@idealyst/cli 1.0.33 → 1.0.35

package/dist/templates/workspace/.env.production

@@ -0,0 +1,56 @@
+# Production Environment Variables
+# Copy this file to .env for production deployment
+
+# Project Configuration
+PROJECT_NAME={{packageName}}
+NODE_ENV=production
+
+# Database Configuration (use strong passwords!)
+POSTGRES_DB={{packageName}}_production
+POSTGRES_USER={{packageName}}_user
+POSTGRES_PASSWORD=CHANGE_THIS_STRONG_PASSWORD
+POSTGRES_PORT=5432
+
+# Redis Configuration
+REDIS_PORT=6379
+
+# API Configuration
+API_PORT=3001
+JWT_SECRET=CHANGE_THIS_VERY_STRONG_JWT_SECRET_MINIMUM_32_CHARACTERS
+
+# Web Configuration
+WEB_PORT=80
+
+# SSL/Domain Configuration
+DOMAIN_NAME=yourdomain.com
+SSL_EMAIL=admin@yourdomain.com
+
+# Monitoring
+GRAFANA_PASSWORD=CHANGE_THIS_STRONG_PASSWORD
+
+# Logging
+LOG_LEVEL=warn
+
+# Rate Limiting (more restrictive for production)
+RATE_LIMIT_WINDOW_MS=900000
+RATE_LIMIT_MAX_REQUESTS=50
+
+# Security Settings
+SESSION_SECRET=CHANGE_THIS_VERY_STRONG_SESSION_SECRET
+ENCRYPTION_KEY=CHANGE_THIS_32_CHARACTER_ENCRYPTION_KEY
+
+# External Services (configure as needed)
+# SMTP_HOST=smtp.yourdomain.com
+# SMTP_PORT=587
+# SMTP_USER=noreply@yourdomain.com
+# SMTP_PASS=smtp_password
+
+# AWS/Cloud Storage (if using)
+# AWS_ACCESS_KEY_ID=your_access_key
+# AWS_SECRET_ACCESS_KEY=your_secret_key
+# AWS_REGION=us-east-1
+# S3_BUCKET=your-bucket-name
+
+# Analytics/Monitoring
+# SENTRY_DSN=your_sentry_dsn
+# GOOGLE_ANALYTICS_ID=your_ga_id

package/dist/templates/workspace/.yarnrc.yml

@@ -0,0 +1,26 @@
+nodeLinker: "node-modules"
+
+# Enable transparent workspaces for better workspace dependency resolution
+enableTransparentWorkspaces: true
+
+# Enable network for package downloads
+enableNetwork: true
+
+# Timeout for HTTP requests (in milliseconds)
+httpTimeout: 60000
+
+# Number of retry attempts for HTTP requests
+httpRetry: 3
+
+# Registry configuration
+npmRegistryServer: "https://registry.yarnpkg.com"
+
+# Enable progress bars
+enableProgressBars: true
+
+# Enable colors in output
+enableColors: true
+
+# Prevent hoisting to avoid React Native issues
+# This ensures React Native dependencies stay in their local node_modules
+nmHoistingLimits: workspaces 

package/dist/templates/workspace/Dockerfile

@@ -0,0 +1,93 @@
+# Multi-stage Dockerfile for Idealyst Workspace
+# Supports web apps, API services, and can be used for staging/production
+
+# Base stage with Node.js and build tools
+FROM node:20-bullseye-slim AS base
+RUN apt-get update && apt-get install -y \
+    libc6-dev \
+    git \
+    && rm -rf /var/lib/apt/lists/*
+WORKDIR /app
+
+# Enable corepack for yarn
+RUN corepack enable
+
+# Dependencies stage - install all dependencies
+FROM base AS deps
+COPY package.json yarn.lock .yarnrc.yml ./
+COPY .yarn .yarn
+
+# Create packages directory structure and copy package.json files
+RUN mkdir -p packages/api packages/app packages/components packages/web
+COPY packages/api/package.json ./packages/api/
+COPY packages/app/package.json ./packages/app/
+COPY packages/components/package.json ./packages/components/
+COPY packages/web/package.json ./packages/web/
+
+RUN yarn install
+
+# Build stage - build all packages
+FROM base AS builder
+COPY --from=deps /app/node_modules ./node_modules
+COPY . .
+
+# Build all packages
+RUN yarn build:all
+
+# Production API stage
+FROM base AS api-runner
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 apiuser
+
+# Copy built API and dependencies
+COPY --from=builder /app/packages/*/dist ./packages/
+COPY --from=builder /app/node_modules ./node_modules
+COPY --from=builder /app/package.json ./
+
+USER apiuser
+EXPOSE 3001
+ENV NODE_ENV=production
+ENV PORT=3001
+
+# Health check for API
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+  CMD node -e "require('http').get('http://localhost:3001/health', (res) => { process.exit(res.statusCode === 200 ? 0 : 1) })"
+
+CMD ["node", "packages/api/dist/server.js"]
+
+# Production Web stage
+FROM nginx:alpine AS web-runner
+COPY --from=builder /app/packages/web/dist /usr/share/nginx/html
+COPY docker/nginx.conf /etc/nginx/nginx.conf
+
+EXPOSE 80
+CMD ["nginx", "-g", "daemon off;"]
+
+# Development stage - for use with dev containers
+FROM base AS dev
+
+# Copy package files
+COPY package.json yarn.lock .yarnrc.yml ./
+COPY .yarn .yarn
+
+# Create packages directory structure and copy package.json files
+RUN mkdir -p packages/api packages/app packages/components packages/web
+COPY packages/api/package.json ./packages/api/
+COPY packages/app/package.json ./packages/app/
+COPY packages/components/package.json ./packages/components/
+COPY packages/web/package.json ./packages/web/
+
+# Install dependencies including dev dependencies
+RUN yarn install
+
+EXPOSE 3000 3001 5173 8080 19006
+
+CMD ["tail", "-f", "/dev/null"]
+
+# Test runner stage
+FROM base AS test-runner
+COPY --from=deps /app/node_modules ./node_modules
+COPY . .
+
+# Run tests
+CMD ["yarn", "test:ci"]

package/dist/templates/workspace/README.md

@@ -0,0 +1,179 @@
+# {{projectName}}
+
+{{description}}
+
+## Getting Started
+
+This workspace contains your Idealyst Framework packages and applications.
+
+### Structure
+
+```
+{{projectName}}/
+├── packages/           # Shared packages
+│   ├── theme/         # Theme configuration
+│   ├── components/    # UI components
+│   └── utils/         # Shared utilities
+├── mobile-app/        # React Native app (generated)
+├── web-app/           # React web app (generated)
+└── shared-lib/        # Shared library (generated)
+```
+
+## Testing
+
+This workspace is pre-configured with Jest testing framework across all packages. Each package includes sample tests and Jest configuration.
+
+### Quick Start
+
+```bash
+# Run all tests across all packages
+yarn test
+
+# Run tests in watch mode
+yarn test:watch
+
+# Run tests with coverage reports
+yarn test:coverage
+
+# Run tests in CI mode (for automated builds)
+yarn test:ci
+
+# Run tests for a specific package
+node scripts/test-runner.js test:package <package-name>
+```
+
+### Test Structure
+
+Each package contains:
+- `jest.config.js` - Jest configuration tailored to the project type
+- `__tests__/` - Directory for test files with comprehensive examples
+- Sample tests demonstrating testing patterns specific to each template
+
+### Package-Specific Testing
+
+- **API packages**: Node.js environment, async/database testing patterns
+- **Web packages**: React Testing Library, DOM testing, user interactions
+- **Native packages**: React Native Testing Library, component rendering
+- **Shared packages**: TypeScript utility testing patterns
+
+### Adding Tests
+
+1. Create test files in the `__tests__` directory or alongside your source files with `.test.ts` or `.spec.ts` extension
+2. Tests are automatically discovered and run by Jest
+3. Each template includes comprehensive sample tests as starting points
+4. See the Component Testing Guide for detailed patterns and best practices
+
+### Development
+
+Install dependencies:
+```bash
+yarn install
+```
+
+Build all packages:
+```bash
+yarn build:all
+```
+
+Test all packages:
+```bash
+yarn test:all
+```
+
+### Adding Applications
+
+Generate a new React Native app:
+```bash
+idealyst create mobile-app --type native
+```
+
+Generate a new React web app:
+```bash
+idealyst create web-app --type web
+```
+
+Generate a new shared library:
+```bash
+idealyst create shared-lib --type shared
+```
+
+**Note:** The CLI will automatically add new projects to the workspace configuration when run from the workspace root.
+
+### Publishing
+
+Publish all packages:
+```bash
+yarn publish:all
+```
+
+### Version Management
+
+Update patch version for all packages:
+```bash
+yarn version:patch
+```
+
+Update minor version for all packages:
+```bash
+yarn version:minor
+```
+
+Update major version for all packages:
+```bash
+yarn version:major
+```
+
+## Docker & Containerization
+
+This workspace includes comprehensive Docker support for development, staging, and production environments.
+
+### Quick Start with Docker
+
+```bash
+# Use the Docker build helper (recommended)
+./scripts/docker-build.sh dev
+
+# Or manually:
+# Development environment
+cp .env.example .env
+./scripts/docker/deploy.sh development
+
+# Production deployment
+cp .env.production .env
+# Edit .env with your settings
+./scripts/docker/deploy.sh production
+```
+
+**Docker Build Helper**: The `./scripts/docker-build.sh` script automatically handles common issues like missing yarn.lock files and environment configuration.
+
+### VS Code Dev Container
+
+Open this workspace in VS Code and select "Reopen in Container" for a fully configured development environment with:
+- Node.js, TypeScript, and all development tools pre-installed
+- PostgreSQL and Redis databases ready to use
+- Automatic port forwarding and extension installation
+- Hot reload and debugging support
+
+### Services Available
+
+- **Web App**: React application with hot reload
+- **API Server**: Backend with database connections
+- **PostgreSQL**: Database with initialization scripts
+- **Redis**: Caching and session storage
+- **Nginx**: Reverse proxy and load balancer (production)
+
+### Management Scripts
+
+```bash
+# Deployment
+./scripts/docker/deploy.sh [development|production|staging]
+
+# Database management
+./scripts/docker/db-backup.sh [backup|restore|list|clean]
+
+# View status
+./scripts/docker/deploy.sh status
+
+# View logs
+./scripts/docker/deploy.sh logs
+``` 

package/dist/templates/workspace/docker/nginx/prod.conf

@@ -0,0 +1,238 @@
+events {
+    worker_connections 2048;
+    use epoll;
+    multi_accept on;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    # Logging
+    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+                    '$status $body_bytes_sent "$http_referer" '
+                    '"$http_user_agent" "$http_x_forwarded_for" '
+                    '$request_time $upstream_response_time';
+
+    access_log /var/log/nginx/access.log main;
+    error_log /var/log/nginx/error.log warn;
+
+    # Performance settings
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    keepalive_requests 100;
+    types_hash_max_size 2048;
+    server_tokens off;
+    client_max_body_size 50M;
+    client_body_buffer_size 128k;
+    client_header_buffer_size 3m;
+    large_client_header_buffers 4 256k;
+
+    # SSL Configuration
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384;
+    ssl_prefer_server_ciphers off;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+
+    # Gzip compression
+    gzip on;
+    gzip_vary on;
+    gzip_min_length 1024;
+    gzip_comp_level 6;
+    gzip_proxied any;
+    gzip_types
+        application/atom+xml
+        application/geo+json
+        application/javascript
+        application/x-javascript
+        application/json
+        application/ld+json
+        application/manifest+json
+        application/rdf+xml
+        application/rss+xml
+        application/xhtml+xml
+        application/xml
+        font/eot
+        font/otf
+        font/ttf
+        image/svg+xml
+        text/css
+        text/javascript
+        text/plain
+        text/xml;
+
+    # Rate limiting zones
+    limit_req_zone $binary_remote_addr zone=api:10m rate=10r/s;
+    limit_req_zone $binary_remote_addr zone=web:10m rate=50r/s;
+    limit_req_zone $binary_remote_addr zone=login:10m rate=5r/m;
+
+    # Connection limiting
+    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
+    limit_conn conn_limit_per_ip 20;
+
+    # Upstream servers with load balancing
+    upstream api_backend {
+        least_conn;
+        server {{PROJECT_NAME}}-api-1:3001 max_fails=3 fail_timeout=30s weight=1;
+        server {{PROJECT_NAME}}-api-2:3001 max_fails=3 fail_timeout=30s weight=1;
+        keepalive 32;
+    }
+
+    upstream web_backend {
+        least_conn;
+        server {{PROJECT_NAME}}-web-1:80 max_fails=3 fail_timeout=30s weight=1;
+        server {{PROJECT_NAME}}-web-2:80 max_fails=3 fail_timeout=30s weight=1;
+        keepalive 32;
+    }
+
+    # Cache zones
+    proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=api_cache:10m max_size=1g inactive=60m use_temp_path=off;
+    proxy_cache_path /var/cache/nginx/static levels=1:2 keys_zone=static_cache:10m max_size=1g inactive=24h use_temp_path=off;
+
+    # Redirect HTTP to HTTPS
+    server {
+        listen 80;
+        server_name {{DOMAIN_NAME}};
+        return 301 https://$server_name$request_uri;
+    }
+
+    # Main HTTPS server
+    server {
+        listen 443 ssl http2;
+        server_name {{DOMAIN_NAME}};
+
+        # SSL certificates
+        ssl_certificate /etc/nginx/ssl/cert.pem;
+        ssl_certificate_key /etc/nginx/ssl/key.pem;
+
+        # Security headers
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header X-XSS-Protection "1; mode=block" always;
+        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+        add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' wss:; frame-ancestors 'self';" always;
+
+        # API routes
+        location /api/ {
+            limit_req zone=api burst=20 nodelay;
+            
+            # Caching for GET requests
+            proxy_cache api_cache;
+            proxy_cache_valid 200 302 10m;
+            proxy_cache_valid 404 1m;
+            proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
+            proxy_cache_lock on;
+            proxy_cache_bypass $http_cache_control;
+            
+            proxy_pass http://api_backend/;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection 'upgrade';
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_cache_bypass $http_upgrade;
+            proxy_connect_timeout 30s;
+            proxy_send_timeout 30s;
+            proxy_read_timeout 30s;
+            proxy_buffering on;
+            proxy_buffer_size 4k;
+            proxy_buffers 8 4k;
+        }
+
+        # Health checks
+        location /api/health {
+            proxy_pass http://api_backend/health;
+            access_log off;
+            proxy_cache off;
+        }
+
+        # Authentication endpoints (stricter rate limiting)
+        location ~ ^/api/(auth|login|register|password) {
+            limit_req zone=login burst=5 nodelay;
+            
+            proxy_pass http://api_backend;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_cache off;
+        }
+
+        # Static assets with aggressive caching
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|webp|woff|woff2|ttf|eot|pdf)$ {
+            limit_req zone=web burst=100 nodelay;
+            
+            proxy_cache static_cache;
+            proxy_cache_valid 200 1y;
+            proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
+            
+            proxy_pass http://web_backend;
+            expires 1y;
+            add_header Cache-Control "public, immutable";
+            add_header X-Content-Type-Options "nosniff";
+            
+            # CORS headers for fonts and assets
+            add_header Access-Control-Allow-Origin "*";
+            add_header Access-Control-Allow-Methods "GET, OPTIONS";
+            add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range";
+        }
+
+        # Web application with caching
+        location / {
+            limit_req zone=web burst=50 nodelay;
+            
+            # Short cache for HTML files
+            proxy_cache static_cache;
+            proxy_cache_valid 200 10m;
+            proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
+            proxy_cache_bypass $http_cache_control;
+            
+            proxy_pass http://web_backend;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection 'upgrade';
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_cache_bypass $http_upgrade;
+            
+            # Handle client-side routing
+            try_files $uri $uri/ @fallback;
+        }
+
+        # Fallback for client-side routing
+        location @fallback {
+            proxy_pass http://web_backend;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_cache off;
+        }
+
+        # Monitoring endpoint
+        location /nginx_status {
+            stub_status on;
+            access_log off;
+            allow 127.0.0.1;
+            allow 10.0.0.0/8;
+            allow 172.16.0.0/12;
+            allow 192.168.0.0/16;
+            deny all;
+        }
+
+        # Health check endpoint
+        location /health {
+            access_log off;
+            return 200 "healthy\n";
+            add_header Content-Type text/plain;
+        }
+    }
+}