initial commit

.dockerignore

@@ -0,0 +1,15 @@
+.git/
+.github/
+.swc/
+.vscode/
+node_modules/
+docs/
+target/
+.env*
+.gitignore
+pnpm-lock.yaml
+compose-*.yml
+CODE_OF_CONDUCT.md
+README.md
+static/*
+!static/robots.txt

.editorconfig

@@ -0,0 +1,24 @@
+# editorconfig.org
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = space
+indent_size = 2
+max_line_length = 100
+
+[*.{json,jsonc,plist}]
+max_line_length = off
+indent_size = 4
+
+[*.txt]
+insert_final_newline = false
+trim_trailing_whitespace = false
+max_line_length = off
+indent_size = 2
+
+[{Makefile,**.mk}]
+indent_style = tab

.env.example

@@ -0,0 +1,4 @@
+APP_BASE_URL=
+APP_SECRET_KEY=
+LIBSQL_CLIENT_URL=http://localhost:8080
+LIBSQL_CLIENT_TOKEN=

.github/FUNDING.yml

@@ -0,0 +1,13 @@
+# These are supported funding model platforms
+
+github: [riipandi] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,17 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ""
+labels: bug
+assignees: ""
+---
+
+## Describe the bug
+
+A clear and concise description of what the bug is.
+
+## How To Reproduce (best to provide workable code or tests!)
+
+Please provide code that can be ran in a stand alone fashion that will reproduce the error.
+If you can provide a test that will be even better. If you can't provide code, please provide
+a detailed description of how to reproduce the error.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,15 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ""
+labels: enhancement
+assignees: ""
+---
+
+## Is your feature request related to a problem? Please describe.
+
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+## Describe the solution you'd like
+
+A clear and concise description of what you want to happen.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,7 @@
+**Please check if the PR fulfills these requirements**
+
+-   [ ] Followed the [Contributing](../CONTRIBUTING.md) guidelines.
+-   [ ] Tests for the changes have been added (for bug fixes/features) with 100% code coverage.
+-   [ ] Docs have been added / updated (for bug fixes / features)
+
+**What kind of change does this PR introduce?** (Bug fix, feature, docs update, ...)

.github/SECURITY.md

@@ -0,0 +1,14 @@
+# Security Policy
+
+If you discover a security vulnerability within this project, please send
+an e-mail to <aris@duck.com>. Once the issue has been validated, we will
+open a [Github Security Advisory][github-security-advisories], if necessary.
+
+Once the security advisory has been opened, contributors can collaborate on
+a private fork to fix the vulnerability. When the issue has been resolved,
+we will alert users of the past vulnerability by publishing the security
+advisory.
+
+All reports will be promptly addressed, and you'll be credited accordingly.
+
+[github-security-advisories]: https://docs.github.com/en/code-security/repository-security-advisories/about-github-security-advisories-for-repositories

.github/setup-sdk/action.yml

@@ -0,0 +1,40 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-action.json
+
+# @reference: https://stackoverflow.com/questions/59813998/github-actions-splitting-workflow-file
+# @reference: https://docs.github.com/en/actions/creating-actions/creating-a-composite-action
+
+name: setup-sdk
+description: Prepare build environment
+
+inputs:
+  nodeVersion:
+    description: 'Nodejs version'
+    required: false
+    default: '20'
+  pnpmVersion:
+    description: 'PNPM version'
+    required: false
+    default: '8'
+
+runs:
+  using: composite
+  steps:
+    - uses: actions/setup-node@v4
+      with:
+        node-version: ${{ inputs.nodeVersion }}
+
+    - uses: pnpm/action-setup@v2
+      with:
+        version: ${{ inputs.pnpmVersion }}
+        run_install: false
+
+    - name: Get pnpm store directory
+      shell: bash
+      run: echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
+
+    - uses: actions/cache@v3
+      name: Setup pnpm cache
+      with:
+        path: ${{ env.STORE_PATH }}
+        key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
+        restore-keys: ${{ runner.os }}-pnpm-store-

.github/workflows/cleanup.yml

@@ -0,0 +1,34 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
+name: Cleanup
+
+on:
+  schedule:
+    - cron: '0 0 * * 0'
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+permissions:
+  actions: write
+
+jobs:
+  clean-cache:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/github-script@v6
+        with:
+          script: |
+            console.log("About to clear")
+            const caches = await github.rest.actions.getActionsCacheList({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+            })
+            for (const cache of caches.data.actions_caches) {
+              console.log(cache)
+              github.rest.actions.deleteActionsCacheById({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                cache_id: cache.id,
+              })
+            }
+            console.log("Clear completed")

.github/workflows/release.yml

@@ -0,0 +1,101 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
+# git tag --delete v0.1.1
+# git tag v0.1.1 -m "version bump"
+# git push origin --tags
+
+name: Release
+
+on:
+  push:
+    tags:
+      - "v*.*.*"
+
+permissions:
+  contents: write
+  packages: write
+
+env:
+  HUSKY: 0
+
+jobs:
+  build-release:
+    name: Build release
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Run actions/setup-sdk@local
+        uses: ./.github/setup-sdk
+
+      - name: Get current tag
+        id: current_tag
+        shell: bash
+        run: echo "PKG_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
+
+      - if: ${{ steps.pnpm-cache.outputs.cache-hit != 'true' }}
+        name: Install dependencies
+        run: pnpm install
+
+      - name: Build the application
+        run: pnpm build
+        env:
+          NODE_ENV: production
+
+      - name: Release new version
+        uses: softprops/action-gh-release@v1
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          name: Trusty ${{ env.PKG_VERSION }}
+          tag_name: ${{ env.PKG_VERSION }}
+          body: "⚠️ Changelog not yet provided."
+          prerelease: true
+          draft: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  release-to-ghcr:
+    needs: [build-release]
+    name: Release Docker container
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-buildx-action@v2
+
+      - name: Get current tag
+        id: current_tag
+        shell: bash
+        run: echo "PKG_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
+
+      - name: Log in to ghcr.io
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/riipandi/trusty
+          tags: |
+            type=semver,pattern={{version}},value=${{ env.PKG_VERSION }}
+            type=semver,pattern={{major}}.{{minor}},value=${{ env.PKG_VERSION }}
+            type=semver,pattern={{major}},value=${{ env.PKG_VERSION }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          build-args: PKG_VERSION=${{ env.PKG_VERSION }}
+          platforms: linux/amd64,linux/arm64/v8
+          labels: ${{ steps.meta.outputs.labels }}
+          tags: ${{ steps.meta.outputs.tags }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/test.yml

@@ -0,0 +1,50 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
+name: Test
+
+on:
+  push:
+    branches: ['**']
+    tags-ignore: ['*']
+  pull_request:
+
+permissions: read-all
+
+env:
+  HUSKY: 0
+
+jobs:
+  test:
+    name: Test
+    strategy:
+      matrix:
+        # ubuntu-latest, macOS-latest, windows-2019
+        os: [ubuntu-latest]
+        node-version: [20]
+      fail-fast: false
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Run actions/setup-sdk@local
+        uses: ./.github/setup-sdk
+        with:
+          nodeVersion: ${{ matrix.node-version }}
+
+      - if: ${{ steps.pnpm-cache.outputs.cache-hit != 'true' }}
+        name: Install dependencies
+        run: pnpm install
+
+      - name: Check code quality
+        run: |
+          pnpm exec biome check --apply .
+          pnpm exec biome format . --write
+          pnpm exec biome lint --apply .
+
+      - name: Build the application
+        run: pnpm build
+        env:
+          NODE_ENV: production