Compare revisions

svwolter · Sven Wolter · svwolter · Sven Wolter · Sven Wolter · Sven Wolter
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
+# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
+# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
+
 stages:
-  - .pre
+  - ".pre"
  - build
-  - db-test
-  - unit-test
-  - e2e-test
+  - test
+  - test-db
+  - test-units
+  - test-e2e
  - lint
  - audit
+  - scan-dependencies
  - build-images
  - scan-images

 image: node:18-bullseye-slim

 variables:
-  REGISTRY: $CI_REGISTRY
-  REGISTRY_USER: $CI_REGISTRY_USER
-  REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD
+  REGISTRY: "$CI_REGISTRY"
+  REGISTRY_USER: "$CI_REGISTRY_USER"
+  REGISTRY_PASSWORD: "$CI_REGISTRY_PASSWORD"
  REGISTRY_PROJECT: "/${CI_PROJECT_PATH}/"
-  DOCKER_IMAGE: "docker:20.10-git"
-  DOCKER_SERVICE: "docker:20.10-dind"
-  DOCKER_TLS_CERTDIR: ""
-  CYPRESS_IMAGE: "cypress/browsers:node16.18.0-chrome107-ff106-edge"
+  DOCKER_IMAGE: docker:20.10-git
+  DOCKER_SERVICE: docker:20.10-dind
+  DOCKER_TLS_CERTDIR: ''
+  CYPRESS_IMAGE: cypress/browsers:node16.18.0-chrome107-ff106-edge
  CYPRESS_CACHE_FOLDER: "$CI_PROJECT_DIR/cache/Cypress"
-  TRIVY_IMAGE: "aquasec/trivy:0.36.1"
+  TRIVY_IMAGE: aquasec/trivy:0.36.1

 include:
-  - local: .gitlab-ci/*.gitlab-ci.yml
+  - local: ".gitlab-ci/*.gitlab-ci.yml"
+  - template: Security/Dependency-Scanning.gitlab-ci.yml

 check-config:
-  stage: .pre
+  stage: ".pre"
  interruptible: true
  allow_failure: true
  rules:
-    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
-    - if: $CI_COMMIT_BRANCH
-    - if: $CI_COMMIT_TAG
+    - if: "$CI_PIPELINE_SOURCE == 'merge_request_event'"
+    - if: "$CI_COMMIT_BRANCH"
+    - if: "$CI_COMMIT_TAG"
  script:
    - echo $CI_PIPELINE_SOURCE
    - echo $CI_REGISTRY

--- a/.gitlab-ci/Branch&PreRelease-Pipelines.gitlab-ci.yml
+++ b/.gitlab-ci/Branch&PreRelease-Pipelines.gitlab-ci.yml
@@ -31,14 +31,6 @@
    - if: $CI_COMMIT_TAG
      when: never

-.develop_pr_db_rules:
-  rules:
-    - if: $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "develop"
-      changes:
-        - database/*
-    - if: $CI_COMMIT_TAG
-      when: never
-
 .develop_pr_manual_rules:
  rules:
    - if: $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "develop"
@@ -218,7 +210,7 @@ build-db-image:
  interruptible: true
  rules:
    - !reference [ .default_db_rules, rules ]
-    - !reference [ .develop_pr_db_rules, rules ]
+    - !reference [ .develop_pr_base_rules, rules ]
  image: $DOCKER_IMAGE
  services:
    - $DOCKER_SERVICE
@@ -237,7 +229,7 @@ build-liquibase-image:
  interruptible: true
  rules:
    - !reference [ .default_db_rules, rules ]
-    - !reference [ .develop_pr_db_rules, rules ]
+    - !reference [ .develop_pr_base_rules, rules ]
  image: $DOCKER_IMAGE
  services:
    - $DOCKER_SERVICE
@@ -266,11 +258,11 @@ build-app:
      - dist

 test-db:
-  stage: db-test
+  stage: test-db
  interruptible: true
  rules:
    - !reference [ .default_db_rules, rules ]
-    - !reference [ .develop_pr_db_rules, rules ]
+    - !reference [ .develop_pr_base_rules, rules ]
  needs:
    - build-db-image
    - build-liquibase-image
@@ -300,7 +292,7 @@ test-db:
      --classpath=changelog history

 test-app:
-  stage: unit-test
+  stage: test-units
  interruptible: true
  allow_failure: true
  extends: .distributed
@@ -312,7 +304,7 @@ test-app:
    - npx nx affected --base=HEAD~1 --target=test --parallel=2

 test-app-e2e:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  extends: .distributed
@@ -339,7 +331,7 @@ test-app-e2e:
    - npx nx e2e frontend-e2e --prod --browser chrome || ( pkill npx && exit 1 )

 test-app-e2e-api:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  extends: .distributed
@@ -366,7 +358,7 @@ test-app-e2e-api:
    - npx nx e2e frontend-e2e --prod --browser chrome --spec "./apps/frontend-e2e/src/e2e/api/*" || ( pkill npx && exit 1 )

 test-app-e2e-ui-chrome:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  extends: .distributed
@@ -393,7 +385,7 @@ test-app-e2e-ui-chrome:
    - npx nx e2e frontend-e2e --prod --browser chrome --spec "./apps/frontend-e2e/src/e2e/ui/*" || ( pkill npx && exit 1 )

 test-app-e2e-ui-chrome-mobile:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  extends: .distributed
@@ -421,7 +413,7 @@ test-app-e2e-ui-chrome-mobile:
      --config "viewportWidth=375,viewportHeight=667" || ( pkill npx && exit 1 )

 test-app-e2e-ui-firefox:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  extends: .distributed
@@ -448,7 +440,7 @@ test-app-e2e-ui-firefox:
    - npx nx e2e frontend-e2e --prod --browser firefox --spec "./apps/frontend-e2e/src/e2e/ui/*" || ( pkill npx && exit 1 )

 test-app-e2e-ui-firefox-mobile:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  extends: .distributed
@@ -476,7 +468,7 @@ test-app-e2e-ui-firefox-mobile:
      --config "viewportWidth=375,viewportHeight=667" || ( pkill npx && exit 1 )

 test-app-e2e-ui-edge:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  extends: .distributed
@@ -503,7 +495,7 @@ test-app-e2e-ui-edge:
    - npx nx e2e frontend-e2e --prod --browser edge --spec "./apps/frontend-e2e/src/e2e/ui/*" || ( pkill npx && exit 1 )

 test-app-e2e-ui-edge-mobile:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  extends: .distributed
@@ -552,6 +544,13 @@ audit-app:
  script:
    - npm audit --audit-level critical

+gemnasium-dependency_scanning:
+  stage: scan-dependencies
+  interruptible: true
+  allow_failure: true
+  rules:  # TODO: Overwriting of rules does not work
+    - !reference [ .develop_pr_base_rules, rules ]
+
 build-develop-commit-db-image:
  stage: build-images
  rules:

--- a/.gitlab-ci/Release-Pipelines.gitlab-ci.yml
+++ b/.gitlab-ci/Release-Pipelines.gitlab-ci.yml
@@ -290,7 +290,7 @@ build-main-pr-frontend-image:
    - docker logout $CI_REGISTRY

 test-main-pr-db:
-  stage: db-test
+  stage: test-db
  interruptible: true
  rules:
    - !reference [ .main_pr_base_rules, rules ]
@@ -324,7 +324,7 @@ test-main-pr-db:
      --username=${POSTGRES_USER} --password=${POSTGRES_PASSWORD} --classpath=changelog history

 test-main-pr-backend:
-  stage: unit-test
+  stage: test-units
  interruptible: true
  allow_failure: true
  rules:
@@ -342,7 +342,7 @@ test-main-pr-backend:
    - docker run ${BACKEND_IMAGE_NAME}:${CI_MERGE_REQUEST_TARGET_BRANCH_SHA}_test test api

 test-main-pr-frontend:
-  stage: unit-test
+  stage: test-units
  interruptible: true
  allow_failure: true
  rules:
@@ -360,7 +360,7 @@ test-main-pr-frontend:
    - docker run ${FRONTEND_IMAGE_NAME}:${CI_MERGE_REQUEST_TARGET_BRANCH_SHA}_test test frontend

 test-main-pr-e2e:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  rules:
@@ -386,7 +386,7 @@ test-main-pr-e2e:
    - docker compose -f docker-compose.e2e.yml up --quiet-pull --exit-code-from test-e2e test-e2e

 test-main-pr-e2e-api:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  rules:
@@ -412,7 +412,7 @@ test-main-pr-e2e-api:
    - docker compose -f docker-compose.e2e.yml up --quiet-pull --exit-code-from test-e2e-api test-e2e-api

 test-main-pr-e2e-ui-chrome:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  rules:
@@ -438,7 +438,7 @@ test-main-pr-e2e-ui-chrome:
    - docker compose -f docker-compose.e2e.yml up --quiet-pull --exit-code-from test-e2e-ui-chrome test-e2e-ui-chrome

 test-main-pr-e2e-ui-chrome-mobile:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  rules:
@@ -464,7 +464,7 @@ test-main-pr-e2e-ui-chrome-mobile:
    - docker compose -f docker-compose.e2e.yml up --quiet-pull --exit-code-from test-e2e-ui-chrome-mobile test-e2e-ui-chrome-mobile

 test-main-pr-e2e-ui-firefox:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  rules:
@@ -490,7 +490,7 @@ test-main-pr-e2e-ui-firefox:
    - docker compose -f docker-compose.e2e.yml up --quiet-pull --exit-code-from test-e2e-ui-firefox test-e2e-ui-firefox

 test-main-pr-e2e-ui-firefox-mobile:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  rules:
@@ -516,7 +516,7 @@ test-main-pr-e2e-ui-firefox-mobile:
    - docker compose -f docker-compose.e2e.yml up --quiet-pull --exit-code-from test-e2e-ui-firefox-mobile test-e2e-ui-firefox-mobile

 test-main-pr-e2e-ui-edge:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  rules:
@@ -542,7 +542,7 @@ test-main-pr-e2e-ui-edge:
    - docker compose -f docker-compose.e2e.yml up --quiet-pull --exit-code-from test-e2e-ui-edge test-e2e-ui-edge

 test-main-pr-e2e-ui-edge-mobile:
-  stage: e2e-test
+  stage: test-e2e
  interruptible: true
  allow_failure: true
  rules:
@@ -655,6 +655,13 @@ audit-main-pr-frontend:
  script:
    - docker run --entrypoint npm ${FRONTEND_IMAGE_NAME}:${CI_MERGE_REQUEST_TARGET_BRANCH_SHA}_test audit --audit-level critical

+gemnasium-dependency_scanning:
+  stage: scan-dependencies
+  interruptible: true
+  allow_failure: true
+  rules:  # TODO: Rules does not work
+    - !reference [ .main_pr_base_rules, rules ]
+
 build-main-commit-db-image:
  stage: build-images
  rules:

--- a/Makefile
+++ b/Makefile
@@ -8,10 +8,6 @@ audit-backend:
 audit-frontend:
 	$(MAKE) -f $(MK_FILE_DIR)/audit.mk -C $(MK_FILE_DIR) $@

-dev-status:
-	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
-dev-logs:
-	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
 dev-up:
 	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
 dev-down:
@@ -20,11 +16,17 @@ dev-start:
 	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
 dev-stop:
 	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
-dev-build:
+dev-status:
+	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
+dev-logs:
 	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
 dev-config:
 	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
-dev-clean:
+dev-build:
+	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
+dev-clean-system:
+	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
+dev-clean-volumes:
 	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
 dev-clean-all:
 	$(MAKE) -f $(MK_FILE_DIR)/dev.mk -C $(MK_FILE_DIR) $@
@@ -59,10 +61,6 @@ lint-frontend:
 lint-frontend-e2e:
 	$(MAKE) -f $(MK_FILE_DIR)/lint.mk -C $(MK_FILE_DIR) $@

-production-status:
-	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
-production-logs:
-	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
 production-ramp-up:
 	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
 production-shut-down:
@@ -71,6 +69,16 @@ production-start:
 	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
 production-stop:
 	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
+production-status:
+	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
+production-logs:
+	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
+production-config:
+	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
+production-clean:
+	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
+production-liquibase-status:
+	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
 production-connect-db:
 	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
 production-dump-all:
@@ -85,10 +93,6 @@ production-dump-db-data-only:
 	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
 production-restore-db-data-only:
 	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
-production-config:
-	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@
-production-clean:
-	$(MAKE) -f $(MK_FILE_DIR)/prod.mk -C $(MK_FILE_DIR) $@

 push-dockerhub:
 	$(MAKE) -f $(MK_FILE_DIR)/push.mk -C $(MK_FILE_DIR) $@

--- a/database/changelog/personaldb.changelog-1.0.2.sql
+++ b/database/changelog/personaldb.changelog-1.0.2.sql
@@ -30,7 +30,7 @@ ALTER TABLE "public"."cost_unit_staff" ADD "hours" INTEGER DEFAULT 40 NOT NULL;

 -- changeset mechtelm:8
 ALTER TABLE "public"."user" RENAME COLUMN "is_personal_admin" TO "is_staff_admin";
-- ALTER TABLE "public"."user" RENAME COLUMN "is_staff_admin" TO "is_personal_admin";
+-- rollback ALTER TABLE "public"."user" RENAME COLUMN "is_staff_admin" TO "is_personal_admin";

 -- changeset mechtelm:9
 ALTER TABLE "public"."staff" ADD "changes" JSONB;

--- a/package-lock.json
+++ b/package-lock.json
 {
  "name": "personaldb",
-  "version": "1.0.0-beta.2",
+  "version": "1.0.0-beta.3",
  "lockfileVersion": 2,
  "requires": true,
  "packages": {
    "": {
      "name": "personaldb",
-      "version": "1.0.0-beta.2",
+      "version": "1.0.0-beta.3",
      "hasInstallScript": true,
      "license": "MIT",
      "dependencies": {
--- a/scripts/make/dev-db.mk
+++ b/scripts/make/dev-db.mk
-.PHONY: dev-db-up dev-db-down dev-db-update-status dev-db-update-history dev-db-validate-changelog dev-db-update-display-sql dev-db-update-testing-rollback dev-db-update dev-db-rollback-lastchangeset dev-db-generate-docs
+.PHONY: dev-db-up dev-db-down dev-db-update-status dev-db-update-history dev-db-validate-changelog \
+dev-db-update-display-sql dev-db-update-testing-rollback dev-db-update dev-db-rollback-lastchangeset \
+dev-db-generate-docs
 SHELL:=/bin/bash -O extglob
 BASE_DIR := $(shell git rev-parse --show-toplevel)
 include $(BASE_DIR)/.env.dev
@@ -14,35 +16,59 @@ dev-db-up:
 dev-db-down:
 	docker compose --env-file $(BASE_DIR)/.env.dev down

-## Outputs the count of changesets that have not been deployed (https://docs.liquibase.com/commands/status/status.html)
+## Outputs the count of changesets that have not been deployed
+# (https://docs.liquibase.com/commands/status/status.html)
 dev-db-update-status: .EXPORT_ALL_VARIABLES
-	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) --classpath=changelog --logLevel=info status
+	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml \
+    --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) \
+    --classpath=changelog --logLevel=info status

-## Lists all deployed changesets and their deploymentIds (https://docs.liquibase.com/commands/status/history.html)
+## Lists all deployed changesets and their deploymentIds
+# (https://docs.liquibase.com/commands/status/history.html)
 dev-db-update-history: .EXPORT_ALL_VARIABLES
-	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) --classpath=changelog --logLevel=info history
+	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml \
+		--url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) \
+		--classpath=changelog --logLevel=info history

-## Checks and identifies any possible errors in a changelog that may cause the update command to fail (https://docs.liquibase.com/commands/maintenance/validate.html)
+## Checks and identifies any possible errors in a changelog that may cause the update command to fail
+# (https://docs.liquibase.com/commands/maintenance/validate.html)
 dev-db-validate-changelog: .EXPORT_ALL_VARIABLES
-	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) --classpath=changelog --logLevel=info validate
+	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml \
+		--url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) \
+		--classpath=changelog --logLevel=info validate

-## Displays the SQL Liquibase will run while using the update command (https://docs.liquibase.com/commands/update/update-sql.html)
+## Displays the SQL Liquibase will run while using the update command
+# (https://docs.liquibase.com/commands/update/update-sql.html)
 dev-db-update-display-sql: .EXPORT_ALL_VARIABLES
-	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) --classpath=changelog --logLevel=info updateSQL
+	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml \
+		--url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) \
+		--classpath=changelog --logLevel=info updateSQL

-## Updates the database, then rolls back changes before updating again (https://docs.liquibase.com/commands/update/update-testing-rollback.html)
+## Updates the database, then rolls back changes before updating again
+# (https://docs.liquibase.com/commands/update/update-testing-rollback.html)
 dev-db-update-testing-rollback: .EXPORT_ALL_VARIABLES
-	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) --classpath=changelog --logLevel=info updateTestingRollback
+	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml \
+		--url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) \
+		--classpath=changelog --logLevel=info updateTestingRollback

-## Updates database to current version (https://docs.liquibase.com/commands/update/update.html)
+## Updates database to current version
+# (https://docs.liquibase.com/commands/update/update.html)
 dev-db-update: .EXPORT_ALL_VARIABLES
-	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) --classpath=changelog --logLevel=info update
+	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml \
+		--url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) \
+		--classpath=changelog --logLevel=info update

-## Rolls back the last changeset (https://docs.liquibase.com/commands/rollback/rollback-count.html)
+## Rolls back the last changeset
+# (https://docs.liquibase.com/commands/rollback/rollback-count.html)
 dev-db-rollback-lastchangeset: .EXPORT_ALL_VARIABLES
-	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) --classpath=changelog --logLevel=info rollbackCount 1
+	cd $(BASE_DIR) && docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml \
+		--url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) \
+		--classpath=changelog --logLevel=info rollbackCount 1

-## Generates Javadoc-like documentation based on current database and changelog (https://docs.liquibase.com/commands/docs/db-doc.html)
+## Generates Javadoc-like documentation based on current database and changelog
+# (https://docs.liquibase.com/commands/docs/db-doc.html)
 dev-db-generate-docs: .EXPORT_ALL_VARIABLES
 	cd $(BASE_DIR) && cd $(BASE_DIR)/database/changelogDocs && rm -vrf !(".gitignore")
-	docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) --classpath=changelog --logLevel=info db-doc --output-directory=changelogDocs
+	docker compose run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml \
+		--url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) \
+		--classpath=changelog --logLevel=info db-doc --output-directory=changelogDocs
--- a/scripts/make/dev.mk
+++ b/scripts/make/dev.mk
-.PHONY: dev-up dev-down dev-start dev-stop dev-status dev-logs dev-config dev-build dev-clean dev-clean-all
+.PHONY: dev-up dev-down dev-start dev-stop dev-status dev-logs dev-config dev-build dev-clean-system dev-clean-volumes \
+dev-clean-all
 BASE_DIR := $(shell git rev-parse --show-toplevel)

 ## Create and start all docker containers
@@ -40,10 +41,15 @@ dev-build:
 	docker compose --env-file $(BASE_DIR)/.env.dev build --pull $(SERVICE)

 ## Remove all stopped containers, all unused networks, all dangling images, and all dangling cache
-dev-clean:
+dev-clean-system:
 	docker system prune

-## Removes all unused data volumes, images, containers, networks, and cache.
-# Be careful it cleans all!!!
+## Remove all unused data volumes
+# Be careful, all data could be lost!!!
+dev-clean-volumes:
+	docker volume prune
+
+## Remove all unused data volumes, images, containers, networks, and cache.
+# Be careful, it cleans all!!!
 dev-clean-all:
 	docker system prune --all --volumes
--- a/scripts/make/prod.mk
+++ b/scripts/make/prod.mk
 .PHONY: production-ramp-up production-shut-down production-start production-stop production-status production-logs \
-production-config production-clean production-connect-db production-dump-all production-restore-all production-dump-db \
-production-restore-db production-dump-db-data-only production-restore-db-data-only
+production-config production-clean production-liquibase-status production-connect-db production-dump-all \
+production-restore-all production-dump-db production-restore-db production-dump-db-data-only \
+production-restore-db-data-only
 BASE_DIR := $(shell git rev-parse --show-toplevel)
+CMD ?= status
 include $(BASE_DIR)/.env.prod

 ## exports all variables (especially those of the included .env.prod file!)
@@ -9,86 +11,137 @@ include $(BASE_DIR)/.env.prod

 ## Pull newest images, create and start docker containers
 production-ramp-up:
-	if [ ! -f $(BASE_DIR)/config/frontend/default.conf.template ]; then cp $(BASE_DIR)/config/frontend/default.conf.http-template $(BASE_DIR)/config/frontend/default.conf.template; fi
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml pull
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml up -d
+	if [ ! -f $(BASE_DIR)/config/frontend/default.conf.template ]; \
+		then cp $(BASE_DIR)/config/frontend/default.conf.http-template $(BASE_DIR)/config/frontend/default.conf.template; fi
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		--env-file $(BASE_DIR)/.env.prod pull
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		--env-file $(BASE_DIR)/.env.prod up -d

 ## Stop and remove docker containers
 production-shut-down:
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml down
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod down

 ## Start docker containers
 # Param (optional): SERVICE - Start the specified service only, e.g. `SERVICE=db make production-start`
 production-start:
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml start $(SERVICE)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod start $(SERVICE)

 ## Stop docker containers
 production-stop:
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml stop $(SERVICE)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod stop $(SERVICE)

 ## Show status of containers
 # Param (optional): SERVICE - Show status of the specified service only, e.g. `SERVICE=db make production-status`
 production-status:
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml ps -a $(SERVICE)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod ps -a $(SERVICE)

 ## Show service logs
 # Param (optional): SERVICE - Show log of the specified service only, e.g. `SERVICE=db make production-logs`
 production-logs:
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml logs -f $(SERVICE)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod logs -f $(SERVICE)

 ## Show services configuration
 # Param (optional): SERVICE - Show config of the specified service only, e.g. `SERVICE=db make production-config`
 production-config:
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml config $(SERVICE)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		--env-file $(BASE_DIR)/.env.prod config $(SERVICE)

 ## Remove unused (dangling) images, containers, networks, etc. Data volumes will stay untouched!
 production-clean:
 	docker system prune

+## Outputs the count of changesets that have not been deployed
+# (https://docs.liquibase.com/commands/status/status.html)
+production-liquibase-status: .EXPORT_ALL_VARIABLES
+	cd $(BASE_DIR) && docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		--env-file $(BASE_DIR)/.env.prod run --rm liquibase liquibase --changelogFile=personaldb.changelog-root.xml \
+    --url=jdbc:postgresql://db:5432/$(POSTGRES_DB) --username=$(POSTGRES_USER) --password=$(POSTGRES_PASSWORD) \
+    --classpath=changelog --logLevel=info $(CMD)
+
 ## Open DB console
 production-connect-db: .EXPORT_ALL_VARIABLES
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml exec -it db psql -U $(POSTGRES_USER) -d $(POSTGRES_DB)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		--env-file $(BASE_DIR)/.env.prod exec -it db psql -U $(POSTGRES_USER) -d $(POSTGRES_DB)

-## Extract a database cluster into a script file (https://www.postgresql.org/docs/current/app-pg-dumpall.html)
+## Extract a database cluster into a script file
+# (https://www.postgresql.org/docs/current/app-pg-dumpall.html)
 production-dump-all: production-shut-down .EXPORT_ALL_VARIABLES
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml up -d db
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod up -d db
 	sleep 5 ## wait until db startup is completed
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml exec -it db pg_dumpall --verbose -U $(POSTGRES_USER)  > $(BASE_DIR)/database_dumps/all.sql
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml down
-
-## PostgreSQL interactive terminal reads commands from the dump file all.sql (https://www.postgresql.org/docs/14/app-psql.html)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod exec -it db pg_dumpall --verbose -U $(POSTGRES_USER) > \
+		 $(BASE_DIR)/database_dumps/all.sql
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod down
+
+## PostgreSQL interactive terminal reads commands from the dump file all.sql
+# (https://www.postgresql.org/docs/14/app-psql.html)
 production-restore-all: production-shut-down .EXPORT_ALL_VARIABLES
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml up -d db
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml cp $(BASE_DIR)/database_dumps/all.sql db:/tmp/
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod up -d db
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod cp $(BASE_DIR)/database_dumps/all.sql db:/tmp/
 	sleep 10	## wait until file upload is completed
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml exec -it db psql -U $(POSTGRES_USER) -f /tmp/all.sql postgres
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml down
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod exec -it db psql -U $(POSTGRES_USER) -f /tmp/all.sql postgres
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod down

-## Extract a database into a script file or other archive file (https://www.postgresql.org/docs/current/app-pgdump.html)
+## Extract a database into a script file or other archive file
+# (https://www.postgresql.org/docs/current/app-pgdump.html)
 production-dump-db: production-shut-down .EXPORT_ALL_VARIABLES
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml up -d db
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod up -d db
 	sleep 5 ## wait until db startup is completed
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml exec -it db pg_dump --verbose -U $(POSTGRES_USER) -F t $(POSTGRES_DB) > $(BASE_DIR)/database_dumps/$(POSTGRES_DB).tar
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml down
-
-## Restore a database from an archive file created by pg_dump (https://www.postgresql.org/docs/current/app-pgrestore.html)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod exec -it db pg_dump --verbose -U $(POSTGRES_USER) -F t $(POSTGRES_DB) > \
+		 $(BASE_DIR)/database_dumps/$(POSTGRES_DB).tar
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod down
+
+## Restore a database from an archive file created by pg_dump
+# (https://www.postgresql.org/docs/current/app-pgrestore.html)
 production-restore-db: production-shut-down .EXPORT_ALL_VARIABLES
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml up -d db
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml cp $(BASE_DIR)/database_dumps/$(POSTGRES_DB).tar db:/tmp/
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod up -d db
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod cp $(BASE_DIR)/database_dumps/$(POSTGRES_DB).tar db:/tmp/
 	sleep 10	## wait until file upload is completed
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml exec -it db pg_restore --verbose --single-transaction -U $(POSTGRES_USER) -d $(POSTGRES_DB) /tmp/$(POSTGRES_DB).tar
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml down
-
-## Extract a database data into a script file or other archive file (https://www.postgresql.org/docs/current/app-pgdump.html)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod exec -it db pg_restore --verbose --single-transaction -U $(POSTGRES_USER) \
+		 -d $(POSTGRES_DB) /tmp/$(POSTGRES_DB).tar
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod down
+
+## Extract a database data into a script file or other archive file
+# (https://www.postgresql.org/docs/current/app-pgdump.html)
 production-dump-db-data-only: production-shut-down .EXPORT_ALL_VARIABLES
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml up -d db liquibase
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml exec -it db pg_dump --verbose --data-only --exclude-table=public.databasechangelog --exclude-table=public.databasechangeloglock -U $(POSTGRES_USER) -F t $(POSTGRES_DB) > $(BASE_DIR)/database_dumps/$(POSTGRES_DB)_data.tar
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml down
-
-## Restore a database data from an archive file created by pg_dump (https://www.postgresql.org/docs/current/app-pgrestore.html)
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod up -d db liquibase
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod exec -it db pg_dump --verbose --data-only \
+		 --exclude-table=public.databasechangelog --exclude-table=public.databasechangeloglock -U $(POSTGRES_USER) -F \
+		 t $(POSTGRES_DB) > $(BASE_DIR)/database_dumps/$(POSTGRES_DB)_data.tar
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod down
+
+## Restore a database data from an archive file created by pg_dump
+# (https://www.postgresql.org/docs/current/app-pgrestore.html)
 production-restore-db-data-only: production-shut-down .EXPORT_ALL_VARIABLES
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml up -d db liquibase
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml cp $(BASE_DIR)/database_dumps/$(POSTGRES_DB)_data.tar db:/tmp/
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod up -d db liquibase
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod cp $(BASE_DIR)/database_dumps/$(POSTGRES_DB)_data.tar db:/tmp/
 	sleep 10	## wait until file upload is completed
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml exec -it db pg_restore --verbose --data-only --single-transaction --disable-triggers -U $(POSTGRES_USER) -d $(POSTGRES_DB) /tmp/$(POSTGRES_DB)_data.tar
-	docker compose --env-file $(BASE_DIR)/.env.prod -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml down
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod exec -it db pg_restore --verbose --data-only --single-transaction \
+		 --disable-triggers -U $(POSTGRES_USER) -d $(POSTGRES_DB) /tmp/$(POSTGRES_DB)_data.tar
+	docker compose -f $(BASE_DIR)/docker-compose.yml -f $(BASE_DIR)/docker-compose.prod.yml \
+		 --env-file $(BASE_DIR)/.env.prod down
--- a/scripts/make/push.mk
+++ b/scripts/make/push.mk
@@ -4,10 +4,21 @@ TAG := dev

 ## Build and tag all docker images
 .build:
-	cd $(BASE_DIR) && docker build --pull -f $(BASE_DIR)/database/Postgres.Dockerfile --no-cache --rm -t iqbberlin/personaldb-db:$(TAG) -t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-db:$(TAG) .
-	cd $(BASE_DIR) && docker build --pull -f $(BASE_DIR)/database/Liquibase.Dockerfile --no-cache --rm -t iqbberlin/personaldb-liquibase:$(TAG) -t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-liquibase:$(TAG) .
-	cd $(BASE_DIR) && docker build --pull -f $(BASE_DIR)/apps/api/Dockerfile --build-arg project=api --target=prod --no-cache --rm -t iqbberlin/personaldb-backend:$(TAG) -t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-backend:$(TAG) .
-	cd $(BASE_DIR) && docker build --pull -f $(BASE_DIR)/apps/frontend/Dockerfile --build-arg project=frontend --target=prod --no-cache --rm -t iqbberlin/personaldb-frontend:$(TAG) -t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-frontend:$(TAG) .
+	cd $(BASE_DIR) && \
+		docker build --pull -f $(BASE_DIR)/database/Postgres.Dockerfile --no-cache --rm \
+			-t iqbberlin/personaldb-db:$(TAG) -t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-db:$(TAG) .
+	cd $(BASE_DIR) && \
+		docker build --pull -f $(BASE_DIR)/database/Liquibase.Dockerfile --no-cache --rm \
+			-t iqbberlin/personaldb-liquibase:$(TAG) \
+			-t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-liquibase:$(TAG) .
+	cd $(BASE_DIR) && \
+		docker build --pull -f $(BASE_DIR)/apps/api/Dockerfile --build-arg project=api --target=prod --no-cache --rm \
+			-t iqbberlin/personaldb-backend:$(TAG) \
+			-t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-backend:$(TAG) .
+	cd $(BASE_DIR) && \
+		docker build --pull -f $(BASE_DIR)/apps/frontend/Dockerfile --build-arg project=frontend --target=prod \
+			--no-cache --rm -t iqbberlin/personaldb-frontend:$(TAG) \
+			-t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-frontend:$(TAG) .

 ## Push all docker images to 'hub.docker.com'
 push-dockerhub: .build

--- a/scripts/make/scan.mk
+++ b/scripts/make/scan.mk
@@ -7,20 +7,35 @@ scan-app: scan-db scan-liquibase scan-backend scan-frontend

 ## scans db image for security vulnerabilities
 scan-db:
-	cd $(BASE_DIR) && docker build --pull -f $(BASE_DIR)/database/Postgres.Dockerfile --no-cache --rm -t iqbberlin/personaldb-db:scan .
-	docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v ${HOME}/Library/Caches:/root/.cache/ $(TRIVY_VERSION) image --security-checks vuln --ignore-unfixed --severity CRITICAL iqbberlin/personaldb-db:scan
+	cd $(BASE_DIR) && \
+		docker build --pull -f $(BASE_DIR)/database/Postgres.Dockerfile --no-cache --rm -t iqbberlin/personaldb-db:scan .
+	docker run --rm \
+		-v /var/run/docker.sock:/var/run/docker.sock -v ${HOME}/Library/Caches:/root/.cache/ $(TRIVY_VERSION) \
+		image --security-checks vuln --ignore-unfixed --severity CRITICAL iqbberlin/personaldb-db:scan

 ## scans liquibase image for security vulnerabilities
 scan-liquibase:
-	cd $(BASE_DIR) && docker build --pull -f $(BASE_DIR)/database/Liquibase.Dockerfile --no-cache --rm -t iqbberlin/personaldb-liquibase:scan .
-	docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v ${HOME}/Library/Caches:/root/.cache/ $(TRIVY_VERSION) image --security-checks vuln --ignore-unfixed --severity CRITICAL iqbberlin/personaldb-liquibase:scan
+	cd $(BASE_DIR) && \
+		docker build --pull -f $(BASE_DIR)/database/Liquibase.Dockerfile --no-cache --rm \
+			-t iqbberlin/personaldb-liquibase:scan .
+	docker run --rm \
+		-v /var/run/docker.sock:/var/run/docker.sock -v ${HOME}/Library/Caches:/root/.cache/ $(TRIVY_VERSION) \
+		image --security-checks vuln --ignore-unfixed --severity CRITICAL iqbberlin/personaldb-liquibase:scan

 ## scans backend image for security vulnerabilities
 scan-backend:
-	cd $(BASE_DIR) && docker build --pull -f $(BASE_DIR)/apps/api/Dockerfile --build-arg project=api --target=prod --no-cache --rm -t iqbberlin/personaldb-backend:scan .
-	docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v ${HOME}/Library/Caches:/root/.cache/ $(TRIVY_VERSION) image --security-checks vuln --ignore-unfixed --severity CRITICAL iqbberlin/personaldb-backend:scan
+	cd $(BASE_DIR) && \
+		docker build --pull -f $(BASE_DIR)/apps/api/Dockerfile --build-arg project=api --target=prod --no-cache --rm \
+			-t iqbberlin/personaldb-backend:scan .
+	docker run --rm \
+		-v /var/run/docker.sock:/var/run/docker.sock -v ${HOME}/Library/Caches:/root/.cache/ $(TRIVY_VERSION) \
+		image --security-checks vuln --ignore-unfixed --severity CRITICAL iqbberlin/personaldb-backend:scan

 ## scans frontend image for security vulnerabilities
 scan-frontend:
-	cd $(BASE_DIR) && docker build --pull -f $(BASE_DIR)/apps/frontend/Dockerfile --build-arg project=frontend --target=prod --no-cache --rm -t iqbberlin/personaldb-frontend:scan .
-	docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v ${HOME}/Library/Caches:/root/.cache/ $(TRIVY_VERSION) image --security-checks vuln --ignore-unfixed --severity CRITICAL iqbberlin/personaldb-frontend:scan
+	cd $(BASE_DIR) && \
+		docker build --pull -f $(BASE_DIR)/apps/frontend/Dockerfile --build-arg project=frontend --target=prod --no-cache \
+			--rm -t iqbberlin/personaldb-frontend:scan .
+	docker run --rm \
+		-v /var/run/docker.sock:/var/run/docker.sock -v ${HOME}/Library/Caches:/root/.cache/ $(TRIVY_VERSION) \
+		image --security-checks vuln --ignore-unfixed --severity CRITICAL iqbberlin/personaldb-frontend:scan
--- a/scripts/make/test.mk
+++ b/scripts/make/test.mk
 .PHONY: test-app test-backend test-frontend \
-test-e2e-build test-e2e-dev test-e2e-prod test-e2e-api-dev test-e2e-api-prod \
-test-e2e-ui-chrome-dev test-e2e-ui-chrome-prod test-e2e-ui-chrome-mobile-dev test-e2e-ui-chrome-mobile-prod \
-test-e2e-ui-firefox-dev test-e2e-ui-firefox-prod test-e2e-ui-firefox-mobile-dev test-e2e-ui-firefox-mobile-prod \
-test-e2e-ui-edge-dev test-e2e-ui-edge-prod test-e2e-ui-edge-mobile-dev test-e2e-ui-edge-mobile-prod
+test-e2e-build test-e2e-dev test-e2e-api-dev  test-e2e-ui-chrome-dev test-e2e-ui-chrome-mobile-dev \
+test-e2e-ui-firefox-dev test-e2e-ui-firefox-mobile-dev test-e2e-ui-edge-dev test-e2e-ui-edge-mobile-dev \
+test-e2e-prod test-e2e-api-prod test-e2e-ui-chrome-prod test-e2e-ui-chrome-mobile-prod test-e2e-ui-firefox-prod \
+test-e2e-ui-firefox-mobile-prod test-e2e-ui-edge-prod test-e2e-ui-edge-mobile-prod
 BASE_DIR := $(shell git rev-parse --show-toplevel)

 ## Run all tests (only in combination with 'make dev-up')
@@ -18,7 +18,10 @@ test-frontend:

 ## Build docker e2e test image (e.g. at nx workspace updates)
 test-e2e-build:
-	cd $(BASE_DIR) && docker build --pull -f $(BASE_DIR)/apps/frontend-e2e/Dockerfile -t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-frontend-e2e:latest -t iqbberlin/personaldb-frontend-e2e:latest .
+	cd $(BASE_DIR) && \
+		docker build --pull -f $(BASE_DIR)/apps/frontend-e2e/Dockerfile \
+			-t scm.cms.hu-berlin.de:4567/iqb/personaldb/iqbberlin/personaldb-frontend-e2e:latest \
+			-t iqbberlin/personaldb-frontend-e2e:latest .

 ## Run all e2e tests in dev environment (only in combination with 'make dev-up')
 test-e2e-dev:

--- a/scripts/update.sh
+++ b/scripts/update.sh
@@ -208,7 +208,7 @@ switch_tls() {

 }

-application_warm_restart() {
+finalize_update() {
  if [ $HAS_ENV_FILE_UPDATE == "true" ] || [ $HAS_CONFIG_FILE_UPDATE == "true" ]; then
    if [ $HAS_ENV_FILE_UPDATE == "true" ] && [ $HAS_CONFIG_FILE_UPDATE == "true" ]; then
      echo 'Version, environment, and configuration update applied!'
@@ -222,39 +222,46 @@ application_warm_restart() {
    fi

    if command make -v >/dev/null 2>&1; then
-      printf "\nAfter that you could run 'make production-ramp-up' at the command line for the update to take effect.\n\n"
+      printf "\nWhen your files are checked, you could restart the application with 'make production-ramp-up' at the \
+      command line to put the update into effect.\n\n"

    else
-      printf '\nAfter that you could restart the docker services for the update to take effect.\n\n'
+      printf '\nWhen your files are checked, you could restart the docker services to put the update into effect.\n\n'
    fi

+    echo 'The application will now shut down ...'
+    make production-shut-down
+
    echo 'Update script finished.'
    exit 0

  else
-    printf "Version update applied. Warm restart needed!\n\n"
+    printf "Version update applied.\n\n"
+  # application_reload --> Seems not to work with liquibase containers!
+    application_restart()
+  fi
+}

-    if command make -v >/dev/null 2>&1; then
-      read -p "Do you want to restart the application now? [Y/n]:" -er -n 1 RESTART
+application_reload() {
+      if command make -v >/dev/null 2>&1; then
+        read -p "Do you want to reload the application now? [Y/n]:" -er -n 1 RESTART
+
+        if [[ ! $RESTART =~ [nN] ]]; then
+          make production-ramp-up

-      if [[ ! $RESTART =~ [nN] ]]; then
-        make production-ramp-up
+        else
+          echo 'Update script finished.'
+          exit 0
+        fi

      else
+        printf 'You could start the updated docker services now.\n\n'
        echo 'Update script finished.'
        exit 0
      fi
-
-    else
-      printf 'You could start the updated docker services now.\n\n'
-      echo 'Update script finished.'
-      exit 0
-    fi
-
-  fi
 }

-application_cold_restart() {
+application_restart() {
  if command make -v >/dev/null 2>&1; then
    read -p "Do you want to restart the application now? [Y/n]:" -er -n 1 RESTART

@@ -294,11 +301,11 @@ if [ -z "$SELECTED_VERSION" ]; then
    update_files
    check_template_files_modifications
    customize_settings
-    application_warm_restart
+    finalize_update

  elif [ "$CHOICE" = 2 ]; then
    switch_tls
-    application_cold_restart
+    application_restart
  fi

 else
@@ -307,5 +314,5 @@ else
  update_files
  check_template_files_modifications
  customize_settings
-  application_warm_restart
+  finalize_update
 fi
No results found