- Node LTS support (verified working on 20.x LTS release)
- Express server
- Postgres database with
pg - Logging with Winston and Morgan
- React client with Vite
- Client-side routing with React Router
- Linting with ESLint and Prettier
- Unit and integration testing with Vitest (with SuperTest and TestContainers)
- E2E testing with Playwright
- Dev mode (watch modes for client and server, proxy to avoid CORS issues)
- Production build (single deployment artifact)
- GitHub Actions pipeline
- Coolify, Google App Engine, Heroku, Render or Vercel deployment
- Docker build
Note if you have any problems setting up the starter kit, see the wiki and, if still not solved, post to
#cyf-full-stack-starter-kitin Slack.
Pick one member of the team to own the repository and pipeline. That person should do the following:
-
Click the "Use this template" button above (see GitHub's docs) to create your team repository and name it something appropriate for your project.
- Your repo should say "generated from", not "forked from", "CodeYourFuture/cyf-final-project-starter-kit" at the top
-
Make sure all of the project team are collaborators on the repository.
This repo will work with the Nixpack Node provider's defaults, so deployment should be straightforward.
-
Create a new project
-
In the default "production" environment, create a Postgresql database
- Choose the default type
- Once it has started up, copy the "Postgres URL (internal)"
-
Also in the default "production" environment, create a "Git Based > Public Repository" resource
- Choose your repository URL
- Under "Environment Variables", set
PGSSLMODEtodisableandDATABASE_URLto the URL you copied above - Under "Healthcheck", check "Enabled", set the Path to
/healthzand the Return Code to 301 - Under "Webhooks", copy the "Manual Git Webhooks > GitHub" URL then follow the link to "Webhook configuration on GitHub" to add this to your repo
- Use the command
python3 -c 'import secrets;print(secrets.token_hex(16))'to generate a good secret
- Use the command
- In your repo, click the "Deploy to Render" button in the relevant section of the README and log in using GitHub when prompted.
- Fill in a service group name for your application and then click "Apply".
- Once it has deployed successfully, click the "managed resources" link to view the application details.
Various scripts are provided in the package file, but many are helpers for other scripts; here are the ones you'll commonly use:
dev: starts the frontend and backend in dev mode, with file watching (note that the backend runs on port 3100, and the frontend is proxied to it).e2e: builds and starts the app in production mode and runs the Playwright tests against it.e2e:dev: builds and starts the app in dev mode and runs the Playwright tests against it.
lint: runs ESLint and Prettier against all the relevant files in the project.serve: builds and starts the app in production mode locally.ship: runslint, thentest, thene2e; ideal before agit push.test: runs the unit and integration tests.test:cover: runs the tests and outputs coverage data.
If the project handles any kind of Personally Identifiable Information (PII) then make sure the following principles are followed:
- Only collect strictly necessary PII;
- Access to PII should be as restricted as possible;
- Access to PII should only be possible after authentication. Authentication must be done via GitHub. Ad hoc authentication solutions are not allowed;
- Admins must be able to control who has access to the platform and at which levels using only GitHub groups;
- There must be an audit mechanism in place. It is required by law to know who accessed what and when;
- Code must be reviewed by senior developers before being pushed to production;
- APIs must be secure. Make sure we are not handling security on the frontend.