Merge 7d96067a4d into 2ad33ec97f

* Update Crate and Rust

- Updated all crates
- Updated Rust to the latest patch version

* Updated GitHub Actions

.dockerignore

@@ -38,3 +38,6 @@ web-vault
 
 # Vaultwarden Resources
 resources
+
+# Playwright tests
+playwright

.github/workflows/build.yml

@@ -46,7 +46,7 @@ jobs:
     steps:
       # Checkout the repo
       - name: "Checkout"
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b #v4.1.4
       # End Checkout the repo
 
 
@@ -74,7 +74,7 @@ jobs:
 
       # Only install the clippy and rustfmt components on the default rust-toolchain
       - name: "Install rust-toolchain version"
-        uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # master @ 2023-12-07 - 10:22 PM GMT+1
+        uses: dtolnay/rust-toolchain@bb45937a053e097f8591208d8e74c90db1873d07 # master @ Apr 14, 2024, 9:02 PM GMT+2
         if: ${{ matrix.channel == 'rust-toolchain' }}
         with:
           toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}"
@@ -84,7 +84,7 @@ jobs:
 
       # Install the any other channel to be used for which we do not execute clippy and rustfmt
       - name: "Install MSRV version"
-        uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # master @ 2023-12-07 - 10:22 PM GMT+1
+        uses: dtolnay/rust-toolchain@bb45937a053e097f8591208d8e74c90db1873d07 # master @ Apr 14, 2024, 9:02 PM GMT+2
         if: ${{ matrix.channel != 'rust-toolchain' }}
         with:
           toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}"

.github/workflows/hadolint.yml

@@ -13,7 +13,7 @@ jobs:
     steps:
       # Checkout the repo
       - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       # End Checkout the repo
 
       # Download hadolint - https://github.com/hadolint/hadolint/releases

.github/workflows/release.yml

@@ -58,7 +58,7 @@ jobs:
     steps:
       # Checkout the repo
       - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
         with:
           fetch-depth: 0
 
@@ -69,11 +69,11 @@ jobs:
 
       # Start Docker Buildx
       - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
+        uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
         # https://github.com/moby/buildkit/issues/3969
         # Also set max parallelism to 2, the default of 4 breaks GitHub Actions
         with:
-          config-inline: |
+          buildkitd-config-inline: |
             [worker.oci]
               max-parallelism = 2
           driver-opts: |
@@ -102,7 +102,7 @@ jobs:
 
       # Login to Docker Hub
       - name: Login to Docker Hub
-        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
+        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -116,7 +116,7 @@ jobs:
 
       # Login to GitHub Container Registry
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
+        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
@@ -137,7 +137,7 @@ jobs:
 
       # Login to Quay.io
       - name: Login to Quay.io
-        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
+        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
         with:
           registry: quay.io
           username: ${{ secrets.QUAY_USERNAME }}
@@ -171,7 +171,7 @@ jobs:
           echo "CONTAINER_REGISTRIES=${CONTAINER_REGISTRIES:+${CONTAINER_REGISTRIES},}localhost:5000/vaultwarden/server" | tee -a "${GITHUB_ENV}"
 
       - name: Bake ${{ matrix.base_image }} containers
-        uses: docker/bake-action@849707117b03d39aba7924c50a10376a69e88d7d # v4.1.0
+        uses: docker/bake-action@73b0efa7a0e8ac276e0a8d5c580698a942ff10b5 # v4.4.0
         env:
           BASE_TAGS: "${{ env.BASE_TAGS }}"
           SOURCE_COMMIT: "${{ env.SOURCE_COMMIT }}"
@@ -229,28 +229,28 @@ jobs:
 
       # Upload artifacts to Github Actions
       - name: "Upload amd64 artifact"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         if: ${{ matrix.base_image == 'alpine' }}
         with:
           name: vaultwarden-${{ env.SOURCE_VERSION }}-linux-amd64
           path: vaultwarden-amd64
 
       - name: "Upload arm64 artifact"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         if: ${{ matrix.base_image == 'alpine' }}
         with:
           name: vaultwarden-${{ env.SOURCE_VERSION }}-linux-arm64
           path: vaultwarden-arm64
 
       - name: "Upload armv7 artifact"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         if: ${{ matrix.base_image == 'alpine' }}
         with:
           name: vaultwarden-${{ env.SOURCE_VERSION }}-linux-armv7
           path: vaultwarden-armv7
 
       - name: "Upload armv6 artifact"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         if: ${{ matrix.base_image == 'alpine' }}
         with:
           name: vaultwarden-${{ env.SOURCE_VERSION }}-linux-armv6

.github/workflows/trivy.yml

@@ -25,10 +25,10 @@ jobs:
       actions: read
     steps:
       - name: Checkout code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b #v4.1.4
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca # v0.16.1
+        uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 # v0.19.0
         with:
           scan-type: repo
           ignore-unfixed: true
@@ -37,6 +37,6 @@ jobs:
           severity: CRITICAL,HIGH
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@b7bf0a3ed3ecfa44160715d7c442788f65f0f923 # v3.23.2
+        uses: github/codeql-action/upload-sarif@2bbafcdd7fbf96243689e764c2f15d9735164f33 # v3.25.3
         with:
           sarif_file: 'trivy-results.sarif'

Cargo.toml

@@ -36,7 +36,7 @@ unstable = []
 
 [target."cfg(not(windows))".dependencies]
 # Logging
-syslog = "6.1.0"
+syslog = "6.1.1"
 
 [dependencies]
 # Logging
@@ -60,7 +60,7 @@ rocket = { version = "0.5.0", features = ["tls", "json"], default-features = fal
 rocket_ws = { version ="0.1.0" }
 
 # WebSockets libraries
-rmpv = "1.0.1" # MessagePack library
+rmpv = "1.0.2" # MessagePack library
 
 # Concurrent HashMap used for WebSocket messaging and favicons
 dashmap = "5.5.3"
@@ -70,11 +70,11 @@ futures = "0.3.30"
 tokio = { version = "1.37.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] }
 
 # A generic serialization/deserialization framework
-serde = { version = "1.0.197", features = ["derive"] }
-serde_json = "1.0.115"
+serde = { version = "1.0.198", features = ["derive"] }
+serde_json = "1.0.116"
 
 # A safe, extensible ORM and Query builder
-diesel = { version = "2.1.5", features = ["chrono", "r2d2", "numeric"] }
+diesel = { version = "2.1.6", features = ["chrono", "r2d2", "numeric"] }
 diesel_migrations = "2.1.0"
 diesel_logger = { version = "0.3.0", optional = true }
 
@@ -89,12 +89,12 @@ ring = "0.17.8"
 uuid = { version = "1.8.0", features = ["v4"] }
 
 # Date and time libraries
-chrono = { version = "0.4.37", features = ["clock", "serde"], default-features = false }
+chrono = { version = "0.4.38", features = ["clock", "serde"], default-features = false }
 chrono-tz = "0.9.0"
-time = "0.3.34"
+time = "0.3.36"
 
 # Job scheduler
-job_scheduler_ng = "2.0.4"
+job_scheduler_ng = "2.0.5"
 
 # Data encoding library Hex/Base32/Base64
 data-encoding = "2.5.0"
@@ -115,7 +115,7 @@ webauthn-rs = "0.3.2"
 url = "2.5.0"
 
 # Email libraries
-lettre = { version = "0.11.6", features = ["smtp-transport", "sendmail-transport", "builder", "serde", "tokio1-native-tls", "hostname", "tracing", "tokio1"], default-features = false }
+lettre = { version = "0.11.7", features = ["smtp-transport", "sendmail-transport", "builder", "serde", "tokio1-native-tls", "hostname", "tracing", "tokio1"], default-features = false }
 percent-encoding = "2.3.1" # URL encoding library used for URL's in the emails
 email_address = "0.2.4"
 
@@ -123,7 +123,7 @@ email_address = "0.2.4"
 handlebars = { version = "5.1.2", features = ["dir_source"] }
 
 # HTTP client (Used for favicons, version check, DUO and HIBP API)
-reqwest = { version = "0.12.3", features = ["native-tls-alpn", "stream", "json", "gzip", "brotli", "socks", "cookies", "hickory-dns"] }
+reqwest = { version = "0.12.4", features = ["native-tls-alpn", "stream", "json", "gzip", "brotli", "socks", "cookies", "hickory-dns"] }
 
 # Favicon extraction libraries
 html5gum = "0.5.7"
@@ -132,7 +132,7 @@ data-url = "0.3.1"
 bytes = "1.6.0"
 
 # Cache function results (Used for version check and favicon fetching)
-cached = { version = "0.49.2", features = ["async"] }
+cached = { version = "0.50.0", features = ["async"] }
 
 # Used for custom short lived cookie jar during favicon extraction
 cookie = "0.18.1"
@@ -153,7 +153,7 @@ semver = "1.0.22"
 
 # Allow overriding the default memory allocator
 # Mainly used for the musl builds, since the default musl malloc is very slow
-mimalloc = { version = "0.1.39", features = ["secure"], default-features = false, optional = true }
+mimalloc = { version = "0.1.41", features = ["secure"], default-features = false, optional = true }
 which = "6.0.1"
 
 # Argon2 library with support for the PHC format

docker/DockerSettings.yaml

@@ -1,10 +1,10 @@
 ---
 vault_version: "v2024.3.1"
 vault_image_digest: "sha256:689b1e706f29e1858a5c7e0ec82e40fac793322e5e0ac9102ab09c2620207cd5"
-# Cross Compile Docker Helper Scripts v1.3.0
+# Cross Compile Docker Helper Scripts v1.4.0
 # We use the linux/amd64 platform shell scripts since there is no difference between the different platform scripts
-xx_image_digest: "sha256:c9609ace652bbe51dd4ce90e0af9d48a4590f1214246da5bc70e46f6dd586edc"
-rust_version: 1.77.0 # Rust version to be used
+xx_image_digest: "sha256:0cd3f05c72d6c9b038eb135f91376ee1169ef3a330d34e418e65e2a5c2e9c0d4"
+rust_version: 1.77.2 # Rust version to be used
 debian_version: bookworm # Debian release name to be used
 alpine_version: 3.19 # Alpine version to be used
 # For which platforms/architectures will we try to build images

docker/Dockerfile.alpine

@@ -31,10 +31,10 @@ FROM --platform=linux/amd64 docker.io/vaultwarden/web-vault@sha256:689b1e706f29e
 ########################## ALPINE BUILD IMAGES ##########################
 ## NOTE: The Alpine Base Images do not support other platforms then linux/amd64
 ## And for Alpine we define all build images here, they will only be loaded when actually used
-FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:x86_64-musl-stable-1.77.0 as build_amd64
-FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:aarch64-musl-stable-1.77.0 as build_arm64
-FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:armv7-musleabihf-stable-1.77.0 as build_armv7
-FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:arm-musleabi-stable-1.77.0 as build_armv6
+FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:x86_64-musl-stable-1.77.2 as build_amd64
+FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:aarch64-musl-stable-1.77.2 as build_arm64
+FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:armv7-musleabihf-stable-1.77.2 as build_armv7
+FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:arm-musleabi-stable-1.77.2 as build_armv6
 
 ########################## BUILD IMAGE ##########################
 # hadolint ignore=DL3006

docker/Dockerfile.debian

@@ -31,11 +31,11 @@ FROM --platform=linux/amd64 docker.io/vaultwarden/web-vault@sha256:689b1e706f29e
 ########################## Cross Compile Docker Helper Scripts ##########################
 ## We use the linux/amd64 no matter which Build Platform, since these are all bash scripts
 ## And these bash scripts do not have any significant difference if at all
-FROM --platform=linux/amd64 docker.io/tonistiigi/xx@sha256:c9609ace652bbe51dd4ce90e0af9d48a4590f1214246da5bc70e46f6dd586edc AS xx
+FROM --platform=linux/amd64 docker.io/tonistiigi/xx@sha256:0cd3f05c72d6c9b038eb135f91376ee1169ef3a330d34e418e65e2a5c2e9c0d4 AS xx
 
 ########################## BUILD IMAGE ##########################
 # hadolint ignore=DL3006
-FROM --platform=$BUILDPLATFORM docker.io/library/rust:1.77.0-slim-bookworm as build
+FROM --platform=$BUILDPLATFORM docker.io/library/rust:1.77.2-slim-bookworm as build
 COPY --from=xx / /
 ARG TARGETARCH
 ARG TARGETVARIANT

playwright/.gitignore

@@ -0,0 +1,6 @@
+logs
+node_modules/
+/test-results/
+/playwright-report/
+/playwright/.cache/
+temp

playwright/README.md

@@ -0,0 +1,63 @@
+# Integration tests
+
+This allows running integration tests using [Playwright](https://playwright.dev/).
+\
+It usse its own [test.env](/test/scenarios/test.env) with different ports to not collide with a running dev instance.
+
+## Install
+
+```bash
+npm install
+npx playwright install firefox
+```
+
+## Usage
+
+To run all the tests:
+
+```bash
+npx playwright test
+```
+
+To access the ui to easily run test individually and debug if needed:
+
+```bash
+npx playwright test --ui
+```
+
+### DB
+
+Projects are configured to allow to run tests only on specific database.
+\
+You can use:
+
+```bash
+npx playwright test --project sqllite
+npx playwright test --project postgres
+npx playwright test --project mysql
+```
+
+### Running specific tests
+
+To run a whole file you can :
+
+```bash
+npx playwright test --project=sqllite tests/login.spec.ts
+npx playwright test --project=sqllite login
+```
+
+To run only a specifc test (It might fail if it has dependency):
+
+```bash
+npx playwright test --project=sqllite -g "Account creation"
+npx playwright test --project=sqllite tests/login.spec.ts:16
+```
+
+## Writing scenario
+
+When creating new scenario use the recorder to more easily identify elements (in general try to rely on visible hint to identify elements and not hidden ids).
+This does not start the server, you will need to start it manually.
+
+```bash
+npx playwright codegen "http://127.0.0.1:8000"
+```

playwright/global-setup.ts

@@ -0,0 +1,79 @@
+import { firefox, type FullConfig } from '@playwright/test';
+import { exec, execSync } from 'node:child_process';
+import fs from 'fs';
+import yaml from 'js-yaml';
+
+const utils = require('./global-utils');
+
+utils.loadEnv();
+
+function readCurrentVersion(){
+    try {
+        const vw_version_file = fs.readFileSync('temp/web-vault/vw-version.json', {
+            encoding: 'utf8',
+            flag: 'r'
+        });
+
+        return JSON.parse(vw_version_file)["version"];
+    } catch(err) {
+        console.log(`Failed to read frontend current version: ${err}`);
+    }
+}
+
+function readDockerVersion(){
+    try {
+        const docker_settings = fs.readFileSync('../docker/DockerSettings.yaml', {
+            encoding: 'utf8',
+            flag: 'r'
+        });
+
+        const settings = yaml.load(docker_settings);
+        return settings["vault_version"];
+    } catch(err) {
+        console.log(`Failed to read docker frontend current version: ${err}`);
+    }
+}
+
+function retrieveFrontend(){
+    const vw_version = readCurrentVersion();
+    const vv = readDockerVersion()
+
+    if( !vv ){
+        console.log("Empty docker frontend version");
+        process.exit(1);
+    }
+
+    try {
+        if( vv != `v${vw_version}`) {
+            fs.rmSync("./temp/web-vault", { recursive: true, force: true });
+
+            execSync(`cd temp && wget -c https://github.com/dani-garcia/bw_web_builds/releases/download/${vv}/bw_web_${vv}.tar.gz -O - | tar xz`, { stdio: "inherit" });
+
+            console.log(`Retrieved bw_web_builds-${vv}`);
+        } else {
+            console.log(`Using existing bw_web_builds-${vv}`);
+        }
+    } catch(err) {
+        console.log(`Failed to retrieve frontend: ${err}`);
+        process.exit(1);
+    }
+}
+
+function buildServer(){
+    if( !fs.existsSync('temp/vaultwarden') ){
+        console.log("Rebuilding server");
+        execSync(`cd .. && cargo build --features sqlite,mysql,postgresql --release`, { stdio: "inherit" });
+        execSync(`cp ../target/release/vaultwarden temp/vaultwarden`, { stdio: "inherit" });
+    } else {
+        console.log("Using existing server");
+    }
+}
+
+async function globalSetup(config: FullConfig) {
+    execSync("mkdir -p temp/logs");
+
+    buildServer();
+    retrieveFrontend();
+}
+
+export default globalSetup;

playwright/global-utils.ts

@@ -0,0 +1,139 @@
+import { type Browser, type TestInfo } from '@playwright/test';
+import { execSync } from 'node:child_process';
+import dotenv from 'dotenv';
+import dotenvExpand from 'dotenv-expand';
+
+const fs = require("fs");
+const { spawn } = require('node:child_process');
+
+function loadEnv(){
+    var myEnv = dotenv.config({ path: 'test.env' });
+    dotenvExpand.expand(myEnv);
+}
+
+async function waitFor(url: String, browser: Browser) {
+    var ready = false;
+    var context;
+
+    do {
+        try {
+            context = await browser.newContext();
+            const page = await context.newPage();
+            await page.waitForTimeout(500);
+            const result = await page.goto(url);
+            ready = result.status() === 200;
+        } catch(e) {
+            if( !e.message.includes("CONNECTION_REFUSED") ){
+                throw e;
+            }
+        } finally {
+            await context.close();
+        }
+    } while(!ready);
+}
+
+function startStopSqlite(){
+    fs.rmSync("temp/db.sqlite3", { force: true });
+    fs.rmSync("temp/db.sqlite3-shm", { force: true });
+    fs.rmSync("temp/db.sqlite3-wal", { force: true });
+}
+
+function startMariaDB() {
+    console.log(`Starting MariaDB`);
+    execSync(`docker run --rm --name ${process.env.MARIADB_CONTAINER} \
+        -e MARIADB_ROOT_PASSWORD=${process.env.MARIADB_PWD} \
+        -e MARIADB_USER=${process.env.MARIADB_USER} \
+        -e MARIADB_PASSWORD=${process.env.MARIADB_PWD} \
+        -e MARIADB_DATABASE=${process.env.MARIADB_DB} \
+        -p ${process.env.MARIADB_PORT}:3306 \
+        -d mariadb:10.4`
+    );
+}
+
+
+function stopMariaDB() {
+    console.log("Stopping MariaDB (ensure DB is wiped)");
+    execSync(`docker stop ${process.env.MARIADB_CONTAINER}  || true`);
+}
+
+function startPostgres() {
+    console.log(`Starting Postgres`);
+    execSync(`docker run --rm --name ${process.env.POSTGRES_CONTAINER} \
+        -e POSTGRES_USER=${process.env.POSTGRES_USER} \
+        -e POSTGRES_PASSWORD=${process.env.POSTGRES_PWD} \
+        -e POSTGRES_DB=${process.env.POSTGRES_DB} \
+        -p ${process.env.POSTGRES_PORT}:5432 \
+        -d postgres:16.2`
+    );
+};
+
+function stopPostgres() {
+    console.log("Stopping Postgres (Ensure DB is wiped)");
+    execSync(`docker stop ${process.env.POSTGRES_CONTAINER}  || true`);
+}
+
+function dbConfig(testInfo: TestInfo){
+    switch(testInfo.project.name) {
+        case "postgres": return {
+            DATABASE_URL: `postgresql://${process.env.POSTGRES_USER}:${process.env.POSTGRES_PWD}@127.0.0.1:${process.env.POSTGRES_PORT}/${process.env.POSTGRES_DB}`
+        }
+        case "mysql": return {
+            DATABASE_URL: `mysql://${process.env.MARIADB_USER}:${process.env.MARIADB_PWD}@127.0.0.1:${process.env.MARIADB_PORT}/${process.env.MARIADB_DB}`
+        }
+        default: return { I_REALLY_WANT_VOLATILE_STORAGE: true }
+    }
+}
+
+async function startVaultwarden(browser: Browser, testInfo: TestInfo, env = {}, resetDB: Boolean = true) {
+    if( resetDB ){
+        switch(testInfo.project.name) {
+            case "postgres":
+                stopPostgres();
+                startPostgres()
+                break;
+            case "mysql":
+                stopMariaDB();
+                startMariaDB();
+                break;
+            default:
+                startStopSqlite();
+        }
+    }
+
+    const vw_log = fs.openSync("temp/logs/vaultwarden.log", "a");
+    var proc = spawn("temp/vaultwarden", {
+        env: { ...process.env, ...env, ...dbConfig(testInfo) },
+        stdio: [process.stdin, vw_log, vw_log]
+    });
+
+    await waitFor("/", browser);
+
+    console.log(`Vaultwarden running on: ${process.env.DOMAIN}`);
+
+    return proc;
+}
+
+async function stopVaultwarden(proc, testInfo: TestInfo, resetDB: Boolean = true) {
+    console.log(`Vaultwarden stopping`);
+    proc.kill();
+
+    if( resetDB ){
+        switch(testInfo.project.name) {
+            case "postgres":
+                stopPostgres();
+                break;
+            case "mysql":
+                stopMariaDB();
+                break;
+            default:
+                startStopSqlite();
+        }
+    }
+}
+
+async function restartVaultwarden(proc, page: Page, testInfo: TestInfo, env, resetDB: Boolean = true) {
+    stopVaultwarden(proc, testInfo, resetDB);
+    return startVaultwarden(page.context().browser(), testInfo, env, resetDB);
+}
+
+export { loadEnv, waitFor, startVaultwarden, stopVaultwarden, restartVaultwarden };

playwright/package-lock.json

@@ -0,0 +1,155 @@
+{
+    "name": "scenarios",
+    "version": "1.0.0",
+    "lockfileVersion": 3,
+    "requires": true,
+    "packages": {
+        "": {
+            "name": "scenarios",
+            "version": "1.0.0",
+            "license": "ISC",
+            "devDependencies": {
+                "@playwright/test": "^1.41.2",
+                "@types/node": "^20.11.16",
+                "abort-controller": "3.0.0",
+                "dotenv": "^16.4.1",
+                "dotenv-expand": "^10.0.0",
+                "js-yaml": "4.1.0"
+            }
+        },
+        "node_modules/@playwright/test": {
+            "version": "1.41.2",
+            "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.41.2.tgz",
+            "integrity": "sha512-qQB9h7KbibJzrDpkXkYvsmiDJK14FULCCZgEcoe2AvFAS64oCirWTwzTlAYEbKaRxWs5TFesE1Na6izMv3HfGg==",
+            "dev": true,
+            "dependencies": {
+                "playwright": "1.41.2"
+            },
+            "bin": {
+                "playwright": "cli.js"
+            },
+            "engines": {
+                "node": ">=16"
+            }
+        },
+        "node_modules/@types/node": {
+            "version": "20.11.16",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.16.tgz",
+            "integrity": "sha512-gKb0enTmRCzXSSUJDq6/sPcqrfCv2mkkG6Jt/clpn5eiCbKTY+SgZUxo+p8ZKMof5dCp9vHQUAB7wOUTod22wQ==",
+            "dev": true,
+            "dependencies": {
+                "undici-types": "~5.26.4"
+            }
+        },
+        "node_modules/abort-controller": {
+            "version": "3.0.0",
+            "resolved": "https://registry.npmjs.org/abort-controller/-/abort-controller-3.0.0.tgz",
+            "integrity": "sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==",
+            "dev": true,
+            "dependencies": {
+                "event-target-shim": "^5.0.0"
+            },
+            "engines": {
+                "node": ">=6.5"
+            }
+        },
+        "node_modules/argparse": {
+            "version": "2.0.1",
+            "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz",
+            "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==",
+            "dev": true
+        },
+        "node_modules/dotenv": {
+            "version": "16.4.1",
+            "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.1.tgz",
+            "integrity": "sha512-CjA3y+Dr3FyFDOAMnxZEGtnW9KBR2M0JvvUtXNW+dYJL5ROWxP9DUHCwgFqpMk0OXCc0ljhaNTr2w/kutYIcHQ==",
+            "dev": true,
+            "engines": {
+                "node": ">=12"
+            },
+            "funding": {
+                "url": "https://github.com/motdotla/dotenv?sponsor=1"
+            }
+        },
+        "node_modules/dotenv-expand": {
+            "version": "10.0.0",
+            "resolved": "https://registry.npmjs.org/dotenv-expand/-/dotenv-expand-10.0.0.tgz",
+            "integrity": "sha512-GopVGCpVS1UKH75VKHGuQFqS1Gusej0z4FyQkPdwjil2gNIv+LNsqBlboOzpJFZKVT95GkCyWJbBSdFEFUWI2A==",
+            "dev": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/event-target-shim": {
+            "version": "5.0.1",
+            "resolved": "https://registry.npmjs.org/event-target-shim/-/event-target-shim-5.0.1.tgz",
+            "integrity": "sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==",
+            "dev": true,
+            "engines": {
+                "node": ">=6"
+            }
+        },
+        "node_modules/fsevents": {
+            "version": "2.3.2",
+            "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
+            "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
+            "dev": true,
+            "hasInstallScript": true,
+            "optional": true,
+            "os": [
+                "darwin"
+            ],
+            "engines": {
+                "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+            }
+        },
+        "node_modules/js-yaml": {
+            "version": "4.1.0",
+            "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz",
+            "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==",
+            "dev": true,
+            "dependencies": {
+                "argparse": "^2.0.1"
+            },
+            "bin": {
+                "js-yaml": "bin/js-yaml.js"
+            }
+        },
+        "node_modules/playwright": {
+            "version": "1.41.2",
+            "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.41.2.tgz",
+            "integrity": "sha512-v0bOa6H2GJChDL8pAeLa/LZC4feoAMbSQm1/jF/ySsWWoaNItvrMP7GEkvEEFyCTUYKMxjQKaTSg5up7nR6/8A==",
+            "dev": true,
+            "dependencies": {
+                "playwright-core": "1.41.2"
+            },
+            "bin": {
+                "playwright": "cli.js"
+            },
+            "engines": {
+                "node": ">=16"
+            },
+            "optionalDependencies": {
+                "fsevents": "2.3.2"
+            }
+        },
+        "node_modules/playwright-core": {
+            "version": "1.41.2",
+            "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.41.2.tgz",
+            "integrity": "sha512-VaTvwCA4Y8kxEe+kfm2+uUUw5Lubf38RxF7FpBxLPmGe5sdNkSg5e3ChEigaGrX7qdqT3pt2m/98LiyvU2x6CA==",
+            "dev": true,
+            "bin": {
+                "playwright-core": "cli.js"
+            },
+            "engines": {
+                "node": ">=16"
+            }
+        },
+        "node_modules/undici-types": {
+            "version": "5.26.5",
+            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
+            "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
+            "dev": true
+        }
+    }
+}

playwright/package.json

@@ -0,0 +1,18 @@
+{
+    "name": "scenarios",
+    "version": "1.0.0",
+    "description": "",
+    "main": "index.js",
+    "scripts": {},
+    "keywords": [],
+    "author": "",
+    "license": "ISC",
+    "devDependencies": {
+        "@playwright/test": "^1.41.2",
+        "@types/node": "^20.11.16",
+        "abort-controller": "3.0.0",
+        "dotenv": "^16.4.1",
+        "dotenv-expand": "^10.0.0",
+        "js-yaml": "4.1.0"
+    }
+}

playwright/playwright.config.ts

@@ -0,0 +1,54 @@
+import { defineConfig, devices } from '@playwright/test';
+import { exec } from 'node:child_process';
+
+const utils = require('./global-utils');
+
+utils.loadEnv();
+
+/**
+ * See https://playwright.dev/docs/test-configuration.
+ */
+export default defineConfig({
+    testDir: 'tests',
+    /* Run tests in files in parallel */
+    fullyParallel: false,
+
+    /* Fail the build on CI if you accidentally left test.only in the source code. */
+    forbidOnly: !!process.env.CI,
+
+    /* Retry on CI only */
+    retries: process.env.CI ? 2 : 0,
+    workers: 1,
+
+    /* Reporter to use. See https://playwright.dev/docs/test-reporters */
+    reporter: 'html',
+    timeout: 10 * 1000,
+    expect: { timeout: 10 * 1000 },
+
+    /* Shared settings for all the projects below. See https://playwright.dev/docs/api/class-testoptions. */
+    use: {
+        /* Base URL to use in actions like `await page.goto('/')`. */
+        baseURL: process.env.DOMAIN,
+
+        /* Collect trace when retrying the failed test. See https://playwright.dev/docs/trace-viewer */
+        trace: 'on-first-retry',
+    },
+
+    /* Configure projects for major browsers */
+    projects: [
+        {
+            name: 'sqllite',
+            use: { ...devices['Desktop Firefox'] },
+        },
+        {
+            name: 'postgres',
+            use: { ...devices['Desktop Firefox'] },
+        },
+        {
+            name: 'mysql',
+            use: { ...devices['Desktop Firefox'] },
+        },
+    ],
+
+    globalSetup: require.resolve('./global-setup'),
+});

playwright/test.env

@@ -0,0 +1,37 @@
+##################################################################
+### Shared Playwright conf test file Vaultwarden and Databases ###
+##################################################################
+
+#############
+# Test user #
+#############
+TEST_USER=test
+TEST_USER_PASSWORD=${TEST_USER}
+TEST_USER_MAIL="${TEST_USER}@example.com"
+
+######################
+# Vaultwarden Config #
+######################
+DATA_FOLDER=temp
+WEB_VAULT_FOLDER=temp/web-vault/
+
+ROCKET_PORT=8001
+DOMAIN=http://127.0.0.1:${ROCKET_PORT}
+
+###########################
+# Docker MariaDb container#
+###########################
+MARIADB_CONTAINER=vw-mariadb-test
+MARIADB_PORT=3307
+MARIADB_USER=vaultwarden
+MARIADB_PWD=vaultwarden
+MARIADB_DB=vaultwarden
+
+############################
+# Docker Postgres container#
+############################
+POSTGRES_CONTAINER=vw-postgres-test
+POSTGRES_PORT=5433
+POSTGRES_USER=vaultwarden
+POSTGRES_PWD=vaultwarden
+POSTGRES_DB=vaultwarden

playwright/tests/login.spec.ts

@@ -0,0 +1,54 @@
+import { test, expect, type TestInfo } from '@playwright/test';
+const utils = require('../global-utils');
+
+utils.loadEnv();
+
+var proc;
+
+test.beforeAll('Setup', async ({ browser }, testInfo: TestInfo) => {
+    proc = await utils.startVaultwarden(browser, testInfo, {});
+});
+
+test.afterAll('Teardown', async ({}, testInfo: TestInfo) => {
+    utils.stopVaultwarden(proc, testInfo);
+});
+
+test('Account creation', async ({ page }) => {
+    // Landing page
+    await page.goto('/');
+    await page.getByRole('link', { name: 'Create account' }).click();
+
+    // Back to Vault create account
+    await expect(page).toHaveTitle(/Create account | Vaultwarden Web/);
+    await page.getByLabel(/Email address/).fill(process.env.TEST_USER_MAIL);
+    await page.getByLabel('Name').fill(process.env.TEST_USER);
+    await page.getByLabel('Master password\n   (required)', { exact: true }).fill('Master password');
+    await page.getByLabel('Re-type master password').fill('Master password');
+    await page.getByRole('button', { name: 'Create account' }).click();
+
+    // Back to the login page
+    await expect(page).toHaveTitle('Vaultwarden Web');
+    await page.getByLabel('Your new account has been created')
+    await page.getByRole('button', { name: 'Continue' }).click();
+
+    // Unlock page
+    await page.getByLabel('Master password').fill('Master password');
+    await page.getByRole('button', { name: 'Log in with master password' }).click();
+
+    // We are now in the default vault page
+    await expect(page).toHaveTitle(/Vaults/);
+});
+
+test('Master password login', async ({ page }) => {
+    // Landing page
+    await page.goto('/');
+    await page.getByLabel(/Email address/).fill(process.env.TEST_USER_MAIL);
+    await page.getByRole('button', { name: 'Continue' }).click();
+
+    // Unlock page
+    await page.getByLabel('Master password').fill('Master password');
+    await page.getByRole('button', { name: 'Log in with master password' }).click();
+
+    // We are now in the default vault page
+    await expect(page).toHaveTitle(/Vaults/);
+});

rust-toolchain.toml

@@ -1,4 +1,4 @@
 [toolchain]
-channel = "1.77.0"
+channel = "1.77.2"
 components = [ "rustfmt", "clippy" ]
 profile = "minimal"