Add .env.test for web app tests

[YamonBot]

Summary

• add apps/web/.env.test with safe placeholder variables for automated tests
• align test env defaults with local LM Studio-compatible OpenAI settings
• remove temporary PR draft file from repo

Testing

• pnpm test
• docker build -t inbox-zero -f docker/Dockerfile.prod .
• docker run --rm --name inbox-zero-test -p 3000:3000 -e DATABASE_URL=postgresql://postgres:password@localhost:5432/inboxzero?schema=public -e AUTH_SECRET=dummy -e GOOGLE_CLIENT_ID=dummy -e GOOGLE_CLIENT_SECRET=dummy -e EMAIL_ENCRYPT_SECRET=dummysecret -e EMAIL_ENCRYPT_SALT=dummysalt -e GOOGLE_PUBSUB_TOPIC_NAME=projects/test/topics/test -e INTERNAL_API_KEY=dummy inbox-zero

Summary by CodeRabbit

• Tests

  • Added standardized environment configuration for the test environment to ensure consistent setup across runs.
  • Improves reliability and reproducibility of automated and local testing.

• Chores

  • Introduced consolidated test-only environment variables to streamline configuration management.
  • No user-facing changes; application behavior remains unchanged outside of test contexts.

[vercel]

Someone is attempting to deploy a commit to the Inbox Zero OSS Program Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

Walkthrough

Adds a new test environment configuration file for the web app, defining environment variables for runtime mode, database URLs, OAuth credentials, LLM/OpenAI settings, Pub/Sub topics, encryption secrets, internal API keys, base URLs, and model selections. No code or behavior changes.

Changes

Cohort / File(s)	Summary
Test environment configuration apps/web/.env.test	Introduces test-only environment variables: runtime flags, PostgreSQL URLs, service base URLs, OAuth (Google/Microsoft) credentials, OpenAI/LLM configs, Pub/Sub topics, encryption secrets, internal API keys, and model selections. No application code modified.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

I sniff the vars in twilight’s hush,
Keys and secrets in a tidy rush.
Test burrows mapped, no code to bend—
Just tunnels labeled end to end.
A hop, a nod, configs aligned—
Now every carrot’s easy to find. 🥕✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The pull request title clearly and concisely summarizes the main change, which is adding the .env.test configuration file for the web application’s test environment, making it immediately understandable to reviewers.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

robertKim seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[jit-ci]

Hi, I’m Jit, a friendly security platform designed to help developers build secure applications from day zero with an MVS (Minimal viable security) mindset.

In case there are security findings, they will be communicated to you as a comment inside the PR.

Hope you’ll enjoy using Jit.

Questions? Comments? Want to learn more? Get in touch with us.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 116f75a and 7192a37.

📒 Files selected for processing (1)

• apps/web/.env.test (1 hunks)

🧰 Additional context used

📓 Path-based instructions (3)

!{.cursor/rules/*.mdc}

📄 CodeRabbit inference engine (.cursor/rules/cursor-rules.mdc)

Never place rule files in the project root, in subdirectories outside .cursor/rules, or in any other location

Files:

• apps/web/.env.test

**/.env*

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

Never use predictable or weak cron secrets (e.g., 'secret', 'password', 'cron', or short/simple strings) in environment variables.

Files:

• apps/web/.env.test

!pages/_document.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

!pages/_document.{js,jsx,ts,tsx}: Don't import next/document outside of pages/_document.jsx in Next.js projects.
Don't import next/document outside of pages/_document.jsx in Next.js projects.

Files:

• apps/web/.env.test

🧠 Learnings (1)

📓 Common learnings

Learnt from: CR
PR: elie222/inbox-zero#0
File: .cursor/rules/environment-variables.mdc:0-0
Timestamp: 2025-07-18T15:04:50.520Z
Learning: Applies to apps/web/env.ts : When adding a new environment variable, add it to `apps/web/env.ts` in the appropriate section: use `server` for server-only variables, and for client-side variables, use the `client` section and also add to `experimental__runtimeEnv`.

🪛 dotenv-linter (3.3.0)

apps/web/.env.test

[warning] 2-2: [UnorderedKey] The DATABASE_URL key should go before the NODE_ENV key

(UnorderedKey)

---

[warning] 3-3: [UnorderedKey] The DIRECT_URL key should go before the NODE_ENV key

(UnorderedKey)

---

[warning] 4-4: [UnorderedKey] The NEXT_PUBLIC_BASE_URL key should go before the NODE_ENV key

(UnorderedKey)

---

[warning] 5-5: [UnorderedKey] The GOOGLE_CLIENT_ID key should go before the NEXT_PUBLIC_BASE_URL key

(UnorderedKey)

---

[warning] 6-6: [UnorderedKey] The GOOGLE_CLIENT_SECRET key should go before the NEXT_PUBLIC_BASE_URL key

(UnorderedKey)

---

[warning] 7-7: [UnorderedKey] The GOOGLE_PUBSUB_TOPIC_NAME key should go before the NEXT_PUBLIC_BASE_URL key

(UnorderedKey)

---

[warning] 8-8: [UnorderedKey] The EMAIL_ENCRYPT_SECRET key should go before the GOOGLE_CLIENT_ID key

(UnorderedKey)

---

[warning] 9-9: [UnorderedKey] The EMAIL_ENCRYPT_SALT key should go before the EMAIL_ENCRYPT_SECRET key

(UnorderedKey)

---

[warning] 10-10: [UnorderedKey] The INTERNAL_API_KEY key should go before the NEXT_PUBLIC_BASE_URL key

(UnorderedKey)

---

[warning] 11-11: [UnorderedKey] The AUTH_SECRET key should go before the DATABASE_URL key

(UnorderedKey)

---

[warning] 12-12: [UnorderedKey] The MICROSOFT_CLIENT_ID key should go before the NEXT_PUBLIC_BASE_URL key

(UnorderedKey)

---

[warning] 13-13: [UnorderedKey] The MICROSOFT_CLIENT_SECRET key should go before the NEXT_PUBLIC_BASE_URL key

(UnorderedKey)

---

[warning] 14-14: [UnorderedKey] The DEFAULT_LLM_PROVIDER key should go before the DIRECT_URL key

(UnorderedKey)

---

[warning] 15-15: [UnorderedKey] The DEFAULT_LLM_MODEL key should go before the DEFAULT_LLM_PROVIDER key

(UnorderedKey)

---

[warning] 17-17: [UnorderedKey] The OPENAI_BASE_URL key should go before the OPENAI_DEFAULT_MODEL key

(UnorderedKey)

---

[warning] 18-18: [UnorderedKey] The OPENAI_API_KEY key should go before the OPENAI_BASE_URL key

(UnorderedKey)

---

[warning] 19-19: [UnorderedKey] The NEXT_PUBLIC_OLLAMA_MODEL key should go before the NODE_ENV key

(UnorderedKey)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: cubic · AI code reviewer
• GitHub Check: Vercel Agent Review

[cubic-dev-ai]

No issues found across 1 file

[elie222]

This file is part of gitignore atm

[elie222]

We could make it .env.test.example so people can add what they want to their own test files without it being committed