docs(README): open links in new tabs

chore: add Sonar analysis
feat: send confirmation email to sender
2025-11-17 10:16:28 +01:00 · 2025-11-16 02:02:58 +01:00 · 2025-11-15 23:43:44 +01:00
11 changed files with 103 additions and 171 deletions
--- a/.github/workflows/README.md
+++ b/.github/workflows/README.md
@@ -84,7 +84,7 @@ Cachix is a Nix binary cache that dramatically speeds up builds by caching build
 Configure these in the workflow's `env` section or as repository variables:

 | Variable           | Description                                    | Default Value | Example            |
-|--------------------|------------------------------------------------|---------------|--------------------|
+|--------------------+------------------------------------------------+---------------+--------------------|
 | `CACHIX_NAME`      | Name of the Cachix cache to use                | `devenv`      | `phundrak-dot-com` |
 | `CACHIX_SKIP_PUSH` | Whether to skip pushing artifacts to the cache | `true`        | `false`            |

--- a/.github/workflows/publish-docker.yml
+++ b/.github/workflows/publish-docker.yml
@@ -16,17 +16,16 @@ env:
  IMAGE_NAME: phundrak/phundrak-dot-com-backend

 jobs:
-  coverage-and-sonar:
+  build-and-publish:
    runs-on: ubuntu-latest
    permissions:
-      content: read
+      contents: read
+      packages: write  # Required for pushing to Phundrak Labs registry
      pull-requests: read

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0

      - name: Install Nix
        uses: cachix/install-nix-action@v27
@@ -42,7 +41,7 @@ jobs:

      - name: Coverage
        run: |
-            nix develop --no-pure-eval --accept-flake-config --command just coverage
+            nix develop --no-pure-eval --command just coverage

      - name: Sonar analysis
        uses: SonarSource/sonarqube-scan-action@v6
@@ -50,146 +49,83 @@ jobs:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}

-  build-docker:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write  # Required for pushing to Phundrak Labs registry
-      pull-requests: read
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Install Nix
-        uses: cachix/install-nix-action@v27
-        with:
-          nix_path: nixpkgs=channel:nixos-unstable
-
-      - name: Setup Cachix
-        uses: cachix/cachix-action@v15
-        with:
-          name: '${{ env.CACHIX_NAME }}'
-          authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
-          skipPush: ${{ github.event_name == 'pull_request' }}
-
      - name: Build Docker image with Nix
        run: |
          echo "Building Docker image..."
          nix build .#backendDockerLatest --accept-flake-config
-          cp -L result docker-image.tar.gz
-
-      - name: Upload Docker image artifact
-        uses: actions/upload-artifact@v3
-        with:
-          name: docker-image
-          path: docker-image.tar.gz
-          retention-days: 1
-
-  push-docker:
-    needs: [coverage-and-sonar, build-docker]
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write  # Required for pushing to Phundrak Labs registry
-
-    steps:
-      - name: Download Docker image artifact
-        uses: actions/download-artifact@v3
-        with:
-          name: docker-image

      - name: Load Docker image
        run: |
          echo "Loading Docker image into Docker daemon..."
-          docker load < docker-image.tar.gz
+          docker load < result

-      - name: Push Docker tags
-        id: push
-        uses: https://labs.phundrak.com/phundrak/docker-push-action@v1
-        with:
-          registry: ${{ env.DOCKER_REGISTRY }}
-          registry-username: ${{ secrets.DOCKER_USERNAME }}
-          registry-password: ${{ secrets.DOCKER_PASSWORD }}
-          image-name: ${{ env.IMAGE_NAME }}
-          local-image-name: phundrak/phundrak-dot-com-backend:latest
-          event-name: ${{ github.event_name }}
-          ref: ${{ github.ref }}
-          ref-type: ${{ github.ref_type }}
-          ref-name: ${{ github.ref_name }}
-          pr-number: ${{ github.event.pull_request.number }}
-      # - name: Log in to Docker Registry
-      #   run: |
-      #     echo "${{ secrets.DOCKER_PASSWORD }}" | docker login ${{ env.DOCKER_REGISTRY }} -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
+      - name: Log in to Docker Registry
+        run: |
+          echo "${{ secrets.DOCKER_PASSWORD }}" | docker login ${{ env.DOCKER_REGISTRY }} -u ${{ secrets.DOCKER_USERNAME }} --password-stdin

-      # - name: Determine tags and push images
-      #   run: |
-      #     set -euo pipefail
+      - name: Determine tags and push images
+        run: |
+          set -euo pipefail

-      #     REGISTRY="${{ env.DOCKER_REGISTRY }}"
-      #     IMAGE_NAME="${{ env.IMAGE_NAME }}"
+          REGISTRY="${{ env.DOCKER_REGISTRY }}"
+          IMAGE_NAME="${{ env.IMAGE_NAME }}"

-      #     # The locally built image from Nix (name comes from Cargo.toml package.name)
-      #     LOCAL_IMAGE="phundrak/phundrak-dot-com-backend:latest"
+          # The locally built image from Nix (name comes from Cargo.toml package.name)
+          LOCAL_IMAGE="phundrak/phundrak-dot-com-backend:latest"

-      #     echo "Event: ${{ github.event_name }}"
-      #     echo "Ref: ${{ github.ref }}"
-      #     echo "Ref type: ${{ github.ref_type }}"
+          echo "Event: ${{ github.event_name }}"
+          echo "Ref: ${{ github.ref }}"
+          echo "Ref type: ${{ github.ref_type }}"

-      #     # Determine which tags to push based on the event
-      #     if [[ "${{ github.event_name }}" == "push" && "${{ github.ref_type }}" == "tag" ]]; then
-      #       # Tag push on main branch → publish 'latest' and versioned tag
-      #       echo "Tag push detected"
-      #       TAG_VERSION="${{ github.ref_name }}"
-      #       # Remove 'v' prefix if present (v1.0.0 → 1.0.0)
-      #       TAG_VERSION="${TAG_VERSION#v}"
+          # Determine which tags to push based on the event
+          if [[ "${{ github.event_name }}" == "push" && "${{ github.ref_type }}" == "tag" ]]; then
+            # Tag push on main branch → publish 'latest' and versioned tag
+            echo "Tag push detected"
+            TAG_VERSION="${{ github.ref_name }}"
+            # Remove 'v' prefix if present (v1.0.0 → 1.0.0)
+            TAG_VERSION="${TAG_VERSION#v}"

-      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
-      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
-      #       docker push "${REGISTRY}/${IMAGE_NAME}:latest"
+            echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
+            docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
+            docker push "${REGISTRY}/${IMAGE_NAME}:latest"

-      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
-      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
-      #       docker push "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
+            echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
+            docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
+            docker push "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"

-      #     elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/develop" ]]; then
-      #       # Push on develop branch → publish 'develop' tag
-      #       echo "Push to develop branch detected"
+          elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/develop" ]]; then
+            # Push on develop branch → publish 'develop' tag
+            echo "Push to develop branch detected"

-      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:develop"
-      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:develop"
-      #       docker push "${REGISTRY}/${IMAGE_NAME}:develop"
+            echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:develop"
+            docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:develop"
+            docker push "${REGISTRY}/${IMAGE_NAME}:develop"

-      #     elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
-      #       # Pull request → publish 'pr<number>' tag
-      #       echo "Pull request detected"
-      #       PR_NUMBER="${{ github.event.pull_request.number }}"
+          elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
+            # Pull request → publish 'pr<number>' tag
+            echo "Pull request detected"
+            PR_NUMBER="${{ github.event.pull_request.number }}"

-      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
-      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
-      #       docker push "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
+            echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
+            docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
+            docker push "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"

-      #     elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/main" ]]; then
-      #       # Push to main branch (not a tag) → publish 'latest'
-      #       echo "Push to main branch detected"
+          elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/main" ]]; then
+            # Push to main branch (not a tag) → publish 'latest'
+            echo "Push to main branch detected"

-      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
-      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
-      #       docker push "${REGISTRY}/${IMAGE_NAME}:latest"
+            echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
+            docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
+            docker push "${REGISTRY}/${IMAGE_NAME}:latest"

-      #     else
-      #       echo "Unknown event or ref, skipping push"
-      #       exit 1
-      #     fi
+          else
+            echo "Unknown event or ref, skipping push"
+            exit 1
+          fi

-      # - name: Log out from Docker Registry
-      #   if: always()
-      #   run: docker logout ${{ env.DOCKER_REGISTRY }}
-
-      - name: Delete Docker image artifact
-        uses: geekyeggo/delete-artifact@v2
-        with:
-          name: docker-image
+      - name: Log out from Docker Registry
+        if: always()
+        run: docker logout ${{ env.DOCKER_REGISTRY }}

      - name: Image published successfully
        run: |
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -134,26 +134,6 @@ dependencies = [
 "fs_extra",
 ]

-[[package]]
-name = "bakit"
-version = "0.1.0"
-dependencies = [
- "chrono",
- "config",
- "dotenvy",
- "governor",
- "lettre",
- "poem",
- "poem-openapi",
- "serde",
- "serde_json",
- "thiserror",
- "tokio",
- "tracing",
- "tracing-subscriber",
- "validator",
-]
-
 [[package]]
 name = "base64"
 version = "0.21.7"
@@ -1593,6 +1573,26 @@ dependencies = [
 "sha2",
 ]

+[[package]]
+name = "phundrak-dot-com-backend"
+version = "0.1.0"
+dependencies = [
+ "chrono",
+ "config",
+ "dotenvy",
+ "governor",
+ "lettre",
+ "poem",
+ "poem-openapi",
+ "serde",
+ "serde_json",
+ "thiserror",
+ "tokio",
+ "tracing",
+ "tracing-subscriber",
+ "validator",
+]
+
 [[package]]
 name = "pin-project"
 version = "0.4.30"
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,5 +1,5 @@
 [package]
-name = "bakit"
+name = "phundrak-dot-com-backend"
 version = "0.1.0"
 edition = "2024"
 publish = false
@@ -11,7 +11,7 @@ path = "src/lib.rs"

 [[bin]]
 path = "src/main.rs"
-name = "bakit"
+name = "phundrak-dot-com-backend"

 [dependencies]
 chrono = { version = "0.4.42", features = ["serde"] }
--- a/README.md
+++ b/README.md
@@ -3,20 +3,14 @@ include_toc: true
 gitea: none
 ---

-<h1 align="center">Bakit</h1>
-<div align="center">
- <strong>
-   A backend for my personal website
- </strong>
-</div>
-<br/>
+# phundrak.com Backend

 <div align="center">
-  <a href="https://sonar.phundrak.com/dashboard?id=bakit" target="_blank">
-    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=bakit&metric=coverage&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Coverage" />
+  <a href="https://sonar.phundrak.com/dashboard?id=phundrak-backend" target="_blank">
+    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=phundrak-backend&metric=coverage&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Coverage" />
  </a>
-  <a href="https://sonar.phundrak.com/dashboard?id=bakit" target="_blank">
-    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=bakit&metric=alert_status&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Quality Gate Status" />
+  <a href="https://sonar.phundrak.com/dashboard?id=phundrak-backend" target="_blank">
+    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=phundrak-backend&metric=alert_status&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Quality Gate Status" />
  </a>
  <a href="#license">
    <img src="https://img.shields.io/badge/License-AGPL--3.0--only-blue" alt="License" />
@@ -26,6 +20,8 @@ gitea: none
  </a>
 </div>

+The backend for [phundrak.com](https://phundrak.com), built with Rust and the [Poem](https://github.com/poem-web/poem) web framework.
+
 ## Features

 - **RESTful API** with automatic OpenAPI/Swagger documentation
@@ -141,14 +137,14 @@ For optimized production builds:
 cargo build --release
 ```

-The compiled binary will be at `target/release/bakit`.
+The compiled binary will be at `target/release/backend`.

 **With Nix:**

 Build the backend binary:
 ```bash
 nix build .#backend
-# Binary available at: ./result/bin/bakit
+# Binary available at: ./result/bin/backend
 ```

 Build Docker images:
@@ -161,7 +157,7 @@ nix build .#backendDockerLatest

 # Load into Docker
 docker load < result
-# Image will be available as: localhost/phundrak/bakit:latest
+# Image will be available as: localhost/phundrak/backend-rust:latest
 ```

 The Nix build ensures reproducible builds with all dependencies pinned.
@@ -336,7 +332,7 @@ Docker images are automatically built and published via GitHub Actions to the co
 Pull and run the latest image:
 ```bash
 # Pull from Phundrak Labs (labs.phundrak.com)
-docker pull labs.phundrak.com/phundrak/bakit:latest
+docker pull labs.phundrak.com/phundrak/phundrak-dot-com-backend:latest

 # Run the container
 docker run -d \
@@ -349,7 +345,7 @@ docker run -d \
  -e APP__EMAIL__PASSWORD=your_password \
  -e APP__EMAIL__FROM="Contact Form <noreply@example.com>" \
  -e APP__EMAIL__RECIPIENT="Admin <admin@example.com>" \
-  labs.phundrak.com/phundrak/bakit:latest
+  labs.phundrak.com/phundrak/phundrak-dot-com-backend:latest
 ```

 ### Available Image Tags
@@ -367,7 +363,7 @@ Build with Nix (recommended for reproducibility):
 ```bash
 nix build .#backendDockerLatest
 docker load < result
-docker run -p 3100:3100 localhost/phundrak/bakit:latest
+docker run -p 3100:3100 localhost/phundrak/backend-rust:latest
 ```

 Build with Docker directly:
@@ -383,7 +379,7 @@ version: '3.8'

 services:
  backend:
-    image: labs.phundrak.com/phundrak/bakit:latest
+    image: labs.phundrak.com/phundrak/phundrak-dot-com-backend:latest
    ports:
      - "3100:3100"
    environment:
@@ -435,7 +431,7 @@ To use the published images, authenticate with the registry:
 echo $GITHUB_TOKEN | docker login labs.phundrak.com -u USERNAME --password-stdin

 # Pull the image
-docker pull labs.phundrak.com/phundrak/bakit:latest
+docker pull labs.phundrak.com/phundrak/phundrak-dot-com-backend:latest
 ```

 ### Required Secrets
--- a/settings/development.yaml
+++ b/settings/development.yaml
@@ -5,7 +5,7 @@ application:
  protocol: http
  host: 127.0.0.1
  base_url: http://127.0.0.1:3100
-  name: "bakit-dev"
+  name: "com.phundrak.backend.dev"

 email:
  host: localhost
--- a/settings/production.yaml
+++ b/settings/production.yaml
@@ -2,7 +2,7 @@ debug: false
 frontend_url: ""

 application:
-  name: "bakit-prod"
+  name: "com.phundrak.backend.prod"
  protocol: https
  host: 0.0.0.0
  base_url: ""
--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -1 +1 @@
-sonar.projectKey=bakit
+sonar.projectKey=phundrak-backend
--- a/src/main.rs
+++ b/src/main.rs
@@ -3,5 +3,5 @@
 #[cfg(not(tarpaulin_include))]
 #[tokio::main]
 async fn main() -> Result<(), std::io::Error> {
-    bakit::run(None).await
+    phundrak_dot_com_backend::run(None).await
 }
--- a/src/route/contact/errors.rs
+++ b/src/route/contact/errors.rs
@@ -268,7 +268,7 @@ mod tests {

    #[test]
    fn from_validation_errors_with_name_error() {
-        use validator::Validate;
+        use validator::{Validate, ValidationError};

        #[derive(Validate)]
        struct TestStruct {
--- a/src/route/contact/mod.rs
+++ b/src/route/contact/mod.rs
@@ -933,7 +933,7 @@ mod tests {
        assert!(result.is_err());
        match result.unwrap_err() {
            ContactError::CouldNotParseSettingsEmail(_) => (),
-            e => panic!("Expected CouldNotParseSettingsEmail, got {e:?}"),
+            e => panic!("Expected CouldNotParseSettingsEmail, got {:?}", e),
        }
    }

@@ -964,7 +964,7 @@ mod tests {
        assert!(result.is_err());
        match result.unwrap_err() {
            ContactError::CouldNotParseRequestEmailAddress(_) => (),
-            e => panic!("Expected CouldNotParseRequestEmailAddress, got {e:?}"),
+            e => panic!("Expected CouldNotParseRequestEmailAddress, got {:?}", e),
        }
    }

@@ -996,7 +996,7 @@ mod tests {
        assert!(result.is_err());
        match result.unwrap_err() {
            ContactError::CouldNotSendEmail(_) => (),
-            e => panic!("Expected CouldNotSendEmail, got {e:?}"),
+            e => panic!("Expected CouldNotSendEmail, got {:?}", e),
        }
    }
 }