Merge backend and frontend to a monorepo

.dockerignore

@@ -0,0 +1,58 @@
+# Blacklisted folders
+#################################################
+node_modules
+**/node_modules
+
+# tests
+**/__tests__
+**/__mocks__
+**/cypress
+
+.git
+.github
+
+**/.env*
+
+# build just in case
+**/build
+**/dist
+
+# caches
+**/.swc
+**/.turbo
+**/.next
+
+# old just in case
+**/.yarn
+
+# pipelines
+**/*azure-pipelines*.yml
+
+# logs
+**/*.log
+
+# misc
+**/.local/
+certificates/
+
+# docs
+**/README.md
+**/LICENSE
+**/CHANGELOG.md
+
+# configs
+**/.nvmrc
+**/.eslintrc*
+**/.babelrc*
+**/.prettierignore
+**/.huskyrc
+**/.eslintignore
+**/.editorconfig
+**/.prettierrc
+**/stylelint.config.js
+**/jest.config.js
+**/jest.setup.js
+**/codegen.yml
+
+# backend
+backend/**

.editorconfig

@@ -0,0 +1,9 @@
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true

.eslintignore

@@ -0,0 +1 @@
+gql-types.ts

.github/dependabot.yml

@@ -16,6 +16,111 @@ updates:
         patterns:
           - "*"
 
+  # Manual updates for npm dependencies that break the app or types.
+  # Why? because we want separate limits of open PRs for those that require manual intervention.
+  # https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit
+  # description of the workaround: https://github.com/dependabot/dependabot-core/issues/1778#issuecomment-1814577069
+  - package-ecosystem: "npm"
+    schedule:
+      # use daily till we are happy with the config and up to date with the deps
+      interval: "daily"
+    directory: "/"
+    pull-request-branch-name:
+      separator: "-"
+    labels:
+      - "dependencies"
+      - "javascript"
+      - "manual"
+    allow:
+      # major updates that break the app
+      - dependency-name: "react"
+      - dependency-name: "react-dom"
+      - dependency-name: "styled-components"
+      - dependency-name: "hds-*"
+      - dependency-name: "date-fns"
+      # all versions break
+      - dependency-name: "turbo"
+      - dependency-name: "@types/node"
+      - dependency-name: "@types/react"
+      - dependency-name: "react-big-calendar"
+    ignore:
+      - dependency-name: "react"
+        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
+      - dependency-name: "react-dom"
+        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
+      - dependency-name: "styled-components"
+        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
+      - dependency-name: "hds-*"
+        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
+      - dependency-name: "date-fns"
+        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
+    groups:
+      react:
+        patterns:
+          - "react"
+          - "react-dom"
+      hds:
+        patterns:
+          - "hds-*"
+
+  # npm dependencies that pass without manual intervention
+  - package-ecosystem: "npm"
+    # required for double configuration of the same package ecosystem
+    target-branch: "main"
+    directory: "/"
+    schedule:
+      # use daily till we are happy with the config and up to date with the deps
+      interval: "daily"
+    pull-request-branch-name:
+      separator: "-"
+    ignore:
+      # turbo requires config changes
+      - dependency-name: "turbo"
+      # types break requiring manual updates
+      - dependency-name: "@types/node"
+      - dependency-name: "@types/react"
+      # major update of React requires a manual review (even if it would pass all checks)
+      - dependency-name: "react"
+        update-types: ["version-update:semver-major"]
+      - dependency-name: "react-dom"
+        update-types: ["version-update:semver-major"]
+      # version 6 has new TS types that OOM during build
+      # also major bump that would break the app even if it did build
+      - dependency-name: "styled-components"
+        update-types: ["version-update:semver-major"]
+      # have to manually update HDS
+      - dependency-name: "hds-*"
+        update-types: ["version-update:semver-major"]
+      # breaks time selecting using drag and drop (at least 1.8.6 -> 1.11.2)
+      - dependency-name: "react-big-calendar"
+      # fails typescript lint
+      - dependency-name: "date-fns"
+        update-types: ["version-update:semver-major"]
+      # requires an upstream upgrade of vercel-style-guide to support a flat config
+      - dependency-name: "eslint"
+        update-types: ["version-update:semver-major"]
+    # NOTE can't do a single group for all it will fail to update
+    # either just accept multiple PRs or do fine grained groups manually
+    groups:
+      nextjs:
+        patterns:
+          - "next"
+          - "next-*"
+          - "@next/*"
+        exclude-patterns:
+          - "next-i18next"
+      i18n:
+        patterns:
+          - "i18next-*"
+          - "react-i18next"
+      hds:
+        patterns:
+          - "hds-*"
+      linter:
+        patterns:
+          - "eslint*"
+          - "prettier*"
+
   # Update Poetry dependencies
   - package-ecosystem: "pip"  # yes, this is correct
     directory: "/"

.github/workflows/build-docker.yml

@@ -0,0 +1,95 @@
+# Generic workflow to build a frontend application and push it to the GitHub Container Registry.
+name: "Build docker"
+
+on:
+  workflow_call:
+    inputs:
+      # Docker build arg / package name suffix: valid values are "admin-ui" or "ui"
+      app-name:
+        required: true
+        type: string
+      # Root url for the application relative to hostname
+      base-url:
+        required: true
+        type: string
+
+env:
+  SKIP_ENV_VALIDATION: "true"
+  REGISTRY: "ghcr.io"
+
+jobs:
+  build-and-push:
+    name: "Build and push Docker images to GitHub Packages"
+    runs-on: ubuntu-latest
+    env:
+      BUILD_APP: ${{ inputs.app-name }}
+      # Relative location for the package registry
+      REPO_NAME: ${{ github.repository }}
+      # Have to be build variable
+      NEXT_PUBLIC_BASE_URL: ${{ inputs.base-url }}
+      # required because error pages use build time env vars, not runtime env vars
+      # it's the same on every environment
+      EMAIL_VARAAMO_EXT_LINK: "https://lomake.hel.fi/varaamo-palaute"
+
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - name: "Checkout code"
+      uses: actions/checkout@v4
+
+    - name: "Set up Docker Buildx"
+      uses: docker/setup-buildx-action@v3
+
+    - name: "Log in to the Container registry"
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    # Repository name needs to be lowercase
+    - name: "Create repository name"
+      id: repo
+      run: >-
+        echo "repo=$(
+          echo ${{ env.REGISTRY }}/${{ env.REPO_NAME }}-${{ env.BUILD_APP }} | tr '[:upper:]' '[:lower:]'
+        )" >> $GITHUB_OUTPUT
+
+    - name: "Extract ui metadata (tags, labels) for Docker"
+      id: meta
+      uses: docker/metadata-action@v5
+      env:
+        DOCKER_METADATA_PR_HEAD_SHA: true
+      with:
+        images: ${{ steps.repo.outputs.repo }}
+        tags: |
+          type=ref,event=tag,priority=3
+          type=sha,prefix=,priority=2
+          type=ref,event=branch,priority=1
+        labels: |
+          org.opencontainers.image.title=Tilavarauspalvelu ${{ env.BUILD_APP }}
+          org.opencontainers.image.description=Tilavarauspalvelu ${{ env.BUILD_APP }} ${{ github.ref_name }}.
+          org.opencontainers.image.version=${{ github.ref_name }}
+
+    - name: "Build container"
+      uses: docker/build-push-action@v6
+      with:
+        context: .
+        push: true
+        secrets: |
+          "sentry_auth_token=${{ secrets.SENTRY_AUTH_TOKEN }}"
+        build-args: |
+          APP=${{ env.BUILD_APP }}
+          NEXT_PUBLIC_BASE_URL=${{ env.NEXT_PUBLIC_BASE_URL }}
+          EMAIL_VARAAMO_EXT_LINK=${{ env.EMAIL_VARAAMO_EXT_LINK }}
+          NEXT_PUBLIC_SOURCE_VERSION=${{ github.sha }}
+          NEXT_PUBLIC_SOURCE_BRANCH_NAME=${{ github.ref_name }}
+          CI=true
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        annotations: ${{ steps.meta.outputs.annotations }}
+        # Use a shared cache to speed up builds
+        cache-from: type=registry,ref=${{ steps.repo.outputs.repo }}:cache
+        cache-to: type=registry,ref=${{ steps.repo.outputs.repo }}:cache,mode=max

.github/workflows/build.yml

@@ -0,0 +1,31 @@
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - "v*"
+  pull_request:
+  workflow_dispatch:
+
+# Cancel a workflow from the same PR, branch or tag when a new workflow is triggered.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  # Build both ui and admin-ui dockers
+  build-ui-docker:
+    name: "Build ui docker"
+    uses: ./.github/workflows/build-docker.yml
+    with:
+      app-name: "ui"
+      base-url: ""
+    secrets: inherit
+
+  build-admin-ui-docker:
+    name: "Build admin ui docker"
+    uses: ./.github/workflows/build-docker.yml
+    with:
+      app-name: "admin-ui"
+      base-url: "/kasittely"
+    secrets: inherit

.github/workflows/changed-packages.yml

@@ -0,0 +1,60 @@
+# Turbo dry run to determine which apps have changed between the latest commit and target or previous commit
+# For PR:s this comparison is done against the main branch
+name: 'Determine changed packages'
+
+on:
+  workflow_call:
+    outputs:
+      changed_packages:
+        description: 'Stringified JSON array of changed packages in this changeset'
+        value: ${{ jobs.dry-run.outputs.changed_packages }}
+      admin_changed:
+        description: 'Indicates if the Admin UI or its dependencies have changed'
+        value: ${{ jobs.dry-run.outputs.admin_changed }}
+      ui_changed:
+        description: 'Indicates if the UI or its dependencies have changed'
+        value: ${{ jobs.dry-run.outputs.ui_changed }}
+
+jobs:
+  dry-run:
+    runs-on: ubuntu-latest
+    env:
+      # TODO why is this named so? why isn't it just GIT_HASH?
+      TURBO_REF_FILTER: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.sha || github.event.before }}
+    outputs:
+      changed_packages: ${{ steps.output-changed-packages.outputs.changed_packages }}
+      admin_changed: ${{ steps.admin-changed.outputs.result }}
+      ui_changed: ${{ steps.ui-changed.outputs.result }}
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Changeset
+        id: changeset
+        run: |
+          echo 'Generating a changeset for ' $TURBO_REF_FILTER
+          echo 'result<<CHANGESET_DELIMITER' >> $GITHUB_OUTPUT
+          # TODO why is there a global-deps flag? removing it didn't fix the issue
+          # FIXME this part is probably broken (the next step fails on CI)
+          echo "$(npx -y turbo build --dry-run=json --filter=...[$TURBO_REF_FILTER]  --global-deps=.github/*)" >> $GITHUB_OUTPUT
+          echo 'CHANGESET_DELIMITER' >> $GITHUB_OUTPUT
+
+      - name: Output changed packages
+        id: output-changed-packages
+        run: |
+          echo 'Saving the changeset for ' $TURBO_REF_FILTER
+          echo 'changed_packages<<CHANGED_PACKAGES_DELIMITER' >> $GITHUB_OUTPUT
+          echo "${{ toJSON(fromJSON(steps.changeset.outputs.result).packages) }}" >> $GITHUB_OUTPUT
+          echo 'CHANGED_PACKAGES_DELIMITER' >> $GITHUB_OUTPUT
+
+      - name: Did the Admin UI or its dependencies change?
+        id: admin-changed
+        if: ${{ contains(fromJSON(steps.changeset.outputs.result).packages, 'admin-ui') }}
+        run: echo "result=true" >> $GITHUB_OUTPUT
+
+      - name: Did the UI or its dependencies change?
+        id: ui-changed
+        if: ${{ contains(fromJSON(steps.changeset.outputs.result).packages, 'ui') }}
+        run: echo "result=true" >> $GITHUB_OUTPUT