- Node LTS support (verified working on 20.x LTS release)
- Express server
- Postgres database with
pg
- Logging with Winston and Morgan
- React client with Vite
- Client-side routing with React Router
- Linting with ESLint and Prettier
- Unit and integration testing with Vitest (with SuperTest and TestContainers)
- E2E testing with Playwright
- Dev mode (watch modes for client and server, proxy to avoid CORS issues)
- Production build (single deployment artifact)
- GitHub Actions pipeline
- Google App Engine, Heroku, Render or Vercel deployment
- Docker build
Note if you have any problems setting up the starter kit, see the wiki and, if still not solved, post to
#cyf-full-stack-starter-kit
in Slack.
Pick one member of the team to own the repository and pipeline. That person should do the following:
- Click the "Use this template" button above (see GitHub's docs) to create your team repository and name it something appropriate for your project.
- Your repo should say "generated from", not "forked from", "CodeYourFuture/cyf-final-project-starter-kit" at the top
- In your repo, click the "Deploy to Render" button at the top of the README and log in using GitHub when prompted.
- Fill in a service group name for your application and then click "Apply".
- Once it has deployed successfully, click the "managed resources" link to view the application details.
Whenever you commit to main (or e.g. merge a pull request) it will get automatically deployed!
You should now make sure all of the project team are collaborators on the repository.
Various scripts are provided in the package file, but many are helpers for other scripts; here are the ones you'll commonly use:
dev
: starts the frontend and backend in dev mode, with file watching (note that the backend runs on port 3100, and the frontend is proxied to it).e2e
: builds and starts the app in production mode and runs the Playwright tests against it.e2e:dev
: builds and starts the app in dev mode and runs the Playwright tests against it.
lint
: runs ESLint and Prettier against all the relevant files in the project.serve
: builds and starts the app in production mode locally.ship
: runslint
, thentest
, thene2e
; ideal before agit push
.test
: runs the unit and integration tests.test:cover
: runs the tests and outputs coverage data.
If the project handles any kind of Personally Identifiable Information (PII) then make sure the following principles are followed:
- Only collect strictly necessary PII;
- Access to PII should be as restricted as possible;
- Access to PII should only be possible after authentication. Authentication must be done via GitHub. Ad hoc authentication solutions are not allowed;
- Admins must be able to control who has access to the platform and at which levels using only GitHub groups;
- There must be an audit mechanism in place. It is required by law to know who accessed what and when;
- Code must be reviewed by senior developers before being pushed to production;
- APIs must be secure. Make sure we are not handling security on the frontend.