21:10 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
managarten/docs/ENV_AUDIT_SUMMARY.md
Wuesteon 0ebfde0851 fix(ci): build shared packages before tests and fix formatting 
- Add build:packages step to all test.yml jobs (fixes @manacore/shared-nestjs-auth not found)
- Handle missing coverage artifacts gracefully in test-coverage.yml
- Update .prettierignore to exclude apps-archived/ and problematic files
- Format all source files to pass CI checks

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-01 23:15:00 +01:00

184 lines
4.8 KiB
Markdown
Raw Permalink Blame History

# Environment Audit - Quick Summary
## Issues Found: 8 Critical/Major Items
### BLOCKING (Fix immediately - prevent simultaneous backend execution)
**Port Conflicts:**
```
Port 3002: Chat (3002) ← → Nutriphi (3002) [CONFLICT]
Port 3003: Picture (3003) ← → Maerchenzauber (3003) [CONFLICT]
```
**Hardcoded Values:**
- Chat backend hardcodes DEV_USER_ID instead of reading from env
### MAJOR (Inconsistencies across codebase)
**Auth URL Variable Names (Choose One):**
- Chat: MANA_CORE_AUTH_URL ✓
- Picture: MANA_CORE_AUTH_URL ✓
- Zitare: MANA_CORE_AUTH_URL ✓
- Presi: MANA_CORE_AUTH_URL ✓
- **Manadeck: MANA_SERVICE_URL** ← Should standardize
- **Nutriphi: MANACORE_AUTH_URL** ← Should standardize
**CORS Origins:**
- Hardcoded in 4 backends (Chat, Picture, Zitare, Presi)
- Should use CORS_ORIGINS from environment
**Missing Documentation:**
- No .env.example for Zitare backend
- No .env.example for Presi backend
### MEDIUM (Code quality)
**Validation Schemas:**
- Chat: Missing
- Picture: Missing
- Zitare: Missing
- Presi: Missing
- Manadeck: ✓ Has validation schema
- Mana-Core-Auth: ✓ Has validation config
---
## Quick Fix Checklist
### Phase 1: Critical (1-2 hours)
- [ ] Reassign Picture from port 3003 → 3005
- [ ] Reassign Nutriphi from port 3002 → 3006
- [ ] Add DEV_USER_ID to .env.development
- [ ] Update Chat to load DEV_USER_ID from ConfigService
### Phase 2: Major (2-3 hours)
- [ ] Rename MANA_SERVICE_URL to MANA_CORE_AUTH_URL in Manadeck
- [ ] Rename MANACORE_AUTH_URL to MANA_CORE_AUTH_URL in Nutriphi
- [ ] Create .env.example for Zitare
- [ ] Create .env.example for Presi
### Phase 3: Quality (3-4 hours)
- [ ] Add validation schemas to Chat, Picture, Zitare, Presi
- [ ] Extract CORS origins to environment variables
- [ ] Update all backends to read CORS_ORIGINS from env
---
## Port Mapping (Current vs Recommended)
```
Current: Recommended:
3001 ← Mana Core Auth → 3001 ← Mana Core Auth
3002 ← Chat → 3002 ← Chat
3002 ← Nutriphi [X] → 3006 ← Nutriphi [FIXED]
3003 ← Maerchenzauber → 3003 ← Maerchenzauber
3003 ← Picture [X] → 3005 ← Picture [FIXED]
3004 ← Manadeck → 3004 ← Manadeck
3007 ← Zitare → 3007 ← Zitare
3008 ← Presi → 3008 ← Presi
3010 ← Voxel Lava → 3010 ← Voxel Lava
3011 ← Mana Games → 3011 ← Mana Games
```
---
## Environment Variables Status
### Well-Configured
- MANA_CORE_AUTH_URL (central + mapped)
- JWT keys (central)
- API keys (central)
- Database URLs (individual + mapped)
### Needs Work
- DEV_USER_ID (hardcoded, not in env)
- DEV_BYPASS_AUTH (partial, only Chat)
- CORS_ORIGINS (hardcoded, not used by all)
- Auth URL naming (3 different conventions)
---
## Files to Modify
### .env.development
- [ ] Add DEV_USER_ID line
- [ ] Fix PICTURE_BACKEND_PORT (3003 → 3005)
- [ ] Fix NUTRIPHI_BACKEND_PORT (3002 → 3006)
### scripts/generate-env.mjs
- [ ] Line 205: MANA_SERVICE_URL → MANA_CORE_AUTH_URL (Manadeck)
- [ ] Line 272: MANACORE_AUTH_URL → MANA_CORE_AUTH_URL (Nutriphi)
### Backend Apps (4 files each)
- [ ] apps/chat/apps/backend/src/config/validation.schema.ts (create)
- [ ] apps/picture/apps/backend/src/config/validation.schema.ts (create)
- [ ] apps/zitare/apps/backend/src/config/validation.schema.ts (create)
- [ ] apps/presi/apps/backend/src/config/validation.schema.ts (create)
### Backend Main Files (4 files)
- [ ] apps/chat/apps/backend/src/main.ts (extract CORS)
- [ ] apps/picture/apps/backend/src/main.ts (extract CORS)
- [ ] apps/zitare/apps/backend/src/main.ts (extract CORS)
- [ ] apps/presi/apps/backend/src/main.ts (extract CORS)
### Backend Examples (2 files)
- [ ] apps/zitare/apps/backend/.env.example (create)
- [ ] apps/presi/apps/backend/.env.example (create)
### Chat Guard
- [ ] apps/chat/apps/backend/src/common/guards/jwt-auth.guard.ts
- Remove hardcoded DEV_USER_ID
- Read from configService instead
---
## Testing After Fixes
```bash
# Test all 10 backends can start simultaneously
pnpm dev:auth &
pnpm dev:chat:backend &
pnpm dev:manadeck:backend &
pnpm dev:picture:backend &
pnpm dev:zitare:backend &
pnpm dev:presi:backend &
# Verify each responds
curl http://localhost:3001/health
curl http://localhost:3002/api/health
curl http://localhost:3003/api/health # Maerchenzauber
curl http://localhost:3004/v1/health # Manadeck
curl http://localhost:3005/api/health # Picture (new port)
curl http://localhost:3007/api/health # Zitare
curl http://localhost:3008/api/health # Presi
```
---
## Additional Docs
See full audit report: `/docs/ENV_CONFIGURATION_AUDIT.md`
Key sections:
- Environment Variable Mapping (section 3)
- Hardcoded Values & Security (section 4)
- Configuration Best Practices (section 5)
- Implementation Checklist (section 10)
Reference in a new issue View git blame Copy permalink