diff --git a/.github/workflows/MobileCI.yaml b/.github/workflows/MobileCI.yaml index fce05dff..3e9a2d90 100644 --- a/.github/workflows/MobileCI.yaml +++ b/.github/workflows/MobileCI.yaml @@ -97,7 +97,12 @@ jobs: run: cd ../shared && npm ci - name: Generate API types run: cd ../shared && npm run generate:api + - name: Install Doppler CLI + uses: dopplerhq/cli-action@v3 - name: Run tests with coverage + # Not needed currently, just for builds and deployment using doppler run command + env: + DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN_MOBILE }} run: npm run test:coverage - name: Upload coverage to Codecov uses: codecov/codecov-action@v5 diff --git a/.github/workflows/WebCI.yaml b/.github/workflows/WebCI.yaml index c8669506..59c2517d 100644 --- a/.github/workflows/WebCI.yaml +++ b/.github/workflows/WebCI.yaml @@ -128,7 +128,12 @@ jobs: run: | npm install --package-lock-only git diff --exit-code package-lock.json + - name: Install Doppler CLI + uses: dopplerhq/cli-action@v3 - name: Build application + # Not needed currently, just for builds and deployment using doppler run command + env: + DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN_WEB }} run: npm run build - name: Upload build artifacts uses: actions/upload-artifact@v4 diff --git a/README.md b/README.md index 36e16edf..df3a3731 100644 --- a/README.md +++ b/README.md @@ -3,3 +3,91 @@ **Streamline hospitality staff operations** ![Repobeats analytics](https://repobeats.axiom.co/api/embed/a87cdebacff1d8354221554cbf2baca35800352c.svg "Repobeats analytics image") + +## Environment Setup with Doppler + +This project uses [Doppler](https://doppler.com) for centralized secrets management across 3 projects: + +- **selfserve-backend** - Go backend secrets (DB, Clerk, AWS S3, etc.) +- **selfserve-web** - React web app secrets (API URL, Clerk keys, etc.) +- **selfserve-mobile** - React Native mobile app secrets (API URL, etc.) + +Each project has 3 configs: `dev`, `tst`, `prd` + +### First-time Setup + +1. **Install Doppler CLI**: + + ```bash + brew install dopplerhq/cli/doppler + ``` + +2. **Authenticate** (one-time per machine): + + ```bash + doppler login + ``` + + This will open your browser to authenticate with Doppler. + +3. **Setup each project** (run in respective directories): + + ```bash + # Backend + cd backend + doppler setup + # Auto selected project: selfserve-backend + # Auto selected config: dev + + # Web + cd clients/web + doppler setup + # Auto selected project: selfserve-web + # Auto selected config: dev + + # Mobile + cd clients/mobile + doppler setup + # Auto selected project: selfserve-mobile + # Auto selected config: dev + ``` + +### Running Apps + +```bash +# Backend +cd backend +make air # Hot reload +make test +# Or: make run # Direct run +# Or: make dev # Build then run + +# Web +cd clients/web +npm run dev # Start dev server + +# Mobile +cd clients/mobile +npm run start # Start Expo +``` + +### Managing Secrets + +**Via Web UI**: + +- Visit [Doppler Dashboard](https://dashboard.doppler.com/) +- Select your project (backend/web/mobile) +- Add/edit secrets in the `dev` config + +**Via CLI**: + +```bash +# View all secrets for current project +doppler secrets + +# Set a secret +doppler secrets set SECRET_NAME=value + +# Download secrets to .env format (for reference) +doppler secrets download --no-file --format env +``` diff --git a/backend/Makefile b/backend/Makefile index c959e86e..f9239f60 100644 --- a/backend/Makefile +++ b/backend/Makefile @@ -3,11 +3,11 @@ CMD_PATH := ./cmd/server DOCKER_IMAGE_NAME := selfserve-backend PORT := 8080 ENV_FILE := config/.env -LOAD_ENV := set -a; [ -f $(ENV_FILE) ] && . $(ENV_FILE); set +a; +LOAD_ENV := doppler run -- LLM_URL := http://127.0.0.1:11434 .PHONY: all build run dev test format tidy download clean docker-build docker-run \ - migrate-new migrate-up migrate-down migrate-status migrate-reset db-start db-stop db-reset db-setup-env swagger swagger-fmt docker-build docker-run llm-start genkit-run seed + migrate-new migrate-up migrate-down migrate-status migrate-reset db-start db-stop db-reset swagger swagger-fmt docker-build docker-run llm-start genkit-run seed all: build @@ -122,40 +122,4 @@ db-stop: # Reset local database (stops, clears, restarts) db-reset: - supabase db reset - -# Set up .env file with local Supabase connection details -# This creates or updates config/.env with local Supabase defaults -db-setup-env: - @echo "Setting up $(ENV_FILE) for local Supabase..." - @if [ ! -f $(ENV_FILE) ]; then \ - echo "# Application Configuration" > $(ENV_FILE); \ - echo "APP_PORT=8080" >> $(ENV_FILE); \ - echo "APP_LOG_LEVEL=info" >> $(ENV_FILE); \ - echo "" >> $(ENV_FILE); \ - echo "# Database Configuration (Local Supabase)" >> $(ENV_FILE); \ - echo "DB_HOST=localhost" >> $(ENV_FILE); \ - echo "DB_PORT=54322" >> $(ENV_FILE); \ - echo "DB_USER=postgres" >> $(ENV_FILE); \ - echo "DB_PASSWORD=postgres" >> $(ENV_FILE); \ - echo "DB_NAME=postgres" >> $(ENV_FILE); \ - echo "DB_MAX_CONNS=8" >> $(ENV_FILE); \ - echo "DB_MAX_CONN_LIFETIME=30s" >> $(ENV_FILE); \ - echo "Created $(ENV_FILE) with local Supabase defaults"; \ - else \ - echo "$(ENV_FILE) already exists. Updating DB_* variables..."; \ - grep -v "^DB_" $(ENV_FILE) > $(ENV_FILE).tmp || true; \ - echo "" >> $(ENV_FILE).tmp; \ - echo "# Database Configuration (Local Supabase)" >> $(ENV_FILE).tmp; \ - echo "DB_HOST=localhost" >> $(ENV_FILE).tmp; \ - echo "DB_PORT=54322" >> $(ENV_FILE).tmp; \ - echo "DB_USER=postgres" >> $(ENV_FILE).tmp; \ - echo "DB_PASSWORD=postgres" >> $(ENV_FILE).tmp; \ - echo "DB_NAME=postgres" >> $(ENV_FILE).tmp; \ - echo "DB_MAX_CONNS=8" >> $(ENV_FILE).tmp; \ - echo "DB_MAX_CONN_LIFETIME=30s" >> $(ENV_FILE).tmp; \ - mv $(ENV_FILE).tmp $(ENV_FILE); \ - echo "Updated DB_* variables in $(ENV_FILE)"; \ - fi - @echo "" - @echo "Note: Make sure Supabase is running locally with 'make db-start'" \ No newline at end of file + supabase db reset \ No newline at end of file diff --git a/backend/README.md b/backend/README.md index ed5272ba..29d6315e 100644 --- a/backend/README.md +++ b/backend/README.md @@ -5,6 +5,7 @@ ### Prerequisites - **Go 1.24.0 or later** - [Install Go](https://go.dev/doc/install) +- **Doppler CLI** - [Install Doppler](https://docs.doppler.com/docs/install-cli) or `brew install dopplerhq/cli/doppler` ### Installation Steps @@ -19,53 +20,51 @@ ollama pull qwen2.5:7b-instruct ``` 3. **Download dependencies**: + ```bash make download ``` -4. **Set up environment variables**: - - (Slack us for these) - Create a `config/.env` file with the following variables: - ```env - # Application Configuration - APP_PORT=8080 - APP_LOG_LEVEL=info - - # Database Configuration (required) - DB_HOST=your-database-host - DB_PORT=5432 - DB_USER=your-database-user - DB_PASSWORD=your-database-password - DB_NAME=your-database-name - DB_MAX_CONNS=8 - DB_MAX_CONN_LIFETIME=30s +4. **Set up Doppler secrets management**: + + a. Authenticate with Doppler (first time only): + + ```bash + doppler login ``` - > **Note**: All database variables (DB_HOST, DB_PORT, DB_USER, DB_PASSWORD, DB_NAME) are required. The application will fail to start if they are missing. + b. Set up the backend project: - **LLM Configuration** – used for parsing request text (e.g. `/request/parse`). Add this to your existing .env: - ```env - LLM_SERVER_ADDRESS=http://127.0.0.1:11434 - LLM_MODEL=qwen2.5:3b - LLM_TIMEOUT=60 + ```bash + cd backend + doppler setup ``` -5. **Run with hot reload** (development): + This will configure your local environment to use the `selfserve-backend` project with the `dev` config + +5. **Start local Supabase**: + ```bash - air + make db-start ``` - Or run directly: +6. **Run with hot reload** (development): + ```bash - make dev + make air ``` - Or run with GenKit UI: + Or run directly without hot reload: + ```bash - make genkit-run + make run ``` + Or build and run: + + ```bash + make dev + ``` ## Directory Structure @@ -129,7 +128,7 @@ Logic traversal: ┌──────────────▼──────────────────────────┐ │ Storage Layer │ │ (internal/service/storage/postgres/) │ -│ The Database itself │ +│ The Database itself │ └─────────────────────────────────────────┘ ``` @@ -151,20 +150,19 @@ Logic traversal: ## Development - ```bash # Build make build # Run +make air # Hot reload + +# Or run directly make run -# Build and run +# Or build and run make dev -# OR air to build and run if you installed air above -air - # Run tests make test @@ -177,17 +175,6 @@ make clean ## Configuration -The application reads configuration from environment variables (loaded from `config/.env`): - -- `APP_PORT`: Server port (default: 8080) -- `APP_LOG_LEVEL`: Log level (default: info) -- `DB_HOST`, `DB_PORT`, `DB_USER`, `DB_PASSWORD`, `DB_NAME`: Database connection details -- `DB_MAX_CONNS`: Maximum database connections (default: 8) -- `DB_MAX_CONN_LIFETIME`: Connection lifetime (default: 30s) - -- `LLM_SERVER_ADDRESS`: LLM server URL (default: http://127.0.0.1:11434) -- `LLM_MODEL`: Model name, e.g. qwen2.5:7b-instruct, llama3.2, gemma2 -- `LLM_TIMEOUT`: Response timeout in seconds (default: 60) -- `LLM_MAX_OUTPUT_TOKENS`: Max tokens for generation; lower values reduce latency (default: 1024) -- `LLM_TEMPERATURE`: Sampling temperature 0–1; lower is more deterministic and often faster for extraction +The application reads configuration from environment variables injected by Doppler: +See config/.env.sample diff --git a/backend/config/.env.sample b/backend/config/.env.sample index 88c78c84..403d9e8e 100644 --- a/backend/config/.env.sample +++ b/backend/config/.env.sample @@ -1,8 +1,14 @@ +# DEPRECATED: This file is for reference only +# Secrets are managed via Doppler +# To set up: doppler login && doppler setup +# To view secrets: doppler secrets +# To manage: https://dashboard.doppler.com/ + # Application APP_PORT=8080 APP_LOG_LEVEL=info APP_HOST=localhost:8080 -APP_CORS_ORIGINS=http://localhost:3000,http://localhost:8081,http://localhost:8080,http://127.0.0.1:8080 +APP_CORS_ORIGINS=http://localhost:3000 # Database DB_HOST="" @@ -15,6 +21,7 @@ DB_SSLMODE=disable # Clerk CLERK_SECRET_KEY="" CLERK_WEBHOOK_SIGNATURE="" +CLERK_BASE_URL="" # Optional # Status ENV=development diff --git a/backend/doppler.yaml b/backend/doppler.yaml new file mode 100644 index 00000000..89254250 --- /dev/null +++ b/backend/doppler.yaml @@ -0,0 +1,3 @@ +setup: + project: selfserve-backend + config: dev diff --git a/clients/mobile/.env.sample b/clients/mobile/.env.sample index d0eb74d6..5eee17e0 100644 --- a/clients/mobile/.env.sample +++ b/clients/mobile/.env.sample @@ -1,2 +1,8 @@ +# DEPRECATED: This file is for reference only +# Secrets are managed via Doppler +# To set up: doppler login && doppler setup +# To view secrets: doppler secrets +# To manage: https://dashboard.doppler.com/ + EXPO_PUBLIC_CLERK_PUBLISHABLE_KEY=YOUR_CLERK_PUBLISHABLE_KEY -EXPO_PUBLIC_API_URL=http://localhost:8080 \ No newline at end of file +EXPO_PUBLIC_API_BASE_URL=http://localhost:8080/api/v1 \ No newline at end of file diff --git a/clients/mobile/doppler.yaml b/clients/mobile/doppler.yaml new file mode 100644 index 00000000..16a968c3 --- /dev/null +++ b/clients/mobile/doppler.yaml @@ -0,0 +1,3 @@ +setup: + project: selfserve-mobile + config: dev diff --git a/clients/mobile/package.json b/clients/mobile/package.json index f3d160b2..f07dd9ab 100644 --- a/clients/mobile/package.json +++ b/clients/mobile/package.json @@ -3,10 +3,10 @@ "main": "expo-router/entry", "version": "1.0.0", "scripts": { - "start": "expo start", + "start": "doppler run -- expo start", "reset-project": "node ./scripts/reset-project.js", - "android": "expo run:android", - "ios": "expo run:ios", + "android": "doppler run -- expo run:android", + "ios": "doppler run -- expo run:ios", "lint": "expo lint", "format": "prettier --write .", "format:check": "prettier --check .", diff --git a/clients/shared/README.md b/clients/shared/README.md index afd1646a..e9fa588e 100644 --- a/clients/shared/README.md +++ b/clients/shared/README.md @@ -2,6 +2,51 @@ This package contains shared code (API clients, hooks, types, utilities) used by both the web and mobile clients. +## Environment Setup with Doppler + +Both web and mobile clients use Doppler for secrets management: + +- **selfserve-web** - Web app secrets (Vite env vars) +- **selfserve-mobile** - Mobile app secrets (Expo env vars) + +### First-time Setup + +1. Install Doppler CLI (if not already installed): + + ```bash + brew install dopplerhq/cli/doppler + ``` + +2. Authenticate: + + ```bash + doppler login + ``` + +3. Set up each client project: + + ```bash + # For web + cd clients/web + doppler setup + + # For mobile + cd clients/mobile + doppler setup + ``` + +### Running Apps + +```bash +# Web +cd clients/web +npm run dev + +# Mobile +cd clients/mobile +npm run start +``` + ## Architecture - **Source-only package**: This is not a compiled npm package. Web and mobile import the raw TypeScript source and bundle it with their own dependencies. diff --git a/clients/web/.env.sample b/clients/web/.env.sample index 9f5aa2af..df486d26 100644 --- a/clients/web/.env.sample +++ b/clients/web/.env.sample @@ -1,8 +1,14 @@ +# DEPRECATED: This file is for reference only +# Secrets are managed via Doppler +# To set up: doppler login && doppler setup +# To view secrets: doppler secrets +# To manage: https://dashboard.doppler.com/ + VITE_CLERK_PUBLISHABLE_KEY=YOUR_OWN_CLERK_PUBLISHABLE_KEY -VITE_API_URL=http://localhost:8080 +API_BASE_URL=http://localhost:8080/api/v1 # Clerk redirect URLs -VITE_CLERK_SIGN_IN_FORCE_REDIRECT_URL=/home -VITE_CLERK_SIGN_UP_FORCE_REDIRECT_URL=/home -VITE_CLERK_SIGN_IN_FALLBACK_REDIRECT_URL=/home -VITE_CLERK_SIGN_UP_FALLBACK_REDIRECT_URL=/home \ No newline at end of file +VITE_CLERK_SIGN_IN_FORCE_REDIRECT_URL=/home # Optional +VITE_CLERK_SIGN_UP_FORCE_REDIRECT_URL=/home # Optional +VITE_CLERK_SIGN_IN_FALLBACK_REDIRECT_URL=/home # Optional +VITE_CLERK_SIGN_UP_FALLBACK_REDIRECT_URL=/home # Optional \ No newline at end of file diff --git a/clients/web/doppler.yaml b/clients/web/doppler.yaml new file mode 100644 index 00000000..a9319377 --- /dev/null +++ b/clients/web/doppler.yaml @@ -0,0 +1,3 @@ +setup: + project: selfserve-web + config: dev diff --git a/clients/web/package.json b/clients/web/package.json index 6a3156d2..717e309a 100644 --- a/clients/web/package.json +++ b/clients/web/package.json @@ -3,9 +3,9 @@ "private": true, "type": "module", "scripts": { - "dev": "vite dev --port 3000", - "build": "vite build", - "preview": "vite preview", + "dev": "doppler run -- vite dev --port 3000", + "build": "doppler run -- vite build", + "preview": "doppler run -- vite preview", "test": "vitest run", "lint": "eslint", "format": "prettier --write .",