Public sandbox

[gabestein]

Motivation

So potential users can see what we've been up to and decide whether or not to adopt Platform!!

Requirements

• Allows people to login to PubPub as a community admin (but not superadmin).
• Seeded with two "user-safe" community examples

Acceptance Criteria

• Uses a branch preview for "main"
• Is reset on every merge!!!!!
• Does not allow users to send real emails via email actions
• Maybe also does not allow users to send real requests via HTTP action

[tefkah]

We could indeed likely use the pull-preview on main for this.
We should probably set it to reset more quickly though, maybe every few hours?

Questions:

• What constitutes a "user-safe" community? are we concerned they can run something nefarious? (emails are something to think of)
• How do we force a reset more often? Maybe have a cron-job run an ssh command docker-compose exec platform-migrations "pnpm --filter reset"? We can run cron-jobs through github actions, but we would need to know the ip of the main preview. We could maybe set this in a repo secret/variable, which gets set once the main preview is deployed.
• How do we have different set of communities for this community vs others? Some env var we set during deploy in the preview action?

[kalilsn]

I think we need to prevent emails from being sent and users from using the http action in the sandbox env. For the emails, we could just expose inbucket, but we'll also need to make sure they can't configure a custom SMTP server once #1028 is done.

How do we force a reset more often?

Maybe we could do this with our jobs service?

[gabestein]

Nice, added. I also think we should probably prevent the HTTP action from actually sending requests. Maybe it always runs in test mode?

[gabestein]

For now, prevent actions from being run