staratlasmeta · mindrunner · Apr 16, 2025
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,13 @@
+.dockerignore
+
+# Not needed as we are bundling the whole app
+node_modules
+# Log files
+logs
+*.log
+npm-debug.log*
+pnpm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+.next
+.git
diff --git a/.github/actions/build-install/action.yml b/.github/actions/build-install/action.yml
@@ -0,0 +1,66 @@
+name: 'Install cached modules'
+description: 'Run pnpm install with cached modules'
+
+inputs:
+  production:
+    description: 'Install only production dependencies'
+    required: false
+    default: 'false'
+  build:
+    description: 'Build App'
+    required: false
+    default: 'false'
+  npm-token:
+    description: 'NPM token'
+    required: true
+  flavor:
+    description: 'Flavor of the application'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - uses: actions/setup-node@v4
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        scope: '@staratlas'
+        node-version-file: '.nvmrc'
+        always-auth: true
+
+    - name: Install pnpm
+      uses: pnpm/action-setup@v3
+      id: pnpm-install
+      with:
+        run_install: false
+
+    - name: Get pnpm store directory
+      id: pnpm-cache
+      shell: bash
+      run: |
+        echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
+
+    - name: Setup pnpm cache
+      uses: actions/cache@v4
+      with:
+        path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
+        key: pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
+        restore-keys: |
+          pnpm-store-
+
+    - name: Install dependencies
+      shell: bash
+      run: pnpm install --frozen-lockfile
+      env:
+        NODE_AUTH_TOKEN: ${{ inputs.npm-token }}
+
+    - name: Build App
+      if: ${{ inputs.build == 'true' }}
+      shell: bash
+      run: rm -rf .next && NEXT_PUBLIC_FLAVOR=${{ inputs.flavor }} pnpm run build
+
+    - name: Strip Dev Dependencies
+      if: ${{ inputs.production == 'true' }}
+      shell: bash
+      run: pnpm install --frozen-lockfile --ignore-scripts --prod
+      env:
+        NODE_AUTH_TOKEN: ${{ inputs.npm-token }}
diff --git a/.github/actions/deploy/action.yml b/.github/actions/deploy/action.yml
@@ -0,0 +1,61 @@
+name: 'Deploy to Cloud Run'
+description: 'Deploys a service or job to Cloud Run with optional immediate execution for jobs'
+
+inputs:
+  environment:
+    required: true
+    description: 'Deployment environment'
+    default: 'dev'
+  repository:
+    required: true
+    description: 'Artifact repository'
+    default: 'artifacts-0'
+  project-name:
+    required: true
+    description: 'Name of the project'
+  gcp-project-id:
+    required: true
+    description: 'Google Cloud Project ID'
+  app-name:
+    required: true
+    description: 'Name of the application'
+  gcp-auth-key:
+    required: true
+    description: 'GCP authentication key'
+  image-name:
+    required: true
+    description: 'Name of the Docker image'
+  deploy-type:
+    required: true
+    default: service
+    description: 'Type of deployment: "service" or "job"'
+  execute-immediately:
+    required: false
+    default: "false"
+    description: 'Whether to execute the job immediately after deployment (only for jobs)'
+
+runs:
+  using: 'composite'
+  steps:
+    - shell: bash
+      run: echo "sha_short=$(git rev-parse --short "$GITHUB_SHA")" >> "$GITHUB_ENV"
+
+    - uses: google-github-actions/auth@v2
+      with:
+        credentials_json: ${{ inputs.gcp-auth-key }}
+
+    - uses: google-github-actions/setup-gcloud@v2
+
+    - uses: google-github-actions/deploy-cloudrun@v2
+      with:
+        project_id: ${{ inputs.gcp-project-id }}
+        ${{ inputs.deploy-type == 'job' && 'job' || 'service' }}: ${{ inputs.app-name }}
+        image: us-central1-docker.pkg.dev/${{ inputs.repository }}/${{ inputs.project-name }}/${{ inputs.image-name }}:sha-${{ env.sha_short }}
+
+    - name: Execute Job Immediately
+      if: inputs.deploy-type == 'job' && inputs.execute-immediately == 'true'
+      shell: bash
+      run: |
+        gcloud run jobs execute ${{ inputs.app-name }} \
+          --project ${{ inputs.gcp-project-id }} \
+          --region us-central1
diff --git a/.github/actions/release/action.yml b/.github/actions/release/action.yml
@@ -0,0 +1,60 @@
+name: 'Build and Release Docker image'
+description: ''
+
+inputs:
+  repository:
+    required: true
+    description: ''
+    default: 'artifacts-0'
+  project-name:
+    required: true
+    description: ''
+  app-name:
+    required: true
+    description: ''
+    default: ''
+  gcp-auth-key:
+    required: true
+    description: ''
+    default: ''
+  npm-token:
+    description: 'NPM token'
+    required: true
+  flavor:
+    description: 'Flavor of the application'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - uses: ./.github/actions/build-install
+      with:
+        build: true
+        production: true
+        flavor: ${{ inputs.flavor }}
+        npm-token: ${{ inputs.npm-token }}
+    - uses: docker/metadata-action@v5
+      id: metadata
+      with:
+        images: us-central1-docker.pkg.dev/${{ inputs.repository }}/${{ inputs.project-name }}/${{ inputs.app-name }}
+        tags: |
+          type=schedule
+          type=ref,event=branch
+          type=ref,event=tag
+          type=ref,event=pr
+          type=sha
+          type=raw,value=latest,enable={{is_default_branch}}
+    - uses: docker/login-action@v3
+      with:
+        username: _json_key
+        password: '${{ inputs.gcp-auth-key }}'
+        registry: 'us-central1-docker.pkg.dev'
+    - uses: int128/kaniko-action@v1
+      with:
+        push: true
+        file: Dockerfile
+        tags: ${{ steps.metadata.outputs.tags }}
+        labels: ${{ steps.metadata.outputs.labels }}
+        build-args: |
+            FLAVOR=${{ inputs.flavor }}
+        cache: true
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,21 @@
+version: 2
+registries:
+  npmjs:
+    type: npm-registry
+    url: https://registry.npmjs.org
+    token: ${{secrets.NPM_TOKEN}}
+updates:
+  - package-ecosystem: "docker"
+    directory: "/docker"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "npm"
+    registries:
+      - npmjs
+    directory: "/"
+    schedule:
+      interval: "daily"
diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml
@@ -0,0 +1,12 @@
+name: Auto approve
+
+on: pull_request_target
+
+jobs:
+  auto-approve:
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+    if: github.actor == 'dependabot[bot]'
+    steps:
+      - uses: hmarr/auto-approve-action@v4
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
diff --git a/.github/workflows/deploy-app.yml b/.github/workflows/deploy-app.yml
@@ -0,0 +1,29 @@
+name: deploy
+
+on:
+  workflow_call:
+    inputs:
+      environment:
+        required: true
+        type: string
+    secrets:
+      GCP_AUTH_KEY:
+        required: true
+jobs:
+
+
+  deploy-explorer:
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/deploy
+        with:
+          deploy-type: service
+          environment: ${{ inputs.environment }}
+          gcp-project-id: fuzzy-lemur-${{ inputs.environment }}
+          gcp-auth-key: ${{ secrets.GCP_AUTH_KEY }}
+          repository: "artifacts-0"
+          project-name: "atlasnet"
+          app-name: "explorer"
+          image-name: "explorer"
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,39 @@
+name: deploy
+
+on:
+  push:
+    branches: [ 'main' ]
+
+jobs:
+  release-atlasnet:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/release
+        with:
+          flavor: "atlasnet"
+          repository: "artifacts-0"
+          project-name: "atlasnet"
+          app-name: "explorer"
+          gcp-auth-key: ${{ secrets.GCP_AUTH_KEY }}
+          npm-token: ${{ secrets.NPM_TOKEN }}
+
+  release-universe:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/release
+        with:
+          flavor: "universe"
+          repository: "artifacts-0"
+          project-name: "universe"
+          app-name: "explorer"
+          gcp-auth-key: ${{ secrets.GCP_AUTH_KEY }}
+          npm-token: ${{ secrets.NPM_TOKEN }}
+
+  deploy-test:
+    needs: [ release-atlasnet ]
+    uses: ./.github/workflows/deploy-app.yml
+    with:
+      environment: 'test'
+    secrets: inherit
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
@@ -0,0 +1,47 @@
+name: build-lint-test
+
+on:
+  merge_group:
+  pull_request:
+    branches: ['main']
+    types: [synchronize, opened, reopened]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/build-install
+        with:
+          build: true
+          npm-token: ${{ secrets.NPM_TOKEN }}
+
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/build-install
+        with:
+          npm-token: ${{ secrets.NPM_TOKEN }}
+      - run: pnpm run lint
+
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/build-install
+        with:
+          npm-token: ${{ secrets.NPM_TOKEN }}
+      - run: pnpm test:ci
+
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/release
+        with:
+          repository: 'artifacts-0'
+          project-name: 'atlasnet'
+          app-name: 'explorer'
+          gcp-auth-key: ${{ secrets.GCP_AUTH_KEY }}
+          npm-token: ${{ secrets.NPM_TOKEN }}