Task-Tracker-Lab · kapitulin24 · Apr 24, 2026 · Apr 24, 2026 · Apr 24, 2026
@@ -0,0 +1,72 @@
+# Зависимости (всегда ставим заново внутри контейнера)
+node_modules
+npm-debug.log
+yarn-error.log
+pnpm-debug.log
+
+# Сборка и кэш
+.next
+out
+dist
+build
+*.tsbuildinfo
+
+# Логи и отчеты
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+# Секреты и конфиги окружения
+.env
+.env.local
+.env.production
+.env.development
+.env.test
+.env*.local
+!.env.example
+
+# Тесты и покрытие
+coverage
+test-results
+__tests__
+*.test.ts
+*.test.tsx
+*.spec.ts
+*.spec.tsx
+
+# Docker файлы (не нужны внутри самого образа)
+Dockerfile
+Dockerfile.*
+docker-compose.yml
+docker-compose.*.yml
+.dockerignore
+
+# Git
+.git
+.gitignore
+.gitattributes
+
+# Редакторы и ОС
+.vscode
+.idea
+.DS_Store
+*.swp
+Thumbs.db
+
+# Прочее
+README.md
+LICENSE
+.github
+.husky
+
+# Storybook
+.storybook
+storybook-static
+temp-storybook
+*.stories.tsx
+*.stories.ts
+*.stories.mdx
@@ -0,0 +1,66 @@
+name: Build and Push
+
+on:
+  push:
+    branches: [dev, main, feat/**]
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install pnpm
+        uses: pnpm/action-setup@v3
+
+      - name: Get pnpm store directory
+        shell: bash
+        run: |
+          echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
+
+      - uses: actions/cache@v4
+        name: Setup pnpm cache
+        with:
+          path: ${{ env.STORE_PATH }}
+          key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-store-
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels)
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=sha,format=short
+            type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile.prod
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
@@ -0,0 +1,33 @@
+name: 'CodeQL'
+
+on:
+  push:
+    branches: [main, dev, feat/**, chore/**, build/**]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: '15 13 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: javascript-typescript
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
@@ -0,0 +1,18 @@
+name: release-please
+
+on:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  release-please:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: googleapis/release-please-action@v4
+        with:
+          release-type: node
@@ -0,0 +1,21 @@
+name: 'Close stale issues and PRs'
+
+on:
+  schedule:
+    - cron: '30 1 * * *'
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+    steps:
+      - uses: actions/stale@v9
+        with:
+          stale-issue-message: 'Эта задача давно не обновлялась. Она будет закрыта через 5
+            дней, если не появится новой активности.'
+          stale-pr-message: 'Этот PR замер. Мы закроем его через 5 дней, чтобы не копить
+            очередь, но вы всегда можете переоткрыть его позже.'
+          days-before-stale: 30
+          days-before-close: 5
@@ -0,0 +1,51 @@
+FROM node:20-alpine AS base
+ENV PNPM_HOME="/pnpm"
+ENV PATH="$PNPM_HOME:$PATH"
+RUN corepack enable
+WORKDIR /app
+
+FROM base AS deps
+RUN apk add --no-cache libc6-compat
+
+COPY pnpm-lock.yaml ./
+RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm fetch
+
+COPY package.json ./
+RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --offline --frozen-lockfile
+
+FROM base AS builder
+ARG NEXT_PUBLIC_API_BASE_URL
+ARG OPENAPI_URL
+ENV NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL \
+    OPENAPI_URL=$OPENAPI_URL
+
+ENV NEXT_TELEMETRY_DISABLED 1
+
+COPY --from=deps /app/node_modules ./node_modules
+COPY . .
+
+RUN --mount=type=cache,target=/app/.next/cache pnpm run build
+
+FROM node:20-alpine AS runner
+WORKDIR /app
+
+ENV NODE_ENV production
+ENV NEXT_TELEMETRY_DISABLED 1
+
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 frontend
+
+RUN mkdir .next
+RUN chown frontend:nodejs .next
+
+COPY --from=builder /app/public ./public
+COPY --from=builder --chown=frontend:nodejs /app/.next/standalone ./
+COPY --from=builder --chown=frontend:nodejs /app/.next/static ./.next/static
+
+USER frontend
+
+EXPOSE 3001
+ENV PORT 3001
+ENV HOSTNAME "0.0.0.0"
+
+CMD ["node", "server.js"]
@@ -5,6 +5,7 @@ const nextConfig: NextConfig = {
   turbopack: {
     root: __dirname,
   },
+  output: 'standalone',
 };
 
 export default nextConfig;
@@ -0,0 +1 @@
+add at feature same