Initial Open-Source Commit

Co-Authored-By: eguerrant <[email protected]> Co-Authored-By: Arbo <[email protected]> Co-Authored-By: salehio <[email protected]>
TNMDevTeam · Mar 27, 2024 · 70e4df6 · 70e4df6
commit 70e4df6
Show file tree

Hide file tree

Showing 210 changed files with 81,356 additions and 0 deletions.
diff --git a/.flaskenv b/.flaskenv
@@ -0,0 +1,3 @@
+FLASK_APP="api.app:create_app"
+FLASK_RUN_PORT=6060
+FLASK_ENV=development
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,48 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    groups:
+      pip-major:
+        patterns:
+          - "*"
+        update-types:
+        - "major"
+      pip-minor:
+        patterns:
+          - "*"
+        update-types:
+        - "minor"
+        - "patch"
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    groups:
+      npm-major:
+        patterns:
+          - "*"
+        update-types:
+        - "major"
+      npm-minor:
+        patterns:
+          - "*"
+        update-types:
+        - "minor"
+        - "patch"
+  - package-ecosystem: "github-actions"
+    # Workflow files stored in the
+    # default location of `.github/workflows`
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    groups:
+      github-action-group:
+        patterns:
+          - "*"
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,43 @@
+name: Test Python
+
+on:
+  - push
+  - pull_request
+
+jobs:
+  python-test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.12"]
+
+    services:
+      postgres:
+        # Docker Hub image
+        image: postgres
+        # Provide the password for postgres
+        env:
+          POSTGRES_PASSWORD: postgres
+        # Set health checks to wait until postgres has started
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          # Maps tcp port 5432 on service container to the host
+          - 5432:5432
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install tox tox-gh-actions
+      - name: Test with tox
+        run: tox -e test
+      - name: Test with tox with postgresql
+        run: tox -e test-with-postgresql
diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
@@ -0,0 +1,49 @@
+name: Docker Image CI
+
+on:
+  push:
+    branches:
+     - main
+
+jobs:
+  docker-release:
+    name: Docker release to Google Artifact Registry
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: "read"
+      id-token: "write"
+
+    steps:
+      - id: checkout
+        name: Checkout
+        uses: actions/checkout@v4
+
+      - id: auth
+        name: Authenticate with Google Cloud
+        uses: google-github-actions/auth@v2
+        with:
+          token_format: access_token
+          workload_identity_provider: projects/259610024247/locations/global/workloadIdentityPools/github-actions/providers/github-actions-access
+          service_account: [email protected]
+          access_token_lifetime: 300s
+
+      - name: Login to Artifact Registry
+        uses: docker/login-action@v3
+        with:
+          registry: us-east1-docker.pkg.dev
+          username: oauth2accesstoken
+          password: ${{ steps.auth.outputs.access_token }}
+
+      - id: docker-push-tagged
+        name: Tag Docker image and push to Google Artifact Registry
+        uses: docker/build-push-action@v5
+        with:
+          push: true
+          tags: |
+            us-east1-docker.pkg.dev/discord-access-prd/access/access:latest
+          build-args: |
+            SENTRY_RELEASE=${{ github.sha }}
+            PUSH_SENTRY_RELEASE=true
+          secrets: |
+            "SENTRY_CLI_RC=${{ secrets.SENTRY_CLI_RC }}"
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -0,0 +1,38 @@
+name: Linting and formatting checks
+
+on:
+  - push
+  - pull_request
+
+jobs:
+  node-lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - name: Install dependencies
+        run: npm ci
+      - name: Check prettier formatting
+        run: npx prettier --check .
+  python-lint:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.12"]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: chartboost/ruff-action@v1
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install tox tox-gh-actions
+      - name: Run ruff
+        run: tox -e ruff
+      - name: Run mypy
+        run: tox -e mypy
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
@@ -0,0 +1,21 @@
+name: Semgrep
+on:
+  workflow_dispatch: {}
+  push:
+    branches:
+      - main
+  schedule:
+    # random HH:MM to avoid a load spike on GitHub Actions at 00:00
+    - cron: '25 15 * * 1'
+jobs:
+  semgrep:
+    name: semgrep/ci
+    runs-on: ubuntu-latest
+    env:
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
+    container:
+      image: returntocorp/semgrep
+    if: (github.actor != 'dependabot[bot]')
+    steps:
+      - uses: actions/checkout@v4
+      - run: semgrep ci