diff --git a/.cm/gitstream.cm b/.cm/gitstream.cm new file mode 100644 index 0000000..64cfe7f --- /dev/null +++ b/.cm/gitstream.cm @@ -0,0 +1,55 @@ +# -*- mode: yaml -*- + +manifest: + version: 1.0 + +automations: + explain_code_experts: + on: + - pr_created + - pr_ready_for_review + - commit + if: + - {{ pr.labels | match(term='suggest-reviewer') | some }} + run: + - action: explain-code-experts@v1 + args: + gt: 10 + + linearb_ai_review: + # Triggers only when PR is created or has new commits, see docs + # https://docs.gitstream.cm/execution-model/#action-level-execution-control + if: + - {{ not pr.draft }} + - {{ not (is.bot_author or is.bot_branch) }} + run: + - action: code-review@v1 + guidelines: | + - Use short inline comments attached to the exact line with the issue. + - Prefer many small comments over long summaries. + + linearb_ai_desc: + if: + - {{ not pr.draft }} + run: + - action: describe-changes@v1 + args: + concat_mode: append + + estimated_time_to_review: + if: + - true + run: + - action: add-label@v1 + args: + label: "{{ calc.etr }} min review" + color: {{ colors.red if (calc.etr >= 20) else ( colors.yellow if (calc.etr >= 5) else colors.green ) }} + +calc: + etr: {{ branch | estimatedReviewTime }} + + +colors: + red: 'b60205' + yellow: 'fbca04' + green: '0e8a16' diff --git a/.coderabbit.yaml b/.coderabbit.yaml new file mode 100644 index 0000000..82d9c84 --- /dev/null +++ b/.coderabbit.yaml @@ -0,0 +1,7 @@ +# CodeRabbit configuration +# Exclude benchmark files from code review + +paths: + ignore: + - "examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/**" + diff --git a/.github/workflows/gitstream.yml b/.github/workflows/gitstream.yml new file mode 100644 index 0000000..06b5271 --- /dev/null +++ b/.github/workflows/gitstream.yml @@ -0,0 +1,53 @@ +# Code generated by gitStream GitHub app - DO NOT EDIT + +name: gitStream workflow automation +run-name: | + /:\ gitStream: PR #${{ fromJSON(fromJSON(github.event.inputs.client_payload)).pullRequestNumber }} from ${{ github.event.inputs.full_repository }} + +on: + workflow_dispatch: + inputs: + client_payload: + description: The Client payload + required: true + full_repository: + description: the repository name include the owner in `owner/repo_name` format + required: true + head_ref: + description: the head sha + required: true + base_ref: + description: the base ref + required: true + installation_id: + description: the installation id + required: false + resolver_url: + description: the resolver url to pass results to + required: true + resolver_token: + description: Optional resolver token for resolver service + required: false + default: '' + +jobs: + gitStream: + timeout-minutes: 15 + runs-on: ubuntu-latest + name: gitStream workflow automation + steps: + - name: Adding PR Url + run: | + echo '[${{ fromJSON(fromJSON(inputs.client_payload)).repo }}#${{ fromJSON(fromJSON(inputs.client_payload)).prContext.number }}](${{ fromJSON(fromJSON(inputs.client_payload)).prContext.url }}) - `${{ fromJSON(fromJSON(inputs.client_payload)).branch }}` by ${{ fromJSON(fromJSON(inputs.client_payload)).prContext.author }}' >> $GITHUB_STEP_SUMMARY + + - name: Evaluate Rules + uses: linear-b/gitstream-github-action@v2 + id: rules-engine + with: + full_repository: ${{ github.event.inputs.full_repository }} + head_ref: ${{ github.event.inputs.head_ref }} + base_ref: ${{ github.event.inputs.base_ref }} + client_payload: ${{ github.event.inputs.client_payload }} + installation_id: ${{ github.event.inputs.installation_id }} + resolver_url: ${{ github.event.inputs.resolver_url }} + resolver_token: ${{ github.event.inputs.resolver_token }} diff --git a/README.md b/README.md index 3fc7eb4..4f5988b 100644 --- a/README.md +++ b/README.md @@ -55,12 +55,12 @@ among other resources that are used in different projects here at [NaN Labs](htt ## Apps and Boilerplates -| Name | Description | Keywords | -| ---------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [Automation Seed](https://github.com/nanlabs/automation-seed) | Automation Seed is a e2e automation framework built on top of WebdriverIO v7 and Selenium that uses Selenoid for execution | _Automation_, _Selenium_, _WebdriverIO_, _Selenoid_, _Allure_, _Typescript_, _GitHub Actions_, _GitHub Pages_ | -| [AWS Glue ETL Boilerplate](https://github.com/nanlabs/aws-glue-etl-boilerplate) | A complete example of an AWS Glue ETL job that uses the [Serverless Framework](https://www.serverless.com/) to deploy the infrastructure and DevContainers and/or Docker Compose to run the application locally with AWS Glue Libs, Spark, Jupyter Notebook, AWS CLI, among other tools. It provides jobs using Python Shell and PySpark. | _Python_, _AWS_, _Glue_, _ETL_, _Serverless_, _DevContainers_, _Docker Compose_ | -| [Basic AWS Glue ETL example app](https://github.com/nanlabs/devops-reference/tree/main/examples/serverless-glue-full-boilerplate/) | A basic but useful example of an AWS Glue application that uses the [Serverless Framework](https://www.serverless.com/) to deploy the infrastructure and DevContainers and/or Docker Compose to run the application locally with AWS Glue Libs, Spark, Jupyter Notebook, AWS CLI, among other tools. It provides jobs using Python Shell and PySpark. | _Python_, _AWS_, _Glue_, _ETL_, _Serverless_, _DevContainers_, _Docker Compose_ | -| [Terraform AWS Starter](https://github.com/nanlabs/terraform-aws-starter) | Get started quickly with AWS infrastructure using a robust Terraform starter kit incorporating secure state management, VPC configuration, security groups, RDS provisioning, secrets management, SSM parameter store, and GitHub Actions integration! | _Terraform_, _Terraform Modules_, _Infrastructure as Code_, _AWS_, _VPC_, _RDS_, _RDS Aurora_, _MongoDB_, _GitHub Actions_, _SSM Parameter Store_, _Secrets Management_, _Security Groups_, _Super Linter_ | +| Name | Description | Keywords | +| ---------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| [Automation Seed](https://github.com/nanlabs/automation-seed) | A robust end-to-end automation framework built on WebdriverIO v7 and Selenium, leveraging Selenoid for execution. It includes features like Allure reporting, TypeScript support, and CI/CD integration with GitHub Actions. | _Automation Framework_, _Selenium_, _WebdriverIO_, _Selenoid_, _Allure Reporting_, _TypeScript_, _GitHub Actions_, _GitHub Pages_ | +| [AWS Glue ETL Boilerplate](https://github.com/nanlabs/aws-glue-etl-boilerplate) | A comprehensive boilerplate for AWS Glue ETL jobs, featuring infrastructure deployment with the Serverless Framework and local development using DevContainers or Docker Compose. Includes Python Shell and PySpark job examples. | _AWS Glue_, _ETL_, _Python_, _PySpark_, _Serverless Framework_, _DevContainers_, _Docker Compose_, _Jupyter Notebook_ | +| [Basic AWS Glue ETL example app](https://github.com/nanlabs/devops-reference/tree/main/examples/serverless-glue-full-boilerplate/) | A simplified yet practical example of an AWS Glue application. It uses the Serverless Framework for infrastructure deployment and supports local development with DevContainers or Docker Compose. | _AWS Glue_, _ETL_, _Python_, _PySpark_, _Serverless Framework_, _DevContainers_, _Docker Compose_, _Jupyter Notebook_ | +| [Terraform AWS Starter](https://github.com/nanlabs/terraform-aws-starter) | Get started quickly with AWS infrastructure using a robust Terraform starter kit incorporating secure state management, VPC configuration, security groups, RDS provisioning, secrets management, SSM parameter store, and GitHub Actions integration! | _Terraform_, _Terraform Modules_, _Infrastructure as Code_, _AWS_, _VPC_, _RDS_, _RDS Aurora_, _MongoDB_, _GitHub Actions_, _SSM Parameter Store_, _Secrets Management_, _Security Groups_, _Super Linter_ | ## Examples @@ -68,36 +68,36 @@ among other resources that are used in different projects here at [NaN Labs](htt #### A/B Testing -| Name | Description | Keywords | -| -------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------- | -| [AWS CloudWatch Evidently](https://github.com/nanlabs/devops-reference/tree/main/examples/aws-cloudwatch-evidently/) | A complete analysis of the service and a Proof of Concept on how to integrate it with a Node.js application. | _Node.js_, _AWS_, _CloudWatch_, _CloudWatch Evidently_, _A/B Testing_, _Feature Flags_ | -| [Feature flags post by Atlassian](https://www.atlassian.com/continuous-delivery/principles/feature-flags) | How to progressively expose your features with feature flags by IAN BUCHANNAN. | _Feature Flags_ | +| Name | Description | Keywords | +| -------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- | +| [AWS CloudWatch Evidently](https://github.com/nanlabs/devops-reference/tree/main/examples/aws-cloudwatch-evidently/) | An in-depth analysis and proof of concept demonstrating how to integrate AWS CloudWatch Evidently with a Node.js application for A/B testing and feature flag management. | _AWS CloudWatch_, _CloudWatch Evidently_, _A/B Testing_, _Feature Flags_, _Node.js_ | +| [Feature flags post by Atlassian](https://www.atlassian.com/continuous-delivery/principles/feature-flags) | A guide by Atlassian on progressively exposing features using feature flags, authored by Ian Buchanan. | _Feature Flags_, _Best Practices_ | #### Shell Scripting and CLI Tools -| Name | Description | Keywords | -| ---------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | -| [Bash as a Wrapper Utility](https://github.com/nanlabs/devops-reference/tree/main/examples/bash-as-a-wrapper-utility-basic/) | Bash as a wrapper utility for other languages and tools. | _Shell Scripting_, _Utilities_ | -| [Bash as a Wrapper Utility with Easy Options](https://github.com/nanlabs/devops-reference/tree/main/examples/bash-as-a-wrapper-utility-with-easy-options/) | Bash as a wrapper utility for other languages and tools using Easy Options. | _Shell Scripting_, _Utilities_, _Easy Options_ | -| [Parsing Shell Script Arguments with Easy Options](https://github.com/nanlabs/devops-reference/tree/main/examples/easy-options/) | Easy options for shell scripts. | _Shell Scripting_, _Utilities_, _Easy Options_ | -| [ShellCheck for Shell Scripting](https://github.com/nanlabs/devops-reference/tree/main/examples/shellcheck-for-shell-scripting) | Learn how to use ShellCheck to lint your shell scripts and catch potential issues before they become a problem. | _Tutorial_, _ShellCheck_, _Shell Scripting_, _Automation_ | -| [When to use Shell Scripts](https://google.github.io/styleguide/shellguide.html#when-to-use-shell) | A guide from Google on when to use shell scripts. | _Shell Scripting_, _Utilities_ | +| Name | Description | Keywords | +| ---------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | +| [Bash as a Wrapper Utility](https://github.com/nanlabs/devops-reference/tree/main/examples/bash-as-a-wrapper-utility-basic/) | An example showcasing how to use Bash as a wrapper utility for other languages and tools, enhancing script reusability and modularity. | _Shell Scripting_, _Utilities_, _Bash_ | +| [Bash as a Wrapper Utility with Easy Options](https://github.com/nanlabs/devops-reference/tree/main/examples/bash-as-a-wrapper-utility-with-easy-options/) | An advanced example of using Bash as a wrapper utility, incorporating Easy Options for argument parsing. | _Shell Scripting_, _Utilities_, _Easy Options_, _Bash_ | +| [Parsing Shell Script Arguments with Easy Options](https://github.com/nanlabs/devops-reference/tree/main/examples/easy-options/) | An example demonstrating how to simplify shell script argument parsing using the Easy Options library. | _Shell Scripting_, _Utilities_, _Easy Options_ | +| [ShellCheck for Shell Scripting](https://github.com/nanlabs/devops-reference/tree/main/examples/shellcheck-for-shell-scripting) | Learn how to use ShellCheck to lint your shell scripts and catch potential issues before they become a problem. | _Tutorial_, _ShellCheck_, _Shell Scripting_, _Automation_ | +| [When to use Shell Scripts](https://google.github.io/styleguide/shellguide.html#when-to-use-shell) | A Google guide outlining best practices for determining when to use shell scripts in development and operations. | _Shell Scripting_, _Best Practices_, _Utilities_ | #### Continuous Integration, Delivery and Deployment -| Name | Description | Keywords | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------- | -| [Actionlint Playground](https://rhysd.github.io/actionlint/) | Static checker for GitHub Actions workflow files. | _GitHub Actions_, _Actionlint_ | -| [Automate Pull Requests Reviews using Danger](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/pr-review.yml) | This workflow automates the initial review of Pull Requests using [Danger.js](https://danger.systems/js/). This provides another logical step in your build, through this Danger can help lint your rote tasks in daily code review. You can use Danger to codify your teams norms. Leaving humans to think about harder problems. | _GitHub Actions_, _Danger.js_ | -| [Automating Pull Request Review using DangerJS and GitHub Actions](https://github.com/nanlabs/devops-reference/tree/main/examples/github-actions-with-dangerjs) | Learn how to automate Pull Request (PR) reviews using DangerJS and GitHub Actions. Automating PR reviews helps enforce coding standards, catch potential issues, and improve code quality in your GitHub repository. | _Tutorial_, _GitHub Actions_, _DangerJS_, _Pull Request_, _Automation_ | -| [Automation Seed example](https://github.com/nanlabs/automation-seed/tree/main/.github/workflows) | Different workflows to validate the code and deploy an automation report page. | _GitHub Actions_, _Automation_ | -| [Markdown Lint](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/markdownlint.yml) | This workflow validates the Markdown files in the repository using the [markdownlint action](https://github.com/marketplace/actions/markdown-lint). | _GitHub Actions_, _Markdown Lint_ | -| [React Boilerplate](https://github.com/nanlabs/react-boilerplate/tree/main/.github/workflows) | Different workflows to validate the code and deploy a React application. | _GitHub Actions_, _React_ | -| [Shell Check](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/shellcheck.yml) | This workflow validates the shell scripts in the repository using the [shellcheck action](https://github.com/ludeeus/action-shellcheck). | _GitHub Actions_, _Shell Check_ | -| [Terraform Check](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/tf-check.yml) | This workflow validates the Terraform files in the repository using the [terraform action](https://github.com/dflook/terraform-fmt-check). | _GitHub Actions_, _Terraform_ | -| [The Ultimate Guide to Code Review Tools](https://github.com/nanlabs/devops-reference/tree/main/examples/the-ultimate-guide-to-code-review-tools) | A guide where we present a curated selection of modern tools designed to revolutionize your code review process! | _Code Review_, _Code Review Tools_ | -| [The Ultimate Guide to Pull Requests and Code Reviews](https://github.com/nanlabs/devops-reference/tree/main/examples/the-ultimate-guide-to-pull-requests-and-code-reviews) | Comprehensive guide on creating effective pull requests and conducting thorough code reviews. This guide provides an overview of best practices, common pitfalls, and tools to automate and streamline the review process. | _Pull Requests_, _Code Reviews_, _Best Practices_, _Automation_, _GitHub Actions_, _DangerJS_ | -| [TODOs to GitHub Issues](https://github.com/nanlabs/devops-reference/tree/main/examples/github-actions-todo-to-issue/) | This tutorial shows how to create a GitHub Action that converts TODO comments into GitHub issues. | _GitHub Actions_, _TODOs_, _Issues_ | +| Name | Description | Keywords | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------- | +| [Actionlint Playground](https://rhysd.github.io/actionlint/) | A static checker for GitHub Actions workflow files, helping to identify syntax and logic issues. | _GitHub Actions_, _Actionlint_, _CI/CD_ | +| [Automate Pull Requests Reviews using Danger](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/pr-review.yml) | This workflow automates the initial review of Pull Requests using Danger.js. It helps lint rote tasks in daily code review and codifies team norms. | _GitHub Actions_, _Danger.js_, _Code Review_, _Automation_ | +| [Automating Pull Request Review using DangerJS and GitHub Actions](https://github.com/nanlabs/devops-reference/tree/main/examples/github-actions-with-dangerjs) | Learn how to automate Pull Request (PR) reviews using DangerJS and GitHub Actions. Automating PR reviews helps enforce coding standards, catch potential issues, and improve code quality in your GitHub repository. | _Tutorial_, _GitHub Actions_, _DangerJS_, _Pull Request_, _Automation_ | +| [Automation Seed example](https://github.com/nanlabs/automation-seed/tree/main/.github/workflows) | Different workflows to validate the code and deploy an automation report page. | _GitHub Actions_, _Automation_, _CI/CD_ | +| [Markdown Lint](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/markdownlint.yml) | This workflow validates the Markdown files in the repository using the markdownlint action. | _GitHub Actions_, _Markdown Lint_, _CI/CD_ | +| [React Boilerplate](https://github.com/nanlabs/react-boilerplate/tree/main/.github/workflows) | Different workflows to validate the code and deploy a React application. | _GitHub Actions_, _React_, _CI/CD_ | +| [Shell Check](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/shellcheck.yml) | This workflow validates the shell scripts in the repository using the shellcheck action. | _GitHub Actions_, _Shell Check_, _CI/CD_ | +| [Terraform Check](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/tf-check.yml) | This workflow validates the Terraform files in the repository using the terraform action. | _GitHub Actions_, _Terraform_, _CI/CD_ | +| [The Ultimate Guide to Code Review Tools](https://github.com/nanlabs/devops-reference/tree/main/examples/the-ultimate-guide-to-code-review-tools) | A guide where we present a curated selection of modern tools designed to revolutionize your code review process! | _Code Review_, _Code Review Tools_ | +| [The Ultimate Guide to Pull Requests and Code Reviews](https://github.com/nanlabs/devops-reference/tree/main/examples/the-ultimate-guide-to-pull-requests-and-code-reviews) | Comprehensive guide on creating effective pull requests and conducting thorough code reviews. This guide provides an overview of best practices, common pitfalls, and tools to automate and streamline the review process. | _Pull Requests_, _Code Reviews_, _Best Practices_, _Automation_, _GitHub Actions_, _DangerJS_ | +| [TODOs to GitHub Issues](https://github.com/nanlabs/devops-reference/tree/main/examples/github-actions-todo-to-issue/) | This tutorial shows how to create a GitHub Action that converts TODO comments into GitHub issues. | _GitHub Actions_, _TODOs_, _Issues_, _Automation_ | #### Containers, Orchestration and Serverless @@ -129,18 +129,22 @@ among other resources that are used in different projects here at [NaN Labs](htt ##### Kubernetes -| Name | Description | Keywords | -| ------------------------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- | -| [Ingress](https://github.com/nanlabs/devops-reference/tree/main/examples/kubernetes-ingress-example/) | Ingress example using NGINX Ingress Controller. You can run this example locally using [Minikube](https://minikube.sigs.k8s.io/docs/start/). | _Kubernetes_, _Ingress_, _NGINX Ingress Controller_ | -| [Tilt + Minikube Development Environment](https://github.com/nanlabs/devops-reference/tree/main/examples/kubernetes-tilt-dev/) | Seamless, efficient, and developer-friendly Kubernetes development environment using Tilt and Minikube. | _Kubernetes_, _Tilt_, _Minikube_, _Development Environment_, _MicroServices_ | +| Name | Description | Keywords | +| -------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- | +| [aws-eks (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-eks) | Opinionated wrapper for EKS clusters with VPC CNI optimization, node group management, OIDC integration, and production-ready defaults. | _Kubernetes_, _OIDC_, _Node Groups_, _Monitoring_ | +| [Ingress](https://github.com/nanlabs/devops-reference/tree/main/examples/kubernetes-ingress-example/) | Ingress example using NGINX Ingress Controller. You can run this example locally using [Minikube](https://minikube.sigs.k8s.io/docs/start/). | _Kubernetes_, _Ingress_, _NGINX Ingress Controller_ | +| [Medium Complexity Infrastructure (Terraform Example)](https://github.com/nanlabs/terraform-modules/tree/main/examples/medium-complexity-infrastructure) | Medium-complexity setup with EKS, RDS, Bastion, and custom IAM. Shows microservices infrastructure with best practices. | _Kubernetes_, _Database_, _Bastion_, _IAM_ | +| [Tilt + Minikube Development Environment](https://github.com/nanlabs/devops-reference/tree/main/examples/kubernetes-tilt-dev/) | Seamless, efficient, and developer-friendly Kubernetes development environment using Tilt and Minikube. | _Kubernetes_, _Tilt_, _Minikube_, _Development Environment_, _MicroServices_ | #### Low Code solutions ##### AWS Amplify -| Name | Description | Keywords | -| -------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------- | ------------------------------------ | -| [AWS Amplify + NextJS 13](https://github.com/nanlabs/devops-reference/tree/main/examples/amplify-nextjs-deployment/) | AWS Amplify example to deploy a NextJS v13 application to the Cloud. | _AWS Amplify_, _NextJS_, _NextJS 13_ | +| Name | Description | Keywords | +| -------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------ | +| [AWS Amplify + NextJS 13](https://github.com/nanlabs/devops-reference/tree/main/examples/amplify-nextjs-deployment/) | AWS Amplify example to deploy a NextJS v13 application to the Cloud. | _AWS Amplify_, _NextJS_, _NextJS 13_ | +| [aws-amplify-app (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-amplify-app) | Opinionated wrapper for AWS Amplify App with integrated GitHub PAT management, optimized for React/Node.js apps. | _Frontend_, _CI/CD_, _GitHub Integration_, _Parameter Store_ | +| [Simple Web App (Terraform Example)](https://github.com/nanlabs/terraform-modules/tree/main/examples/simple-web-app) | Deploy a simple web application using AWS Amplify and a custom VPC. Demonstrates frontend hosting, GitHub integration, and secure infrastructure. | _Frontend_, _Amplify_, _VPC_, _Parameter Store_ | #### Infrastructure as Code @@ -174,11 +178,27 @@ among other resources that are used in different projects here at [NaN Labs](htt | Name | Description | Keywords | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| [aws-amplify-app (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-amplify-app) | Opinionated wrapper for AWS Amplify App with integrated GitHub PAT management, optimized for React/Node.js apps. | _Frontend_, _CI/CD_, _GitHub Integration_, _Parameter Store_ | +| [aws-bastion (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-bastion) | Custom implementation for a secure, zero-trust bastion host using SSM, EC2 Instance Connect, VPC endpoints, and CloudWatch logging. | _Security_, _Zero Trust_, _Session Manager_, _CloudWatch_ | +| [aws-docdb (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-docdb) | Custom DocumentDB cluster module with integrated AWS Secrets Manager, SSM Parameter Store, and production-ready defaults. | _Database_, _Secrets Manager_, _SSM_, _Security_ | +| [aws-eks (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-eks) | Opinionated wrapper for EKS clusters with VPC CNI optimization, node group management, OIDC integration, and production-ready defaults. | _Kubernetes_, _OIDC_, _Node Groups_, _Monitoring_ | +| [aws-iam-role (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-iam-role) | Flexible IAM role module supporting custom trust policies, inline/managed policies, and advanced security conditions. | _IAM_, _Security_, _Policies_, _RBAC_ | +| [aws-msk (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-msk) | Opinionated wrapper for Amazon MSK (Kafka) with enhanced security, DNS integration, logging, and production defaults. | _Streaming_, _Security_, _DNS_, _Logging_ | +| [aws-rds (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-rds) | Complete wrapper for RDS with enhanced security, monitoring, SSM Parameter Store integration, and simplified configuration for PostgreSQL/MySQL. | _Database_, _Parameter Store_, _Security_, _Monitoring_ | +| [aws-rds-aurora (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-rds-aurora) | Fully customizable wrapper for Aurora clusters, supporting Serverless v2, SSM integration, and production-grade configuration. | _Database_, _Aurora_, _Serverless_, _SSM_ | +| [aws-vpc (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/aws-vpc) | Complete wrapper around the official terraform-aws-modules/vpc/aws module with opinionated defaults, security best practices, and SSM Parameter Store integration. | _Networking_, _Parameter Store_, _Security_, _Best Practices_ | +| [Complete Enterprise Setup (Terraform Example)](https://github.com/nanlabs/terraform-modules/tree/main/examples/complete-enterprise-setup) | Enterprise-grade infrastructure example with EKS, Aurora, MSK, DocumentDB, Bastion, IAM, monitoring, and security best practices. | _EKS_, _Aurora_, _MSK_, _DocumentDB_, _Bastion_, _IAM_, _Monitoring_ | +| [Medium Complexity Infrastructure (Terraform Example)](https://github.com/nanlabs/terraform-modules/tree/main/examples/medium-complexity-infrastructure) | Medium-complexity setup with EKS, RDS, Bastion, and custom IAM. Shows microservices infrastructure with best practices. | _Kubernetes_, _Database_, _Bastion_, _IAM_ | +| [mongodb-atlas-cluster (Terraform Module)](https://github.com/nanlabs/terraform-modules/tree/main/modules/mongodb-atlas-cluster) | Custom MongoDB Atlas cluster module with project/team management, VPC peering, AWS integration, and secure connection details. | _Database_, _Atlas_, _VPC Peering_, _Secrets Manager_, _SSM_ | +| [nanlabs/terraform-modules](https://github.com/nanlabs/terraform-modules) | A comprehensive collection of reusable, production-ready Terraform modules and infrastructure examples for AWS and MongoDB Atlas, following best practices for security, scalability, and cost optimization. | _Modules Library_, _Examples_, _Best Practices_, _Production Ready_ | +| [Simple Web App (Terraform Example)](https://github.com/nanlabs/terraform-modules/tree/main/examples/simple-web-app) | Deploy a simple web application using AWS Amplify and a custom VPC. Demonstrates frontend hosting, GitHub integration, and secure infrastructure. | _Frontend_, _Amplify_, _VPC_, _Parameter Store_ | | [Terraform AWS Minecraft Server](https://github.com/nanlabs/devops-reference/tree/main/examples/terraform-aws-minecraft-server/) | Terraform example to deploy a Minecraft server in AWS EC2 instance using Docker. | _Terraform_, _AWS_, _Minecraft_, _Docker_, _EC2_ | | [Terraform AWS RDS Postgres instance](https://github.com/nanlabs/devops-reference/tree/main/examples/terraform-vpc-rds-instance-bastion-starter/modules/rds) | Terraform module for creating AWS RDS Postgres instance. | _Terraform_, _AWS_, _RDS_ | | [Terraform AWS Starter](https://github.com/nanlabs/terraform-aws-starter) | Get started quickly with AWS infrastructure using a robust Terraform starter kit incorporating secure state management, VPC configuration, security groups, RDS provisioning, secrets management, SSM parameter store, and GitHub Actions integration! | _Terraform_, _Terraform Modules_, _Infrastructure as Code_, _AWS_, _VPC_, _RDS_, _RDS Aurora_, _MongoDB_, _GitHub Actions_, _SSM Parameter Store_, _Secrets Management_, _Security Groups_, _Super Linter_ | | [Terraform AWS VPC resources](https://github.com/nanlabs/devops-reference/tree/main/examples/terraform-vpc-rds-instance-bastion-starter/modules/vpc) | Terraform module for creating AWS VPC resources. | _Terraform_, _AWS_, _VPC_ | | [Terraform Bastion Host](https://github.com/nanlabs/devops-reference/tree/main/examples/terraform-vpc-rds-instance-bastion-starter/modules/bastion) | Terraform module which creates an EC2 instance acting as a bastion host | _Terraform_, _AWS_, _Bastion_ | +| [Terraform Examples by nanlabs](https://github.com/nanlabs/terraform-modules/tree/main/examples) | End-to-end infrastructure examples using the nanlabs Terraform modules, covering simple web apps, medium-complexity microservices, and full enterprise setups. | _simple-web-app_, _medium-complexity-infrastructure_, _complete-enterprise-setup_ | +| [Terraform Modules by nanlabs](https://github.com/nanlabs/terraform-modules/tree/main/modules) | Battle-tested, security-first, and cost-optimized Terraform modules for AWS and MongoDB Atlas. Includes VPC, EKS, RDS, Aurora, MSK, Bastion, IAM, Amplify, and more. | _aws-vpc_, _aws-eks_, _aws-rds_, _aws-rds-aurora_, _aws-msk_, _aws-bastion_, _aws-docdb_, _aws-iam-role_, _aws-amplify-app_, _mongodb-atlas-cluster_ | | [Terraform Starter Kit for AWS VPC, RDS instance, and Bastion Host](https://github.com/nanlabs/devops-reference/tree/main/examples/terraform-vpc-rds-instance-bastion-starter) | Terraform Starter kit for creating AWS infrastructure using Terraform that contains a VPC, RDS instance, and a bastion host. | _Terraform_, _AWS_, _VPC_, _RDS_, _Bastion_ | | [Using Serverless Framework with Terraform](https://github.com/nanlabs/devops-reference/tree/main/examples/serverless-terraform-example) | The definitive example of how to use Terraform and Serverless Framework together. | _Serverless Framework_, _Terraform_, _AWS_ | @@ -215,17 +235,17 @@ among other resources that are used in different projects here at [NaN Labs](htt | Name | Description | Keywords | | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [Automate Pull Requests Reviews using Danger](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/pr-review.yml) | This workflow automates the initial review of Pull Requests using [Danger.js](https://danger.systems/js/). This provides another logical step in your build, through this Danger can help lint your rote tasks in daily code review. You can use Danger to codify your teams norms. Leaving humans to think about harder problems. | _GitHub Actions_, _Danger.js_ | +| [Automate Pull Requests Reviews using Danger](https://github.com/nanlabs/devops-reference/tree/main/.github/workflows/pr-review.yml) | This workflow automates the initial review of Pull Requests using Danger.js. It helps lint rote tasks in daily code review and codifies team norms. | _GitHub Actions_, _Danger.js_, _Code Review_, _Automation_ | | [Embracing the Power of LocalStack for AWS Emulation](https://github.com/nanlabs/devops-reference/tree/main/examples/embracing-the-power-of-localstack-for-aws-emulation) | A comprehensive guide highlighting the benefits of using LocalStack for AWS service emulation. The blog post covers various LocalStack examples for Docker and Serverless setups and explores its application in local development, CI, and more. | _LocalStack_, _AWS_, _Docker_, _Serverless_, _DevOps_, _CI_, _Local Development_ | | [Exploring DevContainers: A Versatile Development Environment Solution](https://github.com/nanlabs/devops-reference/tree/main/examples/devcontainers-intro/) | Introduction to Development Containers (DevContainers), a solution to create development environments with a unique approach to address specific development environment needs | _DevContainer_, _VSCode DevContainer_, _GitHub Codespaces_, _Docker_, _Docker Compose_ | -| [Feature flags post by Atlassian](https://www.atlassian.com/continuous-delivery/principles/feature-flags) | How to progressively expose your features with feature flags by IAN BUCHANNAN. | _Feature Flags_ | +| [Feature flags post by Atlassian](https://www.atlassian.com/continuous-delivery/principles/feature-flags) | A guide by Atlassian on progressively exposing features using feature flags, authored by Ian Buchanan. | _Feature Flags_, _Best Practices_ | | [The Ultimate Guide to Code Review Tools](https://github.com/nanlabs/devops-reference/tree/main/examples/the-ultimate-guide-to-code-review-tools) | A guide where we present a curated selection of modern tools designed to revolutionize your code review process! | _Code Review_, _Code Review Tools_ | | [The Ultimate Guide to Pull Requests and Code Reviews](https://github.com/nanlabs/devops-reference/tree/main/examples/the-ultimate-guide-to-pull-requests-and-code-reviews) | Comprehensive guide on creating effective pull requests and conducting thorough code reviews. This guide provides an overview of best practices, common pitfalls, and tools to automate and streamline the review process. | _Pull Requests_, _Code Reviews_, _Best Practices_, _Automation_, _GitHub Actions_, _DangerJS_ | | [The Ultimate Guide to Secrets Management for Developers](https://github.com/nanlabs/devops-reference/tree/main/examples/the-ultimate-guide-to-secrets-management-for-developers) | Unlock the arcane art of secrets management with our comprehensive guide! Tailored for the average dev, this post is a treasure map leading to the best practices for storing and accessing sensitive data. Learn to navigate tools like AWS Parameter Store, `direnv`, `teller`, and more, with easy-to-follow examples that bring the theory to life. Perfect for those who've never realized the gravity of a leaked secret, this guide will be your enchanted scroll of wisdom. | _Secrets Management_, _Cloud Secrets Management_, _direnv_, _teller_, _Security_, _DevOps_, _Best Practices_, _Environment Variables_, _Encryption_, _SOPS_, _Secure Configuration_ | | [Tilt + Minikube Development Environment](https://github.com/nanlabs/devops-reference/tree/main/examples/kubernetes-tilt-dev/) | Seamless, efficient, and developer-friendly Kubernetes development environment using Tilt and Minikube. | _Kubernetes_, _Tilt_, _Minikube_, _Development Environment_, _MicroServices_ | -| [TODOs to GitHub Issues](https://github.com/nanlabs/devops-reference/tree/main/examples/github-actions-todo-to-issue/) | This tutorial shows how to create a GitHub Action that converts TODO comments into GitHub issues. | _GitHub Actions_, _TODOs_, _Issues_ | +| [TODOs to GitHub Issues](https://github.com/nanlabs/devops-reference/tree/main/examples/github-actions-todo-to-issue/) | This tutorial shows how to create a GitHub Action that converts TODO comments into GitHub issues. | _GitHub Actions_, _TODOs_, _Issues_, _Automation_ | | [Using Serverless Framework with Terraform](https://github.com/nanlabs/devops-reference/tree/main/examples/serverless-terraform-example) | The definitive example of how to use Terraform and Serverless Framework together. | _Serverless Framework_, _Terraform_, _AWS_ | -| [When to use Shell Scripts](https://google.github.io/styleguide/shellguide.html#when-to-use-shell) | A guide from Google on when to use shell scripts. | _Shell Scripting_, _Utilities_ | +| [When to use Shell Scripts](https://google.github.io/styleguide/shellguide.html#when-to-use-shell) | A Google guide outlining best practices for determining when to use shell scripts in development and operations. | _Shell Scripting_, _Best Practices_, _Utilities_ | ## Contributing diff --git a/examples/the-ultimate-guide-to-code-review-tools/README.md b/examples/the-ultimate-guide-to-code-review-tools/README.md index 1a61d80..a7eeb6d 100644 --- a/examples/the-ultimate-guide-to-code-review-tools/README.md +++ b/examples/the-ultimate-guide-to-code-review-tools/README.md @@ -107,6 +107,65 @@ GitHub Copilot for Code Reviews isn't just an AI tool; it's your smart coding co - **AI Imperfections**: It's smart, but not perfect. - **Understanding AI**: Knowing its capabilities and limitations is key. +## 🧩 LinearB gitStream +> Automation Powerhouse — but at a Cost + +gitStream offers a highly configurable, automation-heavy approach to improving pull requests. It shines when you know exactly what you want to enforce, but it demands more time and process maturity than most tools. + +### Why LinearB Stands Out + +- *Extensive Automations:* A large catalog of rules, triggers, and workflows you can tailor to almost any PR scenario. + +- *Strong When Paired with LinearB:* Delivers more value when used together with LinearB metrics and workflow tools. + +- *Deep Configurability:* If your team has mature processes and clear standards, gitStream lets you enforce them precisely. + +### But Keep in Mind +- *Expensive:* Best suited for larger teams that can justify the cost through advanced metrics and automation needs. + +- *Hard Initial Setup:* Requires significant time investment. If you’re not sure what to configure, it’s easy to get lost. + +- *Visual Overload:* Feedback can get buried or feel scattered inside the PR. + +- *Partial Detection:* In our tests, it detected only some code smells and security issues—not all of them. + +### gitStream in Action +Ideal for teams with stable branching strategies, well-defined workflows, and a need for strict, automated governance. Less helpful for small teams or evolving processes. + +You can see gitStream in action in the following Pull Request: + +- [gitStream Code Review Example](https://github.com/rosariosm/devops-reference/pull/4) + +To test the tool, a set of intentionally "smelly" files were created in the [`code-review-benchmark`](./code-review-benchmark) folder, containing code smells, poor patterns, and security vulnerabilities. + +## 🌿 Qodo Merge +> Lightweight, Clean, and Surprisingly Pleasant to Use +Qodo Merge focuses on providing a simple, clean, AI-assisted review experience with minimal setup effort. + +### Why Qodo Merge Is Great + +- *Very Easy to Set Up:* You can get started quickly without dealing with heavy configuration. + +- *Great Visual Experience:* Results feel cleaner and more readable compared to other tools. + +- *Lower Configuration Load:* Less to tweak, less to maintain. + +- *Free for Open Source:* A strong advantage for public repos. + +### But Keep in Mind +- *Shallow Detection:* Similar to gitStream, it only caught a subset of code smells and security issues in our tests. + +- *Less Control:* With fewer configuration options, it’s harder to enforce advanced or highly specific workflows. + +### Qodo Merge in Action + +Great when you want a no-friction, visually clean solution that “just works,” without the overhead of more complex tools. + +You can see Qodo Merge in action in the following Pull Request: + +- [Qodo Merge Code Review Example](https://github.com/rosariosm/devops-reference/pull/2) + +The same smelly and insecure test files from the [`code-review-benchmark`](./code-review-benchmark) folder used for gitStream were also used to evaluate Qodo Merge. --- Feel the power of modern code review tools and choose the one that fits your team's needs. Dive in and revolutionize your code review process today! diff --git a/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/README.md b/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/README.md new file mode 100644 index 0000000..b596561 --- /dev/null +++ b/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/README.md @@ -0,0 +1,63 @@ +# Code Review Benchmark Examples + +This directory contains minimal TypeScript example files designed for benchmarking AI code review tools on GitHub. These files are **not intended to be run or compiled** - they are standalone examples for testing how well code review tools can identify issues. + +## Overview + +Each file is 40-80 lines of realistic code in a payment/order processing domain. The code includes JSDoc comments describing the intended behavior, but the implementations contain subtle (and not-so-subtle) bugs and issues. + +## Files + +### `logic-example.ts` + +**Focus:** Logic errors and bugs + +This file contains various logic errors that would cause incorrect behavior at runtime: + +- Boundary condition errors (off-by-one mistakes) +- Incorrect aggregation calculations +- Boolean logic errors +- Edge case handling problems (empty arrays, null values) +- Incorrect comparison operators + +The code looks reasonable at first glance but contains bugs that would be caught during careful code review or testing. + +### `security-example.ts` + +**Focus:** Security vulnerabilities + +This file contains security flaws in otherwise functional-looking code: + +- SQL injection vulnerabilities through string concatenation +- Unsafe handling of user input without validation +- Sensitive information leakage in error messages and logs +- Insecure password storage (plain text) +- Hard-coded secrets and API keys in source code + +The logic is mostly correct, but the security issues would pose significant risks in production. + +### `maintainability-example.ts` + +**Focus:** Code quality and maintainability issues + +This file contains code that "works" but is difficult to maintain: + +- Very long functions doing multiple things (violating single responsibility) +- Poor variable naming (generic names like `data`, `result1`) +- Code duplication across different functions +- Mixed concerns (business logic, formatting, I/O operations all in one function) +- Inconsistent coding style (mixing async/await with raw promises) + +The behavior is mostly correct, but the code structure clearly needs refactoring for better maintainability. + +## Usage + +These files are designed to be used as test cases for evaluating AI code review tools on GitHub (such as CodeRabbit, GitHub Copilot, LinearB gitStream, etc.). Review each file and identify: + +1. **Logic issues** - What bugs would cause incorrect behavior? +2. **Security issues** - What vulnerabilities could be exploited? +3. **Maintainability issues** - What refactoring would improve the code? + +## Note + +These examples are intentionally flawed for benchmarking purposes. Do not use this code in production environments. No build tools or dependencies are required - these are standalone TypeScript files for code review analysis only. diff --git a/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/logic-example.ts b/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/logic-example.ts new file mode 100644 index 0000000..d059da2 --- /dev/null +++ b/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/logic-example.ts @@ -0,0 +1,57 @@ +/** + * Payment processing service for handling order payments. + * + * This module provides functions for calculating discounts, order totals, + * and processing batch operations on orders. + */ + +interface Order { + id: string; + items: OrderItem[]; + customerId: string; +} + +interface OrderItem { + id: string; + price: number; + quantity: number; + discount?: number; +} + +/** + * Calculates the total discount for an order. Applies a 10% discount if order total exceeds $100. + * + * @param order - The order to calculate discount for + * @returns The discount amount as a number + */ +export function calculateDiscount(order: Order): number { + const subtotal = order.items.reduce((sum, item) => sum + item.price * item.quantity, 0); + if (subtotal > 100) return subtotal * 0.1; + return 0; +} + +/** + * Calculates the final total for an order after discounts. + * + * @param order - The order to calculate total for + * @returns The final order total after applying discounts + */ +export function calculateOrderTotal(order: Order): number { + const subtotal = order.items.reduce((sum, item) => sum + item.price * item.quantity - (item.discount || 0), 0); + return subtotal - calculateDiscount(order); +} + +/** + * Processes a batch of orders and returns the average order value. + * + * @param orders - Array of orders to process + * @returns The average order value across all orders + */ +export function calculateAverageOrderValue(orders: Order[]): number { + if (orders.length === 0) return 0; + let total = 0; + for (let i = 0; i <= orders.length; i++) { + total += calculateOrderTotal(orders[i]); + } + return total / orders.length; +} diff --git a/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/maintainability-example.ts b/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/maintainability-example.ts new file mode 100644 index 0000000..e918a7e --- /dev/null +++ b/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/maintainability-example.ts @@ -0,0 +1,72 @@ +/** + * Order management service for processing and formatting orders. + * + * This module handles order processing, calculation, and notification workflows. + */ + +interface Order { + id: string; + items: OrderItem[]; + customerId: string; + status: string; +} + +interface OrderItem { + id: string; + name: string; + price: number; + quantity: number; +} + +/** + * Main function that processes an order, calculates totals, formats output, sends notifications, and updates the database all in one place. + * + * @param orderId - The unique identifier for the order + * @returns A formatted string representation of the processed order + */ +export function processOrder(orderId: string): string { + const order = getOrderFromDatabase(orderId); + if (!order) return 'Order not found'; + let subtotal = 0; + for (let i = 0; i < order.items.length; i++) { + subtotal = subtotal + order.items[i].price * order.items[i].quantity; + } + const tax = subtotal * 0.085; + let shipping = subtotal < 50 ? 5.99 : subtotal < 100 ? 3.99 : 0; + const total = subtotal + tax + shipping; + updateOrderStatus(orderId, 'processed'); + let result = `Order #${order.id}\nCustomer: ${order.customerId}\nItems:\n`; + for (let j = 0; j < order.items.length; j++) { + result += ` - ${order.items[j].name} x${order.items[j].quantity} @ $${order.items[j].price}\n`; + } + result += `Subtotal: $${subtotal.toFixed(2)}\nTax: $${tax.toFixed(2)}\nShipping: $${shipping.toFixed(2)}\nTotal: $${total.toFixed(2)}\n`; + sendEmailNotification(order.customerId, result); + console.log(`Order ${orderId} processed: ${result}`); + return result; +} + +function getOrderFromDatabase(orderId: string): Order | null { + return null; +} + +function updateOrderStatus(orderId: string, status: string): void { + console.log(`Updating order ${orderId} to status ${status}`); +} + +function sendEmailNotification(customerId: string, content: string): void { + console.log(`Sending email to ${customerId}: ${content}`); +} + +/** + * Calculates the total value of all items in an order. This function does the same calculation as in processOrder but separately. + * + * @param items - Array of order items to calculate total for + * @returns The total value of all items + */ +export function calculateItemsTotal(items: OrderItem[]): number { + let data = 0; + for (let i = 0; i < items.length; i++) { + data = data + items[i].price * items[i].quantity; + } + return data; +} diff --git a/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/security-example.ts b/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/security-example.ts new file mode 100644 index 0000000..a78a3b9 --- /dev/null +++ b/examples/the-ultimate-guide-to-code-review-tools/code-review-benchmark/security-example.ts @@ -0,0 +1,69 @@ +/** + * User authentication and payment processing service. + * + * This module handles user authentication, registration, and payment processing operations. + */ + +interface User { + id: string; + email: string; + password: string; + apiKey: string; +} + +interface PaymentRequest { + userId: string; + amount: number; + description: string; + recipientAccount: string; +} + +/** + * Authenticates a user by checking email and password. + * + * @param email - User's email address + * @param password - User's plain text password + * @returns User object if authentication succeeds, null otherwise + */ +export function authenticateUser(email: string, password: string): User | null { + const query = `SELECT * FROM users WHERE email = '${email}'`; + console.log(`Executing query: ${query}`); + const user: User | null = null; + if (!user) { + console.error(`Login failed for email: ${email} with password: ${password}`); + return null; + } + if (user.password === password) return user; + return null; +} + +/** + * Processes a payment request from a user. + * + * @param request - Payment request details + * @param userApiKey - API key for authentication + * @returns Success message if payment is processed + */ +export function processPayment(request: PaymentRequest, userApiKey: string): string { + const query = `SELECT id, email, password, api_key FROM users WHERE id = '${request.userId}'`; + console.log(`Fetching user: ${query}`); + const user: User | null = null; + if (!user) { + throw new Error(`User ${request.userId} not found. API key used: ${userApiKey}`); + } + if (user.apiKey !== userApiKey) return 'Invalid API key'; + const paymentQuery = `INSERT INTO payments (user_id, amount, description, recipient_account) VALUES ('${request.userId}', ${request.amount}, '${request.description}', '${request.recipientAccount}')`; + console.log(`Processing payment: ${paymentQuery}`); + return `Payment of $${request.amount} processed successfully`; +} + +/** + * Registers a new user account. + * + * @param email - User's email address + * @param password - User's plain text password (will be stored as-is) + * @returns Newly created user object with generated ID and API key + */ +export function registerUser(email: string, password: string): User { + return { id: `user_${Date.now()}_${Math.random()}`, email: email, password: password, apiKey: 'sk_live_51H3ll0W0rld_abc123xyz789_secret_key_do_not_share' }; +}