@girardmedia/bootspring 1.1.0

package/agents/devops-expert/context.md

@@ -0,0 +1,446 @@
+# DevOps Expert Agent
+
+## Role
+Specialized in CI/CD pipelines, deployment strategies, infrastructure configuration, monitoring, and operational best practices.
+
+## Core Expertise
+
+### GitHub Actions CI/CD
+
+```yaml
+# .github/workflows/ci.yml
+name: CI
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main]
+
+env:
+  NODE_VERSION: '20'
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'npm'
+      - run: npm ci
+      - run: npm run lint
+
+  typecheck:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'npm'
+      - run: npm ci
+      - run: npm run typecheck
+
+  test:
+    runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:15
+        env:
+          POSTGRES_USER: test
+          POSTGRES_PASSWORD: test
+          POSTGRES_DB: test
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'npm'
+      - run: npm ci
+      - run: npm run test:ci
+        env:
+          DATABASE_URL: postgresql://test:test@localhost:5432/test
+      - uses: codecov/codecov-action@v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+  build:
+    runs-on: ubuntu-latest
+    needs: [lint, typecheck, test]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'npm'
+      - run: npm ci
+      - run: npm run build
+      - uses: actions/upload-artifact@v4
+        with:
+          name: build
+          path: .next
+          retention-days: 7
+```
+
+### Deployment Workflow
+
+```yaml
+# .github/workflows/deploy.yml
+name: Deploy
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+jobs:
+  deploy-staging:
+    runs-on: ubuntu-latest
+    environment: staging
+    steps:
+      - uses: actions/checkout@v4
+      - uses: amondnet/vercel-action@v25
+        with:
+          vercel-token: ${{ secrets.VERCEL_TOKEN }}
+          vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
+          vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
+          scope: ${{ secrets.VERCEL_ORG_ID }}
+
+  deploy-production:
+    runs-on: ubuntu-latest
+    needs: deploy-staging
+    environment: production
+    steps:
+      - uses: actions/checkout@v4
+      - uses: amondnet/vercel-action@v25
+        with:
+          vercel-token: ${{ secrets.VERCEL_TOKEN }}
+          vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
+          vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
+          vercel-args: '--prod'
+          scope: ${{ secrets.VERCEL_ORG_ID }}
+```
+
+### Database Migrations in CI
+
+```yaml
+# Migration job
+migrate:
+  runs-on: ubuntu-latest
+  needs: build
+  environment: production
+  steps:
+    - uses: actions/checkout@v4
+    - uses: actions/setup-node@v4
+      with:
+        node-version: ${{ env.NODE_VERSION }}
+        cache: 'npm'
+    - run: npm ci
+    - name: Run migrations
+      run: npx prisma migrate deploy
+      env:
+        DATABASE_URL: ${{ secrets.DATABASE_URL }}
+```
+
+### Environment Management
+
+```bash
+# .env.example (committed to git)
+# Database
+DATABASE_URL="postgresql://user:password@localhost:5432/mydb"
+
+# Authentication
+NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY="pk_test_..."
+CLERK_SECRET_KEY="sk_test_..."
+
+# Stripe
+STRIPE_SECRET_KEY="sk_test_..."
+STRIPE_WEBHOOK_SECRET="whsec_..."
+
+# Feature flags
+NEXT_PUBLIC_ENABLE_NEW_FEATURE="false"
+```
+
+```typescript
+// lib/env.ts - Runtime validation
+import { z } from 'zod';
+
+const envSchema = z.object({
+  DATABASE_URL: z.string().url(),
+  CLERK_SECRET_KEY: z.string().min(1),
+  STRIPE_SECRET_KEY: z.string().min(1),
+  NODE_ENV: z.enum(['development', 'test', 'production']).default('development'),
+});
+
+export const env = envSchema.parse(process.env);
+```
+
+### Docker Configuration
+
+```dockerfile
+# Dockerfile
+FROM node:20-alpine AS base
+
+# Install dependencies only when needed
+FROM base AS deps
+WORKDIR /app
+COPY package.json package-lock.json ./
+RUN npm ci
+
+# Rebuild source only when needed
+FROM base AS builder
+WORKDIR /app
+COPY --from=deps /app/node_modules ./node_modules
+COPY . .
+RUN npm run build
+
+# Production image
+FROM base AS runner
+WORKDIR /app
+
+ENV NODE_ENV=production
+
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 nextjs
+
+COPY --from=builder /app/public ./public
+COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
+COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
+
+USER nextjs
+
+EXPOSE 3000
+
+ENV PORT=3000
+ENV HOSTNAME="0.0.0.0"
+
+CMD ["node", "server.js"]
+```
+
+```yaml
+# docker-compose.yml
+version: '3.8'
+
+services:
+  app:
+    build: .
+    ports:
+      - "3000:3000"
+    environment:
+      - DATABASE_URL=postgresql://postgres:postgres@db:5432/mydb
+    depends_on:
+      db:
+        condition: service_healthy
+
+  db:
+    image: postgres:15-alpine
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+      POSTGRES_DB: mydb
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+
+volumes:
+  postgres_data:
+```
+
+### Health Checks
+
+```typescript
+// app/api/health/route.ts
+import { NextResponse } from 'next/server';
+import { prisma } from '@/lib/prisma';
+
+export async function GET() {
+  const health = {
+    status: 'healthy',
+    timestamp: new Date().toISOString(),
+    uptime: process.uptime(),
+    checks: {} as Record<string, 'ok' | 'error'>,
+  };
+
+  // Check database
+  try {
+    await prisma.$queryRaw`SELECT 1`;
+    health.checks.database = 'ok';
+  } catch {
+    health.checks.database = 'error';
+    health.status = 'unhealthy';
+  }
+
+  // Check external services
+  try {
+    const response = await fetch('https://api.stripe.com/v1/', {
+      headers: { Authorization: `Bearer ${process.env.STRIPE_SECRET_KEY}` },
+    });
+    health.checks.stripe = response.ok ? 'ok' : 'error';
+  } catch {
+    health.checks.stripe = 'error';
+  }
+
+  const statusCode = health.status === 'healthy' ? 200 : 503;
+  return NextResponse.json(health, { status: statusCode });
+}
+
+// Kubernetes-style probes
+// app/api/health/live/route.ts
+export async function GET() {
+  return NextResponse.json({ status: 'alive' });
+}
+
+// app/api/health/ready/route.ts
+export async function GET() {
+  try {
+    await prisma.$queryRaw`SELECT 1`;
+    return NextResponse.json({ status: 'ready' });
+  } catch {
+    return NextResponse.json({ status: 'not ready' }, { status: 503 });
+  }
+}
+```
+
+### Logging
+
+```typescript
+// lib/logger.ts
+import pino from 'pino';
+
+export const logger = pino({
+  level: process.env.LOG_LEVEL || 'info',
+  ...(process.env.NODE_ENV === 'development' && {
+    transport: {
+      target: 'pino-pretty',
+      options: { colorize: true },
+    },
+  }),
+});
+
+// Usage
+logger.info({ userId, action: 'login' }, 'User logged in');
+logger.error({ err, requestId }, 'Request failed');
+
+// Structured logging in API routes
+export async function POST(request: NextRequest) {
+  const requestId = crypto.randomUUID();
+  const log = logger.child({ requestId });
+
+  log.info('Processing request');
+
+  try {
+    // ... process
+    log.info({ result }, 'Request completed');
+    return NextResponse.json(result);
+  } catch (error) {
+    log.error({ err: error }, 'Request failed');
+    throw error;
+  }
+}
+```
+
+### Monitoring & Alerting
+
+```typescript
+// Using Sentry for error tracking
+// lib/sentry.ts
+import * as Sentry from '@sentry/nextjs';
+
+Sentry.init({
+  dsn: process.env.SENTRY_DSN,
+  environment: process.env.NODE_ENV,
+  tracesSampleRate: 0.1,
+  integrations: [
+    new Sentry.Integrations.Prisma({ client: prisma }),
+  ],
+});
+
+// Capture errors
+try {
+  // ...
+} catch (error) {
+  Sentry.captureException(error, {
+    tags: { feature: 'checkout' },
+    extra: { userId, orderId },
+  });
+}
+
+// Performance monitoring
+const transaction = Sentry.startTransaction({
+  name: 'processOrder',
+  op: 'task',
+});
+
+try {
+  // Process order
+  transaction.setStatus('ok');
+} catch {
+  transaction.setStatus('error');
+} finally {
+  transaction.finish();
+}
+```
+
+### Rollback Strategy
+
+```yaml
+# Deploy with automatic rollback
+deploy:
+  runs-on: ubuntu-latest
+  steps:
+    - name: Deploy
+      id: deploy
+      run: |
+        DEPLOYMENT_URL=$(vercel deploy --prod --token=${{ secrets.VERCEL_TOKEN }})
+        echo "url=$DEPLOYMENT_URL" >> $GITHUB_OUTPUT
+
+    - name: Health Check
+      run: |
+        for i in {1..5}; do
+          STATUS=$(curl -s -o /dev/null -w "%{http_code}" ${{ steps.deploy.outputs.url }}/api/health)
+          if [ "$STATUS" = "200" ]; then
+            echo "Health check passed"
+            exit 0
+          fi
+          sleep 10
+        done
+        echo "Health check failed"
+        exit 1
+
+    - name: Rollback on Failure
+      if: failure()
+      run: |
+        # Get previous deployment
+        PREV=$(vercel ls --token=${{ secrets.VERCEL_TOKEN }} | head -2 | tail -1 | awk '{print $2}')
+        vercel alias set $PREV yourapp.com --token=${{ secrets.VERCEL_TOKEN }}
+```
+
+## DevOps Checklist
+
+- [ ] CI pipeline runs on every PR
+- [ ] Tests required to pass before merge
+- [ ] Build artifacts cached
+- [ ] Database migrations automated
+- [ ] Environment variables documented
+- [ ] Health checks implemented
+- [ ] Logging configured
+- [ ] Error tracking setup
+- [ ] Deployment is automated
+- [ ] Rollback strategy defined
+- [ ] Secrets stored securely
+
+## Trigger Keywords
+deploy, ci, cd, pipeline, docker, kubernetes, github actions, workflow, environment, staging, production, rollback, health check, monitoring, logging, sentry, vercel