chore: grooming project (#1)

Author: chrisleekr

.branch-name-list.json

@@ -0,0 +1,39 @@
+{
+  "branchNameLinter": {
+    "prefixes": [
+      "feat",
+      "fix",
+      "docs",
+      "style",
+      "refactor",
+      "test",
+      "chore",
+      "perf",
+      "build",
+      "ci",
+      "revert",
+      "localize",
+      "bump"
+    ],
+    "suggestions": {
+      "feature": "feat",
+      "fixing": "fix",
+      "document": "doc",
+      "styling": "style",
+      "refactoring": "refactor",
+      "testing": "test",
+      "performance": "perf",
+      "reverting": "revert",
+      "localise": "localize"
+    },
+    "banned": ["wip"],
+    "skip": [],
+    "disallowed": ["master", "main", "develop", "staging"],
+    "separator": "/",
+    "msgBranchBanned": "Branches with the name \"%s\" are not allowed.",
+    "msgBranchDisallowed": "Pushing to \"%s\" is not allowed, use git-flow.",
+    "msgPrefixNotAllowed": "Branch prefix \"%s\" is not allowed.",
+    "msgPrefixSuggestion": "Instead of \"%s\" try \"%s\".",
+    "msgseparatorRequired": "Branch \"%s\" must contain a separator \"%s\"."
+  }
+}

.commitlintrc.json

@@ -0,0 +1,24 @@
+{
+  "extends": ["@commitlint/config-conventional"],
+  "rules": {
+    "type-enum": [
+      2,
+      "always",
+      [
+        "feat",
+        "fix",
+        "docs",
+        "style",
+        "refactor",
+        "test",
+        "chore",
+        "perf",
+        "build",
+        "ci",
+        "revert",
+        "localize",
+        "bump"
+      ]
+    ]
+  }
+}

.editorconfig

@@ -0,0 +1,7 @@
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+indent_style = space
+indent_size = 2

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,24 @@
+<!--
+Thanks for your contribution!
+Please check the following to make sure your contribution follows our guideline when developing.
+-->
+
+## Description
+
+<!-- Describe your changes in detail -->
+
+## Related Issues
+
+<!-- Link any related issues here -->
+
+- Closes #(issue number)
+
+## Testing
+
+- [ ] I have tested these changes locally
+- [ ] I have added/updated tests as needed
+- [ ] All existing tests pass
+
+## Screenshots/Recordings
+
+<!-- Add screenshots or recordings if your changes affect the UI -->

.github/dependabot.yml

@@ -0,0 +1,30 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      day: "monday"
+      interval: "monthly"
+      time: "09:00"
+      timezone: "Australia/Melbourne"
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      day: "monday"
+      interval: "monthly"
+      time: "09:00"
+      timezone: "Australia/Melbourne"
+    pull-request-branch-name:
+      separator: "-"
+    open-pull-requests-limit: 99
+    target-branch: main
+    ignore:
+      - dependency-name: "husky"
+        versions:
+          - ">= 7"
+      - dependency-name: "@types/node"
+        versions:
+          - ">= 22"
+    commit-message:
+      prefix: chore
+      include: scope

.github/labeler.yml

@@ -0,0 +1,26 @@
+"type: feature ✨":
+  title: '^feat(\(.+\))?:.*'
+"type: fix 🐞":
+  title: '^fix(\(.+\))?:.*'
+"type: docs 📋":
+  title: '^docs(\(.+\))?:.*'
+"type: style 🎨":
+  title: '^style(\(.+\))?:.*'
+"type: refactor 🔧":
+  title: '^refactor(\(.+\))?:.*'
+"type: test 🧪":
+  title: '^test(\(.+\))?:.*'
+"type: chore 🧹":
+  title: '^chore(\(.+\))?:.*'
+"type: perf ⚡":
+  title: '^perf(\(.+\))?:.*'
+"type: build 🔨":
+  title: '^build(\(.+\))?:.*'
+"type: ci ⚙️":
+  title: '^ci(\(.+\))?:.*'
+"type: revert ↩️":
+  title: '^revert(\(.+\))?:.*'
+"type: localize 🌐":
+  title: '^localize(\(.+\))?:.*'
+"type: bump 📦":
+  title: '^bump(\(.+\))?:.*'

.github/workflows/docker-build.yml

@@ -0,0 +1,142 @@
+name: Docker Build & Push
+
+on:
+  workflow_call:
+    inputs:
+      tag-name:
+        description: "The tag name to build (e.g., v1.0.0)"
+        required: true
+        type: string
+      is-dev-release:
+        description: "Whether this is a dev/pre-release"
+        required: false
+        type: boolean
+        default: false
+  workflow_dispatch:
+    inputs:
+      tag-name:
+        description: "The tag name to build (e.g., v1.0.0)"
+        required: true
+        type: string
+      is-dev-release:
+        description: "Whether this is a dev/pre-release"
+        required: false
+        type: boolean
+        default: false
+
+jobs:
+  docker:
+    name: Build & Push Docker Image
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # Fetch all history and tags
+
+      - name: Checkout specific tag
+        run: |
+          TAG_NAME="${{ inputs.tag-name }}"
+          echo "Checking out tag: $TAG_NAME"
+          git checkout $TAG_NAME
+
+          # Verify we're on the correct tag
+          CURRENT_TAG=$(git describe --exact-match --tags HEAD 2>/dev/null || echo "no-tag")
+          echo "Current tag after checkout: $CURRENT_TAG"
+
+          if [ "$CURRENT_TAG" != "$TAG_NAME" ]; then
+            echo "ERROR: Failed to checkout tag $TAG_NAME. Currently on: $CURRENT_TAG"
+            exit 1
+          fi
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+          cache: "npm"
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build project
+        run: npm run build
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract version and build metadata
+        id: meta
+        run: |
+          TAG_NAME="${{ inputs.tag-name }}"
+          PACKAGE_VERSION="${TAG_NAME#v}"
+          GIT_HASH=$(git rev-parse --short HEAD)
+          IS_DEV_RELEASE=${{ inputs.is-dev-release }}
+
+          echo "PACKAGE_VERSION=$PACKAGE_VERSION" >> $GITHUB_ENV
+          echo "GIT_HASH=$GIT_HASH" >> $GITHUB_ENV
+          echo "IS_DEV_RELEASE=$IS_DEV_RELEASE" >> $GITHUB_ENV
+
+          echo "Package Version: $PACKAGE_VERSION"
+          echo "Git Hash: $GIT_HASH"
+          echo "Is Dev Release: $IS_DEV_RELEASE"
+
+      - name: Generate Docker tags and labels
+        id: docker-meta
+        uses: docker/metadata-action@v5
+        with:
+          images: chrisleekr/test-github-actions
+          tags: |
+            type=raw,value=${{ env.PACKAGE_VERSION }}
+            type=raw,value=latest,enable=${{ env.IS_DEV_RELEASE == 'false' }}
+          labels: |
+            org.opencontainers.image.version=${{ env.PACKAGE_VERSION }}
+            org.opencontainers.image.revision=${{ env.GIT_HASH }}
+
+      - name: Build and push Docker image - Dev/Alpha
+        if: env.IS_DEV_RELEASE == 'true'
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: Dockerfile
+          platforms: linux/arm64
+          push: true
+          target: production-stage
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          build-args: |
+            PACKAGE_VERSION=${{ env.PACKAGE_VERSION }}
+            GIT_HASH=${{ env.GIT_HASH }}
+            NODE_ENV=production
+          tags: ${{ steps.docker-meta.outputs.tags }}
+          labels: ${{ steps.docker-meta.outputs.labels }}
+
+      - name: Build and push Docker image - Production
+        if: env.IS_DEV_RELEASE == 'false'
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          target: production-stage
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          build-args: |
+            PACKAGE_VERSION=${{ env.PACKAGE_VERSION }}
+            GIT_HASH=${{ env.GIT_HASH }}
+            NODE_ENV=production
+          tags: ${{ steps.docker-meta.outputs.tags }}
+          labels: ${{ steps.docker-meta.outputs.labels }}
+
+      - name: Image digest
+        run: echo "Image pushed with digest ${{ steps.docker-meta.outputs.digest }}"

.github/workflows/generate-labels.yml

@@ -0,0 +1,14 @@
+name: "Generate Labels"
+
+on:
+  pull_request:
+    types: [opened, edited, synchronize]
+
+jobs:
+  label:
+    name: "Label PR based on title"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: srvaroa/labeler@v1
+        env:
+          GITHUB_TOKEN: ${{ github.token }}

.github/workflows/merge-dependencies.yml

@@ -0,0 +1,26 @@
+name: "Merge Dependencies"
+
+# https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/
+on: [pull_request_target]
+
+permissions:
+  pull-requests: write
+  contents: write
+
+jobs:
+  auto-merge:
+    runs-on: ubuntu-latest
+    if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
+    steps:
+      # https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request#about-auto-merge
+      - name: "Enable auto-merge on PR"
+        run: gh pr merge --auto --squash "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          # https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: "Approve PR"
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}