From f4737f4dcfa4255616fb0b81a673ca7979ac490a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20L=C3=BCbe=C3=9F?= <simon.luebess@gmail.com>
Date: Fri, 23 May 2025 16:33:23 +0200
Subject: [PATCH] Don't create self signed cert in production build pipeline

---
 .gitea/workflows/frontend-build.yml |  2 +-
 usentrycoach.client/vite.config.ts  | 12 ++++++++----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/.gitea/workflows/frontend-build.yml b/.gitea/workflows/frontend-build.yml
index 61f17d1..770f1b3 100644
--- a/.gitea/workflows/frontend-build.yml
+++ b/.gitea/workflows/frontend-build.yml
@@ -22,5 +22,5 @@ jobs:
         working-directory: ./usentrycoach.client
 
       - name: Build frontend
-        run: npm run build
+        run: NODE_ENV=production npm run build
         working-directory: ./usentrycoach.client
\ No newline at end of file
diff --git a/usentrycoach.client/vite.config.ts b/usentrycoach.client/vite.config.ts
index 474e604..3d90eb2 100644
--- a/usentrycoach.client/vite.config.ts
+++ b/usentrycoach.client/vite.config.ts
@@ -7,6 +7,8 @@ import path from 'path';
 import child_process from 'child_process';
 import { env } from 'process';
 
+const isDevelopment = env.NODE_ENV !== 'production';
+
 const baseFolder =
     env.APPDATA !== undefined && env.APPDATA !== ''
         ? `${env.APPDATA}/ASP.NET/https`
@@ -21,7 +23,8 @@ if (!fs.existsSync(baseFolder))
     fs.mkdirSync(baseFolder, { recursive: true });
 }
 
-if (!fs.existsSync(certFilePath) || !fs.existsSync(keyFilePath)) 
+// Generate dev certificate, if we are in development mode, and it doesn't exist yet.
+if (isDevelopment && (!fs.existsSync(certFilePath) || !fs.existsSync(keyFilePath)))
 {
     if (0 !== child_process.spawnSync('dotnet', [
         'dev-certs',
@@ -32,7 +35,7 @@ if (!fs.existsSync(certFilePath) || !fs.existsSync(keyFilePath))
         'Pem',
         '--no-password',
     ], { stdio: 'inherit', }).status) 
-{
+    {
         throw new Error("Could not create certificate.");
     }
 }
@@ -68,9 +71,10 @@ export default defineConfig({
     server: {
         proxy: proxyConfig,
         port: parseInt(env.DEV_SERVER_PORT ?? '54044'),
-        https: {
+        // This is only relevant for development anyway.
+        https: isDevelopment ? {
             key: fs.readFileSync(keyFilePath),
             cert: fs.readFileSync(certFilePath),
-        }
+        } : undefined
     }
 })