chore: import upstream snapshot with attribution
Lint and Format Check / lint-and-format (push) Failing after 0s
Check Migrations / Check for duplicate migration numbers (push) Failing after 1s
CI Pre-merge Check / CI Pre-merge Check (push) Failing after 2m17s

This commit is contained in:
wehub-resource-sync
2026-07-13 12:23:40 +08:00
commit 3a28426bf4
1399 changed files with 257375 additions and 0 deletions
+1
View File
@@ -0,0 +1 @@
github: [InsForge]
+36
View File
@@ -0,0 +1,36 @@
name: 🐛 Bug Report
description: Report a bug to help us improve
title: "[Bug]: "
labels: ["bug", "needs-triage"]
assignees: []
body:
- type: markdown
attributes:
value: |
Thanks for reporting a bug! Fill out what you can - we'll figure out the rest together.
- type: textarea
id: what-happened
attributes:
label: What's the bug?
description: Describe what went wrong
placeholder: Tell us what happened...
validations:
required: true
- type: textarea
id: steps-reproduce
attributes:
label: How to reproduce
description: Steps to trigger the bug (if you know them)
placeholder: |
1. Do this...
2. Then this...
3. Bug happens
- type: textarea
id: environment
attributes:
label: Environment (optional)
description: What are you running? (OS, browser, version, etc.)
placeholder: e.g., macOS, Chrome, Docker, Node 20...
+11
View File
@@ -0,0 +1,11 @@
blank_issues_enabled: false
contact_links:
- name: 📚 Documentation
url: https://docs.insforge.dev
about: Check our documentation for common questions and setup guides
- name: 💬 Discussions
url: https://github.com/InsForge/InsForge/discussions
about: Ask questions and discuss ideas with the community
- name: 🆘 Discord Support
url: https://discord.com/invite/MPxwj5xVvW
about: Get help with installation, configuration, and usage
@@ -0,0 +1,26 @@
name: ✨ Feature Request
description: Suggest an idea or enhancement
title: "[Feature]: "
labels: ["enhancement", "needs-triage"]
assignees: []
body:
- type: markdown
attributes:
value: |
Have an idea? Share it! We'd love to hear what you're thinking.
- type: textarea
id: feature-description
attributes:
label: What feature do you want?
description: Describe your idea
placeholder: I'd like to be able to...
validations:
required: true
- type: textarea
id: why
attributes:
label: Why do you need this?
description: What problem does it solve?
placeholder: This would help me...
+7
View File
@@ -0,0 +1,7 @@
## Summary
<!-- Briefly describe what this PR does -->
## How did you test this change?
<!-- Describe how you tested this PR -->
+147
View File
@@ -0,0 +1,147 @@
# Project Overview
InsForge is an open-source Backend-as-a-Service (BaaS) platform designed specifically for AI agents. It provides a comprehensive solution for managing backend services including authentication, database operations, storage, and serverless functions, all accessible through REST APIs with PostgreSQL as the primary database.
## Architecture
This is a monorepo containing:
- **Backend**: Node.js with Express.js, providing RESTful APIs
- **Frontend**: React with Vite, offering an admin dashboard
- **Functions**: Serverless function runtime using Deno
- **Shared-schemas**: Common TypeScript schemas shared across modules
## Folder Structure
- `/backend`: Node.js backend server
- `/src/api`: API routes and middleware
- `/src/controllers`: Business logic controllers
- `/src/core`: Core services (auth, database, storage, metadata)
- `/src/types`: TypeScript type definitions
- `/src/utils`: Utility functions and helpers
- `/frontend`: React dashboard application
- `/src/components`: Reusable UI components
- `/src/features`: Feature-specific modules (auth, database, storage, logs)
- `/src/lib`: Shared libraries, hooks, and utilities
- `/functions`: Serverless function runtime
- `/shared-schemas`: Shared TypeScript schemas
- `/docker-init`: Docker initialization scripts
- `/openapi`: API documentation in OpenAPI format
- `/tests`: Comprehensive test suites
## Libraries and Frameworks
### Backend
- Express.js for REST API framework
- PostgreSQL with pg driver for database
- Better-auth for authentication
- AWS SDK for S3-compatible storage
- Zod for schema validation
- JWT for token management
- TypeScript for type safety
### Frontend
- React 19 with functional components
- Vite for build tooling
- TanStack Query for data fetching
- React Hook Form with Zod validation
- Tailwind CSS for styling
- Radix UI for accessible component primitives
- React Router for navigation
- TypeScript for type safety
## Coding Standards
### General
- Use TypeScript for all code files
- Prefer descriptive, unabbreviated variable and function names
- Follow consistent file naming: kebab-case for files, PascalCase for components
- Maintain clear folder structure with feature-based organization
- Use ES modules (import/export syntax)
- Implement proper error handling with try-catch blocks
- Add appropriate logging for debugging
### Backend Specific
- Use async/await for asynchronous operations
- Implement proper middleware for authentication and error handling
- Follow RESTful conventions for API endpoints
- Use Zod schemas for request/response validation
- Return consistent API responses using utility functions
- Implement proper database transaction handling
### Frontend Specific
- Use functional components with hooks exclusively
- Implement proper TypeScript interfaces for all props
- Use React Hook Form for form handling
- Follow component composition patterns
- Implement proper loading and error states
- Use TanStack Query for server state management
- Keep components focused and single-purpose
#### Naming Conventions
- **Variables, parameters, properties, and functions**: Use camelCase
- Examples: `userName`, `getUserData()`, `isLoading`
- **React components and TypeScript types/interfaces**: Use PascalCase
- Examples: `UserProfileDialog`, `interface User`, `type TableSchema`
- **Constants and Enum members**: Use UPPER_CASE
- Examples: `const API_BASE_URL`, `enum Status { ACTIVE, INACTIVE }`
- **File naming**:
- Components: `PascalCase.tsx` (e.g., `DataGrid.tsx`)
- Hooks: `use` + `PascalCase.ts` (e.g., `useAuth.ts`)
- Services: `camelCase.service.ts` (e.g., `auth.service.ts`)
- Utils: `kebab-case.ts` or `camelCase.ts` (e.g., `database-utils.ts`)
- **No snake_case**: Avoid snake_case except in SQL queries and external APIs
### Code Style
- Use single quotes for strings
- Include semicolons at the end of statements
- Use arrow functions for callbacks and inline functions
- Prefer const over let, avoid var
- Use template literals for string interpolation
- Maintain consistent indentation (2 spaces)
- Format code with Prettier configuration
## UI Guidelines
- Follow a clean, modern design with consistent spacing
- Use Radix UI primitives for accessibility
- Maintain consistent color scheme using CSS variables
- Use appropriate loading skeletons for data fetching
- Display clear error messages with actionable feedback
- Implement proper form validation with inline errors
- Use consistent icon set from lucide-react
## Testing Standards
- Implement integration tests for API endpoints
- Maintain test coverage above 70%
- Mock external dependencies appropriately
## Security Considerations
- Never commit secrets or API keys
- Use environment variables for configuration
- Implement proper authentication and authorization
- Validate all user inputs
- Sanitize data before database operations
- Use prepared statements for SQL queries
- Implement rate limiting for API endpoints
- Follow OWASP security best practices
## Performance Guidelines
- Implement proper database indexing
- Use pagination for large data sets
- Optimize React component re-renders
- Implement proper caching strategies
- Use lazy loading for code splitting
- Optimize bundle size with proper imports
- Monitor and log performance metrics
## Documentation
- Document all API endpoints with clear descriptions
- Include JSDoc comments for complex functions
- Maintain up-to-date README files
- Document environment variables and configuration
- Provide clear setup instructions
- Include examples for common use cases
+202
View File
@@ -0,0 +1,202 @@
name: Build and Push Docker Image
on:
push:
tags:
- 'v*'
workflow_dispatch:
inputs:
test_tag:
description: 'Test tag name (e.g., v0.1.1-test)'
required: false
default: 'v0.1.1-test'
env:
GHCR_REGISTRY: ghcr.io
IMAGE_NAME: insforge-oss
jobs:
build-amd64:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4
- name: Log in to GitHub Container Registry
uses: docker/login-action@v4
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
- name: Extract metadata for GHCR
id: meta
uses: docker/metadata-action@v6
with:
images: ${{ env.GHCR_REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
flavor: |
suffix=-amd64
latest=false
tags: |
type=ref,event=tag
type=raw,value=${{ github.event.inputs.test_tag }},enable=${{ github.event_name == 'workflow_dispatch' }}
- name: Build and push (amd64)
uses: docker/build-push-action@v7
with:
context: .
target: runner
platforms: linux/amd64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=amd64
cache-to: type=gha,mode=max,scope=amd64
build-args: |
VERSION=${{ github.ref_name }}
BUILD_DATE=${{ github.event.head_commit.timestamp }}
COMMIT_SHA=${{ github.sha }}
VITE_PUBLIC_POSTHOG_KEY=${{ secrets.POSTHOG_KEY }}
build-arm64:
runs-on: ubuntu-24.04-arm
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4
- name: Log in to GitHub Container Registry
uses: docker/login-action@v4
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
- name: Extract metadata for GHCR
id: meta
uses: docker/metadata-action@v6
with:
images: ${{ env.GHCR_REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
flavor: |
suffix=-arm64
latest=false
tags: |
type=ref,event=tag
type=raw,value=${{ github.event.inputs.test_tag }},enable=${{ github.event_name == 'workflow_dispatch' }}
- name: Build and push (arm64)
uses: docker/build-push-action@v7
with:
context: .
target: runner
platforms: linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=arm64
cache-to: type=gha,mode=max,scope=arm64
build-args: |
VERSION=${{ github.ref_name }}
BUILD_DATE=${{ github.event.head_commit.timestamp }}
COMMIT_SHA=${{ github.sha }}
VITE_PUBLIC_POSTHOG_KEY=${{ secrets.POSTHOG_KEY }}
merge-manifests:
needs: [build-amd64, build-arm64]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Log in to GitHub Container Registry
uses: docker/login-action@v4
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
- name: Extract metadata for GHCR
id: meta
uses: docker/metadata-action@v6
with:
images: ${{ env.GHCR_REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
flavor: |
latest=false
tags: |
type=ref,event=tag
type=raw,value=${{ github.event.inputs.test_tag }},enable=${{ github.event_name == 'workflow_dispatch' }}
type=raw,value=latest,enable=${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') && !contains(github.ref_name, '-') }}
- name: Create and push multi-arch manifest
env:
GHCR_IMAGE_RAW: ${{ env.GHCR_REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
SOURCE_VERSION: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.test_tag || github.ref_name }}
run: |
GHCR_IMAGE=$(echo "${GHCR_IMAGE_RAW}" | tr '[:upper:]' '[:lower:]')
for TAG in $(echo "${{ steps.meta.outputs.tags }}" | tr ',' '\n'); do
docker buildx imagetools create \
--tag "${TAG}" \
"${GHCR_IMAGE}:${SOURCE_VERSION}-amd64" \
"${GHCR_IMAGE}:${SOURCE_VERSION}-arm64"
done
push-to-ecr:
needs: merge-manifests
runs-on: ubuntu-latest
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') && !contains(github.ref_name, '-')
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v6
with:
role-to-assume: ${{ secrets.AWS_ECR_ROLE_ARN }}
aws-region: ${{ secrets.AWS_ECR_REGION }}
- name: Login to Amazon ECR
id: ecr-login
uses: aws-actions/amazon-ecr-login@v2
- name: Log in to GitHub Container Registry
uses: docker/login-action@v4
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
- name: Install crane
uses: imjasonh/setup-crane@6da1ae018866400525525ce74ff892880c099987 # v0.5
- name: Copy multi-arch image to ECR
env:
ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }}
VERSION: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.test_tag || github.ref_name }}
GHCR_IMAGE_RAW: ${{ env.GHCR_REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
ECR_IMAGE: ${{ steps.ecr-login.outputs.registry }}/${{ env.IMAGE_NAME }}
TAG_LATEST: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') && !contains(github.ref_name, '-') }}
run: |
# Convert GHCR image name to lowercase (Docker requires lowercase)
GHCR_IMAGE=$(echo "${GHCR_IMAGE_RAW}" | tr '[:upper:]' '[:lower:]')
# Copy multi-arch image from GHCR to ECR (preserves all platforms)
crane copy ${GHCR_IMAGE}:${VERSION} ${ECR_IMAGE}:${VERSION}
if [[ "${TAG_LATEST}" == "true" ]]; then
crane copy ${GHCR_IMAGE}:${VERSION} ${ECR_IMAGE}:latest
fi
+29
View File
@@ -0,0 +1,29 @@
name: Check Migrations
on:
push:
branches: [ main ]
pull_request:
branches: [ '*' ]
# Required by the merge queue: the queue builds a temporary `merge_group` ref
# (PR rebased onto the latest main) and waits for this check to report on it.
# Without this trigger the check never runs for queued PRs and the queue stalls.
merge_group:
jobs:
check-duplicate-numbers:
name: Check for duplicate migration numbers
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '20'
- name: Check for duplicate migration numbers
run: node scripts/check-migration-duplicates.js
working-directory: backend
+24
View File
@@ -0,0 +1,24 @@
name: CI Pre-merge Check
on:
pull_request:
branches: [ main, master, develop ]
push:
branches: [ main, master, develop ]
workflow_dispatch: # Allows manual triggering for testing
jobs:
docker-build:
name: CI Pre-merge Check
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Build Docker image
uses: docker/build-push-action@v7
with:
context: .
push: false
tags: insforge:test
+65
View File
@@ -0,0 +1,65 @@
name: E2E Tests
on:
pull_request:
branches: [main, master, develop]
workflow_dispatch:
jobs:
e2e:
name: E2E Tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Create .env file
run: |
cat > .env << EOF
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_DB=insforge
DATABASE_URL=postgresql://postgres:postgres@postgres:5432/insforge
JWT_SECRET=test-secret-key-for-ci-cd-pipeline
ROOT_ADMIN_USERNAME=admin
ROOT_ADMIN_PASSWORD=test-admin-password-for-ci
TEST_API_BASE=http://localhost:7130/api
INSFORGE_DISABLE_WRITE_RATE_LIMIT=1
EOF
- name: Start Docker Compose services
run: docker compose up -d
- name: Wait for PostgreSQL to be ready
run: |
echo "Waiting for PostgreSQL..."
timeout 60 bash -c 'until docker compose exec -T postgres pg_isready -U postgres; do sleep 2; done'
- name: Wait for InsForge backend to be ready
run: |
echo "Waiting for InsForge backend..."
timeout 180 bash -c 'until curl -f http://localhost:7130/api/health 2>/dev/null; do echo "Waiting..."; sleep 5; done'
echo "Backend is ready!"
- name: Install test dependencies in container
run: docker compose exec -T insforge apk add --no-cache bash curl jq postgresql-client
- name: Run E2E tests
run: docker compose exec -T insforge npm run test:e2e
- name: Show container logs on failure
if: failure()
run: |
echo "=== PostgreSQL logs ==="
docker compose logs postgres
echo ""
echo "=== InsForge backend logs ==="
docker compose logs insforge
echo ""
echo "=== PostgREST logs ==="
docker compose logs postgrest
- name: Cleanup
if: always()
run: docker compose down -v
+128
View File
@@ -0,0 +1,128 @@
name: Frontend Tests
on:
pull_request:
branches: [main, master, develop]
workflow_dispatch:
permissions:
contents: read
jobs:
dashboard-unit-tests:
name: Dashboard Unit Tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
- name: Install dependencies
run: npm ci
- name: Run dashboard unit tests
run: npm --workspace @insforge/dashboard run test:unit
dashboard-component-tests:
name: Dashboard Component Tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
- name: Install dependencies
run: npm ci
- name: Run dashboard component tests
run: npm --workspace @insforge/dashboard run test:component
ui-unit-tests:
name: UI Unit Tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
- name: Install dependencies
run: npm ci
- name: Run UI unit tests
run: npm --workspace @insforge/ui run test:unit
ui-component-tests:
name: UI Component Tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
- name: Install dependencies
run: npm ci
- name: Run UI component tests
run: npm --workspace @insforge/ui run test:component
dashboard-e2e-tests:
name: Dashboard E2E Tests
runs-on: ubuntu-latest
needs:
- dashboard-unit-tests
- dashboard-component-tests
- ui-unit-tests
- ui-component-tests
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
- name: Install dependencies
run: npm ci
- name: Install Playwright Chromium
run: npx playwright install --with-deps chromium
- name: Run dashboard E2E tests
run: npm --workspace @insforge/dashboard run test:ui
- name: Upload Playwright artifacts
if: failure()
uses: actions/upload-artifact@v4
with:
name: dashboard-playwright-results
path: |
packages/dashboard/playwright-report/
packages/dashboard/test-results/
retention-days: 7
+69
View File
@@ -0,0 +1,69 @@
name: Integration Tests
on:
pull_request:
branches: [main, master, develop]
workflow_dispatch:
permissions:
contents: read
jobs:
integration-tests:
name: Integration Tests
runs-on: ubuntu-latest
services:
postgres:
image: ghcr.io/insforge/postgres:v15.13.2
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: insforge
ports:
- 5432:5432
options: >-
--health-cmd "pg_isready -U postgres"
--health-interval 5s
--health-timeout 5s
--health-retries 10
env:
PGHOST: 127.0.0.1
PGPORT: 5432
PGUSER: postgres
PGPASSWORD: postgres
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install Postgres client
run: |
sudo apt-get update
sudo apt-get install -y postgresql-client
- name: Wait for Postgres
run: |
for i in {1..60}; do
if pg_isready -h 127.0.0.1 -p 5432 -U postgres; then
exit 0
fi
sleep 2
done
echo "postgres not ready in time"
exit 1
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 22
cache: npm
- name: Install dependencies
run: npm ci
- name: Run integration tests
run: cd backend && npm run test:integration
+49
View File
@@ -0,0 +1,49 @@
name: Lint and Format Check
on:
push:
branches: [ main ]
pull_request:
branches: [ '*' ]
jobs:
lint-and-format:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '20'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Check insforge-dev skill copies are in sync
run: scripts/sync-skills.sh --check
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v45
with:
files: |
**/*.{ts,tsx,js,jsx,mjs,cjs}
- name: Run ESLint on changed files
if: steps.changed-files.outputs.any_changed == 'true'
run: npx eslint ${{ steps.changed-files.outputs.all_changed_files }}
- name: Get changed files for Prettier
id: changed-files-prettier
uses: tj-actions/changed-files@v45
- name: Check Prettier formatting on changed files
if: steps.changed-files-prettier.outputs.any_changed == 'true'
run: npx prettier --check --ignore-unknown ${{ steps.changed-files-prettier.outputs.all_changed_files }}
- name: Run TypeScript type checking
run: npm run typecheck
+27
View File
@@ -0,0 +1,27 @@
name: Unit Tests
on:
pull_request:
branches: [main, master, develop]
workflow_dispatch:
jobs:
unit-tests:
name: Unit Tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
- name: Install dependencies
run: npm ci
- name: Run backend unit tests
run: npm run test:backend