Initail commit

Author: shuntaka9576

.cspell/aws.txt

@@ -0,0 +1,14 @@
+firelens
+fargate
+nacl
+cloudfront
+cloudwatch
+codebuild
+codepipeline
+cognito
+cidr
+secretsmanager
+customresources
+amazonaws
+apigateway
+buildspec

.cspell/middleware.txt

@@ -0,0 +1 @@
+fluentbit

.cspell/mysql.txt

@@ -0,0 +1,4 @@
+autocommit
+slowquery
+mysqld
+infile

.cspell/node.txt

@@ -0,0 +1,9 @@
+nestjs
+wafv2
+elasticloadbalancingv
+deregistration
+elbv
+kysely
+graphql
+datasource
+biomejs

.dockerignore

@@ -0,0 +1,12 @@
+*
+!packages/server/package.json
+!packages/server/tsconfig.build.json
+!packages/server/tsconfig.json
+!packages/server/schema.prisma
+!packages/server/.env
+!packages/server/src
+!pnpm-lock.yaml
+!pnpm-workspace.yaml
+!package.json
+!.eslintrc.json
+!schema.graphql

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @shuntaka9576 @tomoki10

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,14 @@
+---
+name: Feature request
+about: このリポジトリに追加して欲しい機能やドキュメントなどを記載
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+## 機能概要
+
+## 解決策
+
+## 参考情報

.github/actions/setup-node/action.yml

@@ -0,0 +1,25 @@
+name: Setup node
+description: Setup Node and restore cache
+
+runs:
+  using: 'composite'
+  steps:
+    - uses: actions/setup-node@v4
+      with:
+        node-version-file: './.node-version'
+
+    - uses: pnpm/action-setup@v4
+
+    - name: Restore node modules
+      uses: actions/cache@v4
+      id: cache_dependency
+      env:
+        cache-name: cache-dependency
+      with:
+        path: '**/node_modules'
+        key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('pnpm-lock.yaml') }}
+
+    - name: Install node modules
+      if: ${{ steps.cache_dependency.outputs.cache-hit != 'true' }}
+      shell: bash
+      run: pnpm install --frozen-lockfile

.github/dependabot.yml

@@ -0,0 +1,14 @@
+version: 2
+updates:
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      # MEMO: daily だとアクティブに開発をしていない期間に PR の作成頻度が過剰となるため、weekly を指定。
+      interval: weekly
+    groups:
+      minor-and-patch:
+        patterns:
+          - '*'
+        update-types:
+          - minor
+          - patch

.github/workflows/add-issue-to-project.yml

@@ -0,0 +1,16 @@
+name: ADD_ISSUE_TO_PROJECT
+
+on:
+  issues:
+    types:
+      - opened
+
+jobs:
+  add-to-project:
+    name: Add issue to project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+        with:
+          project-url: https://github.com/orgs/cm-cxlabs/projects/2
+          github-token: ${{ secrets.ADD_TO_PROJECT_PAT }}

.github/workflows/ci.yml

@@ -0,0 +1,21 @@
+name: CI
+
+on: [push]
+
+jobs:
+  ci:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    environment: ${{ inputs.stageName }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup node
+        uses: ./.github/actions/setup-node
+
+      - name: CI
+        shell: bash
+        run: |
+          pnpm run lint
+          pnpm run test

.github/workflows/deploy.yml

@@ -0,0 +1,34 @@
+name: DEPLOY_INFRA
+
+env:
+  TZ: 'Asia/Tokyo'
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - packages/server/**
+      - packages/iac/**
+      - .github/workflows/workflow-create-container.yml
+      - .github/workflows/workflow-deploy-infra.yml
+      - .github/workflows/deploy.yml
+      - pnpm-lock.yaml
+
+jobs:
+  build-container:
+    name: build container dev
+    uses: ./.github/workflows/workflow-create-container.yml
+    with:
+      stageName: dev
+      imageName: icasu-ecs-fargate-sample-app
+    secrets: inherit
+
+  deploy-infra:
+    name: deploy infra dev
+    uses: ./.github/workflows/workflow-deploy-infra.yml
+    needs:
+      - build-container
+    with:
+      stageName: dev
+    secrets: inherit

.github/workflows/workflow-create-container.yml

@@ -0,0 +1,66 @@
+name: WORK_FLOW_CREATE_CONTAINER
+
+on:
+  workflow_call:
+    inputs:
+      stageName:
+        required: true
+        type: string
+      imageName:
+        required: true
+        type: string
+
+env:
+  PROJECT_NAME: icasu-ecs-fargate
+  CACHE_PATH: /tmp/.buildx-cache-icasu-ecs-fargate-sample-app
+
+permissions:
+  id-token: write
+  contents: read
+  actions: read
+
+jobs:
+  create-container:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    environment: ${{ inputs.stageName }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Cache Docker layers
+        uses: actions/cache@v4
+        with:
+          path: ${{ env.CACHE_PATH }}
+          key: ${{ runner.os }}-${{ env.CACHE_PATH }}-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-${{ env.CACHE_PATH }}
+      - name: Create tag
+        run: |
+          COMMIT_HASH=$(git rev-parse --short "$GITHUB_SHA")
+          TAG=${{ vars.AWS_ACCOUNT_ID }}.dkr.ecr.ap-northeast-1.amazonaws.com/${{ inputs.imageName }}:$COMMIT_HASH
+          echo "TAGS=$TAG" >> $GITHUB_ENV
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/${{ env.PROJECT_NAME }}-assume-role
+          aws-region: ap-northeast-1
+      - name: Login to Amazon ECR
+        uses: aws-actions/amazon-ecr-login@v2
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          tags: ${{ env.TAGS }}
+          push: true
+          platforms: linux/amd64
+          file: Dockerfile.server
+          provenance: false
+          cache-from: type=local,src=${{ env.CACHE_PATH }}
+          cache-to: type=local,dest=${{ env.CACHE_PATH }}-new,mode=max
+      - name: Move cache
+        run: |
+          rm -rf ${{ env.CACHE_PATH }}
+          mv ${{ env.CACHE_PATH }}-new ${{ env.CACHE_PATH }}

.github/workflows/workflow-deploy-infra.yml

@@ -0,0 +1,62 @@
+name: WORK_FLOW_DEPLOY_INFRA
+
+on:
+  workflow_call:
+    inputs:
+      stageName:
+        required: true
+        type: string
+env:
+  PROJECT_NAME: icasu-ecs-fargate
+
+permissions:
+  id-token: write
+  contents: read
+  actions: read
+
+jobs:
+  deploy-infra:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    environment: ${{ inputs.stageName }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup node
+        uses: ./.github/actions/setup-node
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/${{ env.PROJECT_NAME }}-assume-role
+          aws-region: ap-northeast-1
+
+      - name: Create deploy container hash
+        shell: bash
+        run: |
+          COMMIT_HASH=$(git rev-parse --short "$GITHUB_SHA")
+          echo "imageTag=$COMMIT_HASH" >> $GITHUB_ENV
+
+      - name: Deploy infra
+        shell: bash
+        run: |
+          export CDK_DEFAULT_ACCOUNT=${{ vars.AWS_ACCOUNT_ID }}
+          export CDK_DEFAULT_REGION="ap-northeast-1"
+
+          cd ./packages/iac
+
+          pnpm cdk deploy \
+            -c environment=${{ inputs.stageName }} \
+            ${{ inputs.stageName }}-${{ env.PROJECT_NAME }}-deploy-role-stack \
+            --require-approval never
+          pnpm cdk deploy \
+            -c environment=${{ inputs.stageName }} \
+            ${{ inputs.stageName }}-${{ env.PROJECT_NAME }}-ecr-stack \
+            --require-approval never
+          pnpm cdk deploy \
+            -c environment=${{ inputs.stageName }} \
+            -c imageTag=${{ env.imageTag }} \
+            ${{ inputs.stageName }}-${{ env.PROJECT_NAME }}-infra-stack \
+            --require-approval never

.gitignore

@@ -0,0 +1,15 @@
+*.js
+!jest.config.js
+!.eslintrc.js
+*.d.ts
+node_modules
+
+# CDK asset staging directory
+.cdk.staging
+cdk.out
+
+# サンプルコード開発用の環境設定をコミットしないためcdk.context.jsonはコミット対象外としている
+# 開発で利用する場合は削除すること
+cdk.context.json
+
+.cspellcache

.node-version

@@ -0,0 +1 @@
+20.9.0

.npmrc

@@ -0,0 +1,2 @@
+engine-strict=true
+save-exact=true

.vscode/settings.json

@@ -0,0 +1,8 @@
+{
+  "editor.formatOnSave": true,
+  "editor.defaultFormatter": "biomejs.biome",
+  "editor.codeActionsOnSave": {
+    "source.organizeImports.biome": "explicit",
+    "quickfix.biome": "explicit"
+  }
+}

Dockerfile.server

@@ -0,0 +1 @@
+./packages/server/Dockerfile