From d5eb4ffde7791678ac039ce4345fb62f1d28c796 Mon Sep 17 00:00:00 2001 From: Clemence Kyara Date: Thu, 29 May 2025 09:19:43 +0300 Subject: [PATCH 1/6] Add environment to site + We use SENTRY_ENVIRONMENT to detect whether we're running local, dev/staging or production + Remove vercel code as we no longer deploy there + remove unused logoUrl since we now have proper CMS --- apps/trustlab/src/utils/site.js | 12 ++++-------- apps/trustlab/turbo.json | 5 +++-- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/apps/trustlab/src/utils/site.js b/apps/trustlab/src/utils/site.js index b1b8305dba..d71b55ca3f 100644 --- a/apps/trustlab/src/utils/site.js +++ b/apps/trustlab/src/utils/site.js @@ -1,3 +1,6 @@ +const environment = (process.env.SENTRY_ENVIRONMENT ?? "local") + .trim() + .toLowerCase(); const name = process.env.NEXT_PUBLIC_APP_NAME ?? "TrustLab"; // see: https://developer.mozilla.org/en-US/docs/Web/API/URL/pathname @@ -9,18 +12,11 @@ const ensureTrailingSlash = (string) => { return url.toString(); }; const url = ensureTrailingSlash(process.env.NEXT_PUBLIC_APP_URL); -let environmentUrl = url; -if (process.env.NEXT_PUBLIC_VERCEL_ENV === "preview") { - environmentUrl = ensureTrailingSlash( - `https://${process.env.NEXT_PUBLIC_VERCEL_URL}`, - ); -} const site = { - environmentUrl, + environment, name, url, - logoUrl: process.env.NEXT_PUBLIC_APP_LOGO_URL, }; export default site; diff --git a/apps/trustlab/turbo.json b/apps/trustlab/turbo.json index ee39bd3fd1..b50fa5e5c6 100644 --- a/apps/trustlab/turbo.json +++ b/apps/trustlab/turbo.json @@ -5,10 +5,11 @@ "env": [ "NEXT_RUNTIME", "PREVIEW_SECRET", + "S3_ACCESS_KEY_ID", "S3_BUCKET", "S3_REGION", - "S3_ACCESS_KEY_ID", - "S3_SECRET_ACCESS_KEY" + "S3_SECRET_ACCESS_KEY", + "SENTRY_ENVIRONMENT" ] } } From aa38fcc2e5ab00addbd5d90f3671a18d6acb03bb Mon Sep 17 00:00:00 2001 From: Clemence Kyara Date: Thu, 29 May 2025 09:21:20 +0300 Subject: [PATCH 2/6] Use site.url --- apps/trustlab/src/next-seo.config.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/trustlab/src/next-seo.config.js b/apps/trustlab/src/next-seo.config.js index f0fda7e918..623a19bce1 100644 --- a/apps/trustlab/src/next-seo.config.js +++ b/apps/trustlab/src/next-seo.config.js @@ -9,11 +9,11 @@ const config = { openGraph: { type: "website", locale: "en_GB", - url: site.environmentUrl, + url: site.url, site_name: site.name, images: [ { - url: `${site.environmentUrl}image.jpg`, + url: `${site.url}image.jpg`, width: 1600, height: 800, alt: site.name, From da4f1abfc969394f8d8d501b69d40eae53309a10 Mon Sep 17 00:00:00 2001 From: Clemence Kyara Date: Thu, 29 May 2025 09:23:01 +0300 Subject: [PATCH 3/6] Use site.environment to set hideAPIURL --- apps/trustlab/src/payload/utils/hideAPIURL.js | 5 +++++ apps/trustlab/src/payload/utils/index.js | 3 +++ apps/trustlab/src/utils/index.js | 3 +++ 3 files changed, 11 insertions(+) create mode 100644 apps/trustlab/src/payload/utils/hideAPIURL.js create mode 100644 apps/trustlab/src/payload/utils/index.js create mode 100644 apps/trustlab/src/utils/index.js diff --git a/apps/trustlab/src/payload/utils/hideAPIURL.js b/apps/trustlab/src/payload/utils/hideAPIURL.js new file mode 100644 index 0000000000..74cefd286b --- /dev/null +++ b/apps/trustlab/src/payload/utils/hideAPIURL.js @@ -0,0 +1,5 @@ +import { site } from "@/trustlab/utils"; + +const hideAPIURL = site.environment === "production"; + +export default hideAPIURL; diff --git a/apps/trustlab/src/payload/utils/index.js b/apps/trustlab/src/payload/utils/index.js new file mode 100644 index 0000000000..6207bfe50e --- /dev/null +++ b/apps/trustlab/src/payload/utils/index.js @@ -0,0 +1,3 @@ +export { default as hideAPIURL } from "./hideAPIURL"; + +export default undefined; diff --git a/apps/trustlab/src/utils/index.js b/apps/trustlab/src/utils/index.js new file mode 100644 index 0000000000..c80681d299 --- /dev/null +++ b/apps/trustlab/src/utils/index.js @@ -0,0 +1,3 @@ +export { default as site } from "./site"; + +export default undefined; From f671b63ff287cdff329047edfbdd1fc39e445f8c Mon Sep 17 00:00:00 2001 From: Clemence Kyara Date: Thu, 29 May 2025 09:25:11 +0300 Subject: [PATCH 4/6] Configure hideAPIURL in collections + enable autosave in Pages --- apps/trustlab/src/payload/collections/Media.js | 3 ++- apps/trustlab/src/payload/collections/Pages.js | 7 +++++-- apps/trustlab/src/payload/collections/Posts.js | 3 ++- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/apps/trustlab/src/payload/collections/Media.js b/apps/trustlab/src/payload/collections/Media.js index 8ff37e5216..3147cfddc4 100644 --- a/apps/trustlab/src/payload/collections/Media.js +++ b/apps/trustlab/src/payload/collections/Media.js @@ -5,6 +5,7 @@ import { createdBy } from "@commons-ui/payload"; import { canManageContent } from "@/trustlab/payload/access/abilities"; import { anyone } from "@/trustlab/payload/access/anyone"; +import { hideAPIURL } from "@/trustlab/payload/utils"; const filename = fileURLToPath(import.meta.url); const dirname = path.dirname(filename); @@ -19,7 +20,7 @@ const Media = { }, admin: { group: "Publication", - hideAPIURL: true, + hideAPIURL, }, fields: [ { diff --git a/apps/trustlab/src/payload/collections/Pages.js b/apps/trustlab/src/payload/collections/Pages.js index f57b5a4b25..92a76dda52 100644 --- a/apps/trustlab/src/payload/collections/Pages.js +++ b/apps/trustlab/src/payload/collections/Pages.js @@ -3,6 +3,7 @@ import { slug, fullTitle } from "@commons-ui/payload"; import { canManagePages } from "@/trustlab/payload/access/abilities"; import { anyone } from "@/trustlab/payload/access/anyone"; import TestBlock from "@/trustlab/payload/blocks/TestBlock"; +import { hideAPIURL } from "@/trustlab/payload/utils"; const Pages = { slug: "pages", @@ -16,7 +17,7 @@ const Pages = { defaultColumns: ["fullTitle", "updatedAt", "_status"], group: "Publication", useAsTitle: "title", - hideAPIURL: true, + hideAPIURL, preview: ({ slug: pageSlug }) => { const encodedParams = new URLSearchParams({ slug: pageSlug, @@ -47,7 +48,9 @@ const Pages = { }, ], versions: { - drafts: true, + drafts: { + autosave: true, + }, }, }; diff --git a/apps/trustlab/src/payload/collections/Posts.js b/apps/trustlab/src/payload/collections/Posts.js index 098833422d..a85ffe1218 100644 --- a/apps/trustlab/src/payload/collections/Posts.js +++ b/apps/trustlab/src/payload/collections/Posts.js @@ -2,6 +2,7 @@ import { slug, createdBy } from "@commons-ui/payload"; import { canManageContent } from "@/trustlab/payload/access/abilities"; import { anyone } from "@/trustlab/payload/access/anyone"; +import { hideAPIURL } from "@/trustlab/payload/utils"; const Posts = { slug: "posts", @@ -15,7 +16,7 @@ const Posts = { defaultColumns: ["title", "createdBy", "updatedAt", "_status"], group: "Publication", useAsTitle: "title", - hideAPIURL: true, + hideAPIURL, preview: ({ slug: pageSlug }) => { const encodedParams = new URLSearchParams({ slug: pageSlug, From bc80bc2c44915515be716f5aa009345922b21e49 Mon Sep 17 00:00:00 2001 From: Clemence Kyara Date: Thu, 29 May 2025 09:26:16 +0300 Subject: [PATCH 5/6] Configure hideAPIURL in globals + improve localized in group fields Also ensure only looggeIn users can read settings as it may contain secrets. Since we're using local APIs, this shouldn't impact building the site. --- apps/trustlab/src/payload/access/abilities.js | 3 ++- apps/trustlab/src/payload/access/index.js | 2 ++ apps/trustlab/src/payload/globals/index.js | 11 +++++++---- .../src/payload/globals/tabs/EngagementTab.js | 5 +++-- 4 files changed, 14 insertions(+), 7 deletions(-) create mode 100644 apps/trustlab/src/payload/access/index.js diff --git a/apps/trustlab/src/payload/access/abilities.js b/apps/trustlab/src/payload/access/abilities.js index 561b4e3d56..14521b51e9 100644 --- a/apps/trustlab/src/payload/access/abilities.js +++ b/apps/trustlab/src/payload/access/abilities.js @@ -21,7 +21,8 @@ export const canManageContent = (user) => { export const canManagePages = (user) => checkRole([ROLE_ADMIN, ROLE_EDITOR], user); -export const canManageSiteSettings = (user) => checkRole([ROLE_ADMIN], user); +export const canManageSiteSettings = ({ req: { user } }) => + checkRole([ROLE_ADMIN], user); // TODO(@kelvinkipruto): what happens on delete? cascade or not? export const canManageUsers = (user) => { diff --git a/apps/trustlab/src/payload/access/index.js b/apps/trustlab/src/payload/access/index.js new file mode 100644 index 0000000000..cbb5ecf33b --- /dev/null +++ b/apps/trustlab/src/payload/access/index.js @@ -0,0 +1,2 @@ +export * from "./anyone"; +export * from "./loggedIn"; diff --git a/apps/trustlab/src/payload/globals/index.js b/apps/trustlab/src/payload/globals/index.js index b1c670221a..ee543803fa 100644 --- a/apps/trustlab/src/payload/globals/index.js +++ b/apps/trustlab/src/payload/globals/index.js @@ -2,19 +2,22 @@ import EngagementTab from "./tabs/EngagementTab"; import GeneralTab from "./tabs/GeneralTab"; import NavigationTab from "./tabs/NavigationTab"; +import { loggedIn } from "@/trustlab/payload/access"; import { canManageSiteSettings } from "@/trustlab/payload/access/abilities"; -import { anyone } from "@/trustlab/payload/access/anyone"; +import { hideAPIURL } from "@/trustlab/payload/utils"; const SiteSettings = { slug: "site-settings", label: "Site", admin: { group: "Settings", - hideAPIURL: true, + hideAPIURL, }, access: { - read: anyone, - update: ({ req: { user } }) => canManageSiteSettings(user), + // Since we're using Local APIs, we should still be able to pull data server-side + // See: note in https://payloadcms.com/docs/local-api/overview#transactions + read: loggedIn, + update: canManageSiteSettings, }, fields: [ { diff --git a/apps/trustlab/src/payload/globals/tabs/EngagementTab.js b/apps/trustlab/src/payload/globals/tabs/EngagementTab.js index 4ecd33cfb9..5ae00ecece 100644 --- a/apps/trustlab/src/payload/globals/tabs/EngagementTab.js +++ b/apps/trustlab/src/payload/globals/tabs/EngagementTab.js @@ -7,6 +7,8 @@ const EngagementTab = { name: "connect", type: "group", label: "Social Accounts", + // If localized is enabled at group level, no need for localized at nested field level + // https://payloadcms.com/docs/fields/group localized: true, fields: [ { @@ -21,7 +23,6 @@ const EngagementTab = { "Text that appears on contact links e.g Stay in Touch", }, required: true, - localized: true, }, socialLinks(), ], @@ -32,6 +33,7 @@ const EngagementTab = { name: "newsletter", type: "group", label: "Email Newsletter", + localized: true, fields: [ { type: "collapsible", @@ -41,7 +43,6 @@ const EngagementTab = { name: "title", type: "text", required: true, - localized: true, }, { name: "embedCode", From 4ed5c88a503bd9cf48bd7c3b82474d82add8955c Mon Sep 17 00:00:00 2001 From: Clemence Kyara Date: Thu, 29 May 2025 13:38:45 +0300 Subject: [PATCH 6/6] Fix docker/setup-qemu-action@v version --- .github/workflows/build-docker-image.yml | 2 +- .github/workflows/trustlab-deploy-dev.yml | 2 +- .github/workflows/twoopstracker-deploy-dev.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index a780885588..d077b8f6e7 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -32,7 +32,7 @@ jobs: # Add support for more platforms with QEMU (optional) - name: Set up QEMU - uses: docker/setup-qemu-action@v + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/trustlab-deploy-dev.yml b/.github/workflows/trustlab-deploy-dev.yml index d9a6aca86c..f61f5d1991 100644 --- a/.github/workflows/trustlab-deploy-dev.yml +++ b/.github/workflows/trustlab-deploy-dev.yml @@ -36,7 +36,7 @@ jobs: # Add support for more platforms with QEMU (optional) - name: Set up QEMU - uses: docker/setup-qemu-action@v + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/twoopstracker-deploy-dev.yml b/.github/workflows/twoopstracker-deploy-dev.yml index 6ddc655f49..adb1a60aee 100644 --- a/.github/workflows/twoopstracker-deploy-dev.yml +++ b/.github/workflows/twoopstracker-deploy-dev.yml @@ -39,7 +39,7 @@ jobs: # Add support for more platforms with QEMU (optional) - name: Set up QEMU - uses: docker/setup-qemu-action@v + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3