chore: initial commit

.dockerignore

@@ -0,0 +1,16 @@
+.infra
+.dockerignore
+.DS_Store
+.editorconfig
+.env*
+.git
+.gitignore
+.gitmodules
+.idea
+.vscode
+*.log
+coverage
+Dockerfile
+Makefile
+README.md
+service-account.example.json

.eslintrc.json

@@ -0,0 +1,3 @@
+{
+  "extends": "next/core-web-vitals"
+}

.github/pull_request_template.md

@@ -0,0 +1,20 @@
+## What does this PR do?
+_Place what this pull request changes and anything affected. If your PR block or require another PR, also need to mention here_
+
+## Why are we doing this? Any context or related work?
+_You may put your JIRA card link or another here_
+
+## Where should a reviewer start?
+_optional -- if your changes affected so much files, it is encouraged to give helper for reviewer_
+
+## Screenshots
+_optional -- You may put the database, sequence or any diagram needed_
+
+## Manual testing steps?
+_Steps to do tests. including all possible that can hape_
+
+## Config changes
+_optional -- If there's config changes, put it here_
+
+## Deployment instructions
+_optional -- Better to put it if there's some 'special case' for deployment_

.github/workflows/auto-close-stale-pr.yaml

@@ -0,0 +1,17 @@
+name: Auto-Close Stale PR
+on:
+  schedule:
+    - cron: 0 0 * * *
+
+jobs:
+  close-pr:
+    runs-on: ktbs-small-runner
+    steps:
+      - uses: actions/stale@v9
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          stale-pr-message: "This PR has been automatically marked as no-pr-activity. Closing it..."
+          stale-pr-label: "no-pr-activity"
+          exempt-pr-labels: "awaiting-approval"
+          days-before-stale: 13
+          days-before-close: 0

.github/workflows/deploy-stg.yaml

@@ -0,0 +1,47 @@
+name: Deploy Stg
+
+on:
+  push:
+    branches:
+      - main
+
+env:
+  ENV: stg
+  ENV_NAME: stg
+
+concurrency:
+  group: deploy-stg-smocker
+  cancel-in-progress: true
+
+jobs:
+  build-push:
+    runs-on: ktbs-build-deploy-runner
+    steps:
+      - name: Run build & push
+        uses: kitabisa/composite-actions/frontend/build@v2
+        with:
+          project_id: ${{ secrets.GCP_PROJECT_ID_STG }}
+          credentials_json: ${{ secrets.GCP_SA_KEY_STG }}
+          artifact_registry_host: ${{ secrets.ARTIFACT_REGISTRY_HOST }}
+          artifact_registry_project_id: ${{ secrets.GCP_PROJECT_ID_INFRA }}
+          setup_pnpm: true
+          using_nextjs: true
+          config: false
+
+  deploy:
+    runs-on: ktbs-build-deploy-runner
+    needs: build-push
+    steps:
+      - name: Run deploy & prune
+        uses: kitabisa/composite-actions/frontend/deploy@v2
+        with:
+          project_id: ${{ secrets.GCP_PROJECT_ID_STG }}
+          credentials_json: ${{ secrets.GCP_SA_KEY_STG }}
+          artifact_registry_host: ${{ secrets.ARTIFACT_REGISTRY_HOST }}
+          artifact_registry_project_id: ${{ secrets.GCP_PROJECT_ID_INFRA }}
+          gke_cluster_name: ${{ secrets.GKE_CLUSTER_STGDEV }}
+          gke_cluster_zone: ${{ secrets.GKE_ZONE_STGDEV }}
+          rancher_host: ${{ secrets.RANCHER_CATTLE_HOST }}
+          rancher_access_key: ${{ secrets.RANCHER_CATTLE_ACCESS_KEY }}
+          rancher_secret_key: ${{ secrets.RANCHER_CATTLE_SECRET_KEY }}
+          rancher_cluster_id: ${{ secrets.RANCHER_CATTLE_CLUSTER_ID_STGDEV }}

.gitignore

@@ -0,0 +1,36 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+.yarn/install-state.gz
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# local env files
+.env*.local
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts

.infra/helm/helmfile.yaml

@@ -0,0 +1,29 @@
+repositories:
+  - name: kitabisa
+    url: {{ requiredEnv "CHARTS_REPOSITORY" }}
+    oci: true
+
+releases:
+  - name: {{ requiredEnv "APP_NAME" }}-server-{{ requiredEnv "ENV_NAME" }}
+    namespace: {{ requiredEnv "APP_NAME" }}
+    labels:
+      tier: app
+      type: main
+    chart: kitabisa/app
+    version: ~1.0.0-alpha
+    values:
+      - {{ requiredEnv "ENV" }}/server.yaml
+      - values.yaml.gotmpl
+    hooks:
+      - events: ["postsync"]
+        showlogs: true
+        command: kubectl
+        args: ["label", "--overwrite", "namespaces", "{{ requiredEnv "APP_NAME" }}", "goldilocks.fairwinds.com/enabled=true"]
+
+  - name: {{ requiredEnv "APP_NAME" }}-debugger
+    namespace: {{ requiredEnv "APP_NAME" }}
+    labels:
+      tier: debugger
+      type: optional
+    chart: kitabisa/debugger
+    installed: false

.infra/helm/stg/server.yaml

@@ -0,0 +1,49 @@
+image:
+  pullPolicy: Always
+
+server:
+  enabled: true
+
+  port: 3000
+
+  liveness:
+    delay: 20
+
+  readiness:
+    path: /health_check
+    delay: 20
+
+  resources:
+    requests:
+      cpu: 10m
+      memory: 1Gi
+    limits:
+      memory: 2Gi
+
+service:
+  enabled: true
+
+ingress:
+  enabled: true
+
+  annotations:
+    nginx.ingress.kubernetes.io/configuration-snippet: |-
+      more_set_headers "server: ktbs-dtx-server";
+      more_set_headers "X-Content-Type-Options: nosniff";
+      more_set_headers "X-Xss-Protection: 1; mode=block";
+      more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
+      more_set_headers "Content-Security-Policy: upgrade-insecure-requests";
+      more_set_headers "X-Powered-By: ktbs-dtx";
+
+  tls:
+    - hosts:
+        - smocker.kitabisa.xyz
+
+  hosts:
+    - host: "smocker.kitabisa.xyz"
+      paths:
+        - "/"
+
+autoscaling:
+  minReplicas: 1
+  maxReplicas: 1

.infra/helm/values.yaml.gotmpl

@@ -0,0 +1,10 @@
+meta:
+  name: {{ requiredEnv "APP_NAME" }}
+  env: {{ requiredEnv "ENV_NAME" }}
+  version: {{ requiredEnv "VERSION" | quote }}
+  squad: {{ requiredEnv "SQUAD" }}
+  business: {{ requiredEnv "BUSINESS" }}
+
+image:
+  repository: {{ requiredEnv "DOCKER_REPOSITORY" }}/{{ requiredEnv "APP_NAME" }}
+  tag: {{ requiredEnv "VERSION" }}-{{ requiredEnv "ENV_NAME" }}

.nvmrc

@@ -0,0 +1 @@
+lts/*

Dockerfile

@@ -0,0 +1,24 @@
+FROM node:lts-slim
+
+ARG GIT_COMMIT
+ARG VERSION
+LABEL REPO="https://github.com/kitabisa/smocker"
+LABEL GIT_COMMIT=$GIT_COMMIT
+LABEL VERSION=$VERSION
+ENV GIT_COMMIT=$GIT_COMMIT
+ENV VERSION=$VERSION
+ENV NODE_ENV=production
+
+WORKDIR /opt/smocker
+
+COPY ./.next/standalone /opt/smocker/
+
+RUN chmod -R 777 /opt/smocker/.next
+RUN chmod -R 777 /opt/smocker/node_modules
+
+# Create appuser
+RUN adduser --disabled-password --gecos '' smocker
+
+USER smocker
+
+CMD ["node", "server.js"]

Makefile

@@ -0,0 +1,68 @@
+SHELL                 = /bin/bash
+
+APP_NAME              = smocker
+VERSION               = $(shell git describe --always --tags $(shell git rev-list --tags --skip=${SKIP_VERSION} --max-count=1))
+GIT_COMMIT            = $(shell git rev-parse HEAD)
+GIT_DIRTY             = $(shell test -n "`git status --porcelain`" && echo "+CHANGES" || true)
+BUILD_DATE            = $(shell date '+%Y-%m-%d-%H:%M:%S')
+SQUAD                 = frontend
+BUSINESS              = platform
+
+.PHONY: default
+default: help
+
+.PHONY: help
+help:
+	@echo 'Management commands for ${APP_NAME}:'
+	@echo
+	@echo 'Usage:'
+	@echo '    make install                            Install dependencies.'
+	@echo '    make build                              Build application.'
+	@echo '    make package                            Build, tag, and push Docker image.'
+	@echo '    make deploy                             Deploy to Kubernetes via Helmfile.'
+	@echo
+
+.PHONY: install
+install:
+	@echo "Installing dependencies for ${APP_NAME} ${VERSION}"
+	CI=true pnpm install --frozen-lockfile
+
+.PHONY: build
+build:
+	@echo "Building ${APP_NAME} ${VERSION}"
+	CI=true \
+	CI_ENV=${ENV} \
+	NODE_ENV=production \
+	VERSION=${VERSION} \
+	pnpm build
+
+.PHONY: package
+package:
+	@echo "Build, tag, and push Docker image ${APP_NAME} ${VERSION} ${GIT_COMMIT}"
+	docker buildx build \
+		--build-arg VERSION=${VERSION} \
+		--build-arg GIT_COMMIT=${GIT_COMMIT}${GIT_DIRTY} \
+		--cache-from type=local,src=/tmp/.buildx-cache \
+		--cache-to type=local,dest=/tmp/.buildx-cache \
+		--tag ${DOCKER_REPOSITORY}/${APP_NAME}:${GIT_COMMIT} \
+		--tag ${DOCKER_REPOSITORY}/${APP_NAME}:${VERSION} \
+		--tag ${DOCKER_REPOSITORY}/${APP_NAME}:${VERSION}-${ENV_NAME} \
+		--tag ${DOCKER_REPOSITORY}/${APP_NAME}:latest \
+		--push .
+
+.PHONY: deploy
+deploy:
+	@echo "Deploying ${APP_NAME} ${VERSION}"
+	export APP_NAME=${APP_NAME} && \
+	export VERSION=${VERSION} && \
+	export SQUAD=${SQUAD} && \
+	export BUSINESS=${BUSINESS} && \
+	helmfile apply
+
+.PHONY: get-app-name
+get-app-name:
+	@echo ${APP_NAME}
+
+.PHONY: get-business-unit
+get-business-unit:
+	@echo ${BUSINESS}