exp: add typesafe api client

.env.docker-compose.dev

@@ -0,0 +1,13 @@
+MINIO_ROOT_USER=pubpub-minio-admin
+MINIO_ROOT_PASSWORD=pubpub-minio-admin
+
+ASSETS_BUCKET_NAME=assets.v7.pubpub.org
+ASSETS_UPLOAD_KEY=pubpubuser
+ASSETS_UPLOAD_SECRET_KEY=pubpubpass
+ASSETS_REGION=us-east-1
+
+POSTGRES_PORT=54322
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=postgres
+POSTGRES_DB=postgres
+

.env.docker-compose.test

@@ -0,0 +1,40 @@
+MINIO_ROOT_USER=pubpub-minio-admin
+MINIO_ROOT_PASSWORD=pubpub-minio-admin
+
+ASSETS_BUCKET_NAME=byron.v7.pubpub.org
+ASSETS_UPLOAD_KEY=pubpubuserrr
+ASSETS_UPLOAD_SECRET_KEY=pubpubpass
+ASSETS_REGION=us-east-1
+ASSETS_STORAGE_ENDPOINT=http://localhost:9000
+
+POSTGRES_PORT=54323
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=postgres
+POSTGRES_DB=postgres
+POSTGRES_HOST=db
+
+# annoying duplication because jobs uses this version
+PGHOST=db
+PGPORT=5432
+PGUSER=postgres
+PGPASSWORD=postgres
+PGDATABASE=postgres
+
+# this needs to be db:5432 bc that's what it is in the app-network
+# if you are running this from outside the docker network, you need to use
+# @localhost:${POSTGRES_PORT} instead
+DATABASE_URL=postgresql://postgres:postgres@db:5432/postgres
+
+
+JWT_SECRET=xxx
+MAILGUN_SMTP_PASSWORD=xxx
+GCLOUD_KEY_FILE=xxx
+
+MAILGUN_SMTP_HOST=inbucket
+MAILGUN_SMTP_PORT=2500
+# this needs to be localhost:54324 instead of inbucket:9000 bc we are almost always running the integration tests from outside the docker network
+INBUCKET_URL=http://localhost:54324
+MAILGUN_SMTP_USERNAME=omitted
+OTEL_SERVICE_NAME=core.core
+PUBPUB_URL=http://localhost:3000
+API_KEY=xxx

.github/dependabot.yml

@@ -0,0 +1,55 @@
+# yaml-language-server: $schema=https://json.schemastore.org/dependabot-2.0.json
+# Dependabot configuration file
+# See documentation: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+    # package.json + pnpm catalog updates
+    - package-ecosystem: "npm"
+      directory: "/"
+      schedule:
+          interval: "weekly"
+          day: "monday"
+      open-pull-requests-limit: 10
+      labels:
+          - "dependencies"
+          - "npm"
+      commit-message:
+          prefix: "npm"
+          include: "scope"
+      # group all minor and patch updates together
+      groups:
+          minor-patch-dependencies:
+              patterns:
+                  - "*"
+              update-types:
+                  - "minor"
+                  - "patch"
+
+    # GitHub Actions updates
+    - package-ecosystem: "github-actions"
+      directory: "/"
+      schedule:
+          interval: "weekly"
+          day: "monday"
+      open-pull-requests-limit: 5
+      labels:
+          - "dependencies"
+          - "github-actions"
+      commit-message:
+          prefix: "github-actions"
+          include: "scope"
+
+    # docker updates
+    - package-ecosystem: "docker"
+      directory: "/"
+      schedule:
+          interval: "weekly"
+          day: "monday"
+      open-pull-requests-limit: 5
+      labels:
+          - "dependencies"
+          - "docker"
+      commit-message:
+          prefix: "docker"
+          include: "scope"

.github/workflows/build-docs.yml

@@ -0,0 +1,80 @@
+name: Build Docs
+
+on:
+    workflow_call:
+        inputs:
+            preview:
+                type: boolean
+                required: true
+
+jobs:
+    build-docs:
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout
+              with:
+                  # necessary in order to show latest updates in docs
+                  fetch-depth: 0
+              uses: actions/checkout@v4
+
+            - name: Install Node.js
+              uses: actions/setup-node@v4
+              with:
+                  node-version: 22.13.1
+
+            - uses: pnpm/action-setup@v4
+              name: Install pnpm
+              with:
+                  run_install: false
+
+            - name: Get pnpm store directory
+              id: get-store-path
+              shell: bash
+              run: |
+                  echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_OUTPUT
+
+            - name: Setup pnpm cache
+              uses: actions/cache@v4
+              with:
+                  path: ${{ steps.get-store-path.outputs.STORE_PATH }}
+                  key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
+                  restore-keys: |
+                      ${{ runner.os }}-pnpm-store-
+
+            # - name: Cache turbo
+            #   uses: actions/cache@v4
+            #   with:
+            #       path: .turbo
+            #       key: ${{ runner.os }}-turbo-${{ github.sha }}
+            #       restore-keys: |
+            #           ${{ runner.os }}-turbo-
+
+            - name: Install dependencies
+              run: pnpm install --frozen-lockfile --prefer-offline
+
+            - name: set pr number if preview
+              id: set-pr-number
+              if: inputs.preview == true
+              run: |
+                  echo "PR_NUMBER=${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT
+
+            - name: Build docs
+              env:
+                  PR_NUMBER: ${{ steps.set-pr-number.outputs.PR_NUMBER }}
+              run: pnpm --filter docs build
+
+            - name: Deploy docs main 🚀
+              if: inputs.preview == false
+              uses: JamesIves/github-pages-deploy-action@v4
+              with:
+                  folder: docs/out
+                  branch: gh-pages
+                  clean-exclude: pr-preview
+                  force: false
+
+            - name: Deploy docs preview
+              if: inputs.preview == true
+              uses: rossjrw/pr-preview-action@v1
+              with:
+                  source-dir: docs/out
+                  action: deploy

.github/workflows/ci.yml

@@ -19,14 +19,15 @@ jobs:
         runs-on: ubuntu-latest
         env:
             COMPOSE_FILE: docker-compose.test.yml
+            ENV_FILE: .env.docker-compose.test
         steps:
             - name: Checkout
               uses: actions/checkout@v4
 
             - name: Install Node.js
               uses: actions/setup-node@v4
               with:
-                  node-version: 20
+                  node-version: 22.13.1
 
             - uses: pnpm/action-setup@v4
               name: Install pnpm
@@ -55,8 +56,8 @@ jobs:
                   restore-keys: |
                       ${{ runner.os }}-turbo-
 
-            - name: Start up DB
-              run: docker compose --profile test up -d
+            - name: Start test dependencies
+              run: pnpm test:setup
 
             - name: Install dependencies
               run: pnpm install --frozen-lockfile --prefer-offline
@@ -66,11 +67,6 @@ jobs:
 
             - name: Run migrations
               run: pnpm --filter core migrate-test
-              env:
-                  DATABASE_URL: postgresql://postgres:postgres@localhost:5433/postgres
-
-            - name: generate prisma
-              run: pnpm --filter core prisma generate
 
             - name: Run prettier
               run: pnpm format

.github/workflows/e2e.yml

@@ -20,14 +20,16 @@ jobs:
     integration-tests:
         name: Integration tests
         runs-on: ubuntu-latest
+        env:
+            ENV_FILE: .env.docker-compose.test
         steps:
             - name: Checkout
               uses: actions/checkout@v4
 
             - name: Install Node.js
               uses: actions/setup-node@v4
               with:
-                  node-version: 20
+                  node-version: 22.13.1
 
             - uses: pnpm/action-setup@v4
               name: Install pnpm
@@ -48,31 +50,6 @@ jobs:
                   restore-keys: |
                       ${{ runner.os }}-pnpm-store-
 
-            - name: Install dependencies
-              run: pnpm install --frozen-lockfile --prefer-offline
-
-            - name: Start up DB
-              run: docker compose -f docker-compose.test.yml --profile test up -d
-
-            - name: p:build
-              run: pnpm p:build
-
-            - name: Run migrations
-              run: pnpm --filter core prisma migrate deploy
-              env:
-                  DATABASE_URL: postgresql://postgres:postgres@localhost:5433/postgres
-
-            - name: generate prisma
-              run: pnpm --filter core prisma generate
-
-            - name: seed db
-              run: pnpm --filter core prisma db seed
-              env:
-                  # 20241126: this prevents the arcadia seed from running, which contains a ton of pubs which potentially might slow down the tests
-                  MINIMAL_SEED: true
-                  SKIP_VALIDATION: true
-                  DATABASE_URL: postgresql://postgres:postgres@localhost:5433/postgres
-
             - name: Configure AWS credentials
               uses: aws-actions/configure-aws-credentials@v4
               with:
@@ -100,10 +77,26 @@ jobs:
                   echo "jobs_label=$ECR_REGISTRY/${ECR_REPOSITORY_NAME_OVERRIDE:-$ECR_REPOSITORY_PREFIX-jobs}:$IMAGE_TAG" >> $GITHUB_OUTPUT
                   echo "base_label=$ECR_REGISTRY/$ECR_REPOSITORY_PREFIX:$IMAGE_TAG" >> $GITHUB_OUTPUT
 
+            - name: Install dependencies
+              run: pnpm install --frozen-lockfile --prefer-offline
+
+            - name: Start up db images
+              run: pnpm test:setup
+
+            - name: p:build
+              run: pnpm p:build
+
+            - name: Run migrations and seed
+              run: pnpm --filter core db:test:reset
+              env:
+                  # 20241126: this prevents the arcadia seed from running, which contains a ton of pubs which potentially might slow down the tests
+                  MINIMAL_SEED: true
+                  SKIP_VALIDATION: true
+
             - run: pnpm --filter core exec playwright install chromium --with-deps
 
-            - name: Start up core
-              run: docker compose -f docker-compose.test.yml --profile integration up -d
+            - name: Start up core etc
+              run: pnpm integration:setup
               env:
                   INTEGRATION_TESTS_IMAGE: ${{steps.label.outputs.core_label}}
                   JOBS_IMAGE: ${{steps.label.outputs.jobs_label}}
@@ -121,7 +114,7 @@ jobs:
                   INTEGRATION_TEST_HOST: localhost
 
             - name: Print container logs
-              if: failure()
+              if: ${{failure() || cancelled()}}
               run: docker compose -f docker-compose.test.yml --profile integration logs
 
             - name: Upload playwright snapshots artifact

.github/workflows/ecrbuild-all.yml

@@ -9,6 +9,20 @@ on:
                 required: true
             AWS_SECRET_ACCESS_KEY:
                 required: true
+        inputs:
+            publish_to_ghcr:
+                type: boolean
+                default: false
+        outputs:
+            core-image:
+                description: "Core image SHA"
+                value: ${{ jobs.build-core.outputs.image-sha }}
+            base-image:
+                description: "Base image SHA"
+                value: ${{ jobs.build-base.outputs.image-sha }}
+            jobs-image:
+                description: "Jobs image SHA"
+                value: ${{ jobs.build-jobs.outputs.image-sha }}
 
 jobs:
     emit-sha-tag:
@@ -26,6 +40,9 @@ jobs:
 
     build-base:
         uses: ./.github/workflows/ecrbuild-template.yml
+        with:
+            publish_to_ghcr: ${{ inputs.publish_to_ghcr }}
+            ghcr_image_name: platform-migrations
         secrets:
             AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
             AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
@@ -36,6 +53,8 @@ jobs:
         #   - build-base
         with:
             package: core
+            publish_to_ghcr: ${{ inputs.publish_to_ghcr }}
+            ghcr_image_name: platform
             # we require a bigger lad
             # We are now public, default public runner is big enough
             # runner: ubuntu-latest-m
@@ -50,6 +69,8 @@ jobs:
         with:
             package: jobs
             target: jobs
+            publish_to_ghcr: ${{ inputs.publish_to_ghcr }}
+            ghcr_image_name: platform-jobs
         secrets:
             AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
             AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}