新增构建OpenSSL镜像相关文件

examples/standardnotes/official-src/server-main/.dockerignore

@@ -0,0 +1,13 @@
+dist
+coverage
+
+.yarn/*
+!.yarn/cache
+!.yarn/patches
+!.yarn/plugins
+!.yarn/releases
+!.yarn/unplugged
+!.yarn/sdks
+!.yarn/versions
+
+data/*

examples/standardnotes/official-src/server-main/.env.sample

@@ -0,0 +1,26 @@
+######
+# DB #
+######
+
+DB_HOST=db
+DB_PORT=3306
+DB_USERNAME=std_notes_user
+DB_PASSWORD=changeme123
+DB_DATABASE=standard_notes_db
+DB_TYPE=mysql
+
+#########
+# CACHE #
+#########
+
+REDIS_PORT=6379
+REDIS_HOST=cache
+CACHE_TYPE=redis
+
+########
+# KEYS #
+########
+
+AUTH_JWT_SECRET=
+AUTH_SERVER_ENCRYPTION_SERVER_KEY=
+VALET_TOKEN_SECRET=

examples/standardnotes/official-src/server-main/.eslintignore

@@ -0,0 +1 @@
+node_modules

examples/standardnotes/official-src/server-main/.eslintrc

@@ -0,0 +1,55 @@
+{
+  "root": true,
+  "parserOptions": {
+    "project": "./tsconfig.json"
+  },
+  "plugins": ["@typescript-eslint", "prettier"],
+  "extends": [
+    "eslint:recommended",
+    "plugin:@typescript-eslint/eslint-recommended",
+    "plugin:@typescript-eslint/recommended",
+    "prettier"
+  ],
+  "rules": {
+    "@typescript-eslint/no-unused-vars": [
+      "error",
+      {
+        "vars": "all",
+        "args": "after-used",
+        "ignoreRestSiblings": false,
+        "argsIgnorePattern": "^_",
+        "varsIgnorePattern": "^_"
+      }
+    ],
+    "@typescript-eslint/no-explicit-any": ["error", { "ignoreRestArgs": true }],
+    "@typescript-eslint/no-floating-promises": ["error"],
+    "block-scoped-var": "error",
+    "comma-dangle": ["error", "always-multiline"],
+    "curly": ["error", "all"],
+    "no-confusing-arrow": "error",
+    "no-inline-comments": "warn",
+    "no-invalid-this": "error",
+    "no-return-assign": "warn",
+    "no-constructor-return": "error",
+    "no-duplicate-imports": "error",
+    "no-self-compare": "error",
+    "no-console": ["error", { "allow": ["warn", "error"] }],
+    "no-unmodified-loop-condition": "error",
+    "no-unused-private-class-members": "error",
+    "object-curly-spacing": ["error", "always"],
+    "quotes": ["error", "single", { "avoidEscape": true }],
+    "semi": ["error", "never"],
+    "prettier/prettier": [
+      "error",
+      {
+        "singleQuote": true,
+        "trailingComma": "all",
+        "printWidth": 120,
+        "semi": false
+      },
+      {
+        "usePrettierrc": false
+      }
+    ]
+  }
+}

examples/standardnotes/official-src/server-main/.github/ci.env

@@ -0,0 +1,30 @@
+PUBLIC_FILES_SERVER_URL=http://localhost:3125
+DB_HOST=db
+DB_USERNAME=std_notes_user
+DB_PASSWORD=changeme123
+DB_DATABASE=standard_notes_db
+DB_PORT=3306
+DB_DEBUG_LEVEL=all
+DB_SQLITE_DATABASE_PATH=standard_notes_db
+REDIS_PORT=6379
+REDIS_HOST=cache
+AUTH_SERVER_ACCESS_TOKEN_AGE=4
+AUTH_SERVER_REFRESH_TOKEN_AGE=10
+AUTH_SERVER_EPHEMERAL_SESSION_AGE=300
+SYNCING_SERVER_REVISIONS_FREQUENCY=2
+AUTH_SERVER_LOG_LEVEL=debug
+SYNCING_SERVER_LOG_LEVEL=debug
+FILES_SERVER_LOG_LEVEL=debug
+REVISIONS_SERVER_LOG_LEVEL=debug
+API_GATEWAY_LOG_LEVEL=debug
+
+MYSQL_DATABASE=standard_notes_db
+MYSQL_USER=std_notes_user
+MYSQL_PASSWORD=changeme123
+MYSQL_ROOT_PASSWORD=changeme123
+
+AUTH_JWT_SECRET=f95259c5e441f5a4646d76422cfb3df4c4488842901aa50b6c51b8be2e0040e9
+AUTH_SERVER_ENCRYPTION_SERVER_KEY=1087415dfde3093797f9a7ca93a49e7d7aa1861735eb0d32aae9c303b8c3d060
+VALET_TOKEN_SECRET=4b886819ebe1e908077c6cae96311b48a8416bd60cc91c03060e15bdf6b30d1f
+
+SYNCING_SERVER_CONTENT_SIZE_TRANSFER_LIMIT=1000000

examples/standardnotes/official-src/server-main/.github/dependabot.yml

@@ -0,0 +1,144 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/analytics"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/api-gateway"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/auth"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/common"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/domain-core"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/domain-events"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/domain-events-infra"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/files"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/home-server"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/predicates"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/revisions"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/scheduler"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/security"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/settings"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/sncrypto-node"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/syncing-server"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/time"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/websockets"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "direct"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"

examples/standardnotes/official-src/server-main/.github/workflows/analytics.yml

@@ -0,0 +1,22 @@
+name: Analytics Server
+
+concurrency:
+  group: analytics
+  cancel-in-progress: true
+
+on:
+  push:
+    tags:
+      - '*standardnotes/analytics*'
+  workflow_dispatch:
+
+jobs:
+  call_server_application_workflow:
+    name: Server Application
+    uses: standardnotes/server/.github/workflows/common-server-application.yml@main
+    with:
+      service_name: analytics
+      workspace_name: "@standardnotes/analytics"
+      deploy_web: false
+      package_path: packages/analytics
+    secrets: inherit

examples/standardnotes/official-src/server-main/.github/workflows/api-gateway.yml

@@ -0,0 +1,22 @@
+name: Api Gateway
+
+concurrency:
+  group: api_gateway
+  cancel-in-progress: true
+
+on:
+  push:
+    tags:
+      - '*standardnotes/api-gateway*'
+  workflow_dispatch:
+
+jobs:
+  call_server_application_workflow:
+    name: Server Application
+    uses: standardnotes/server/.github/workflows/common-server-application.yml@main
+    with:
+      service_name: api-gateway
+      workspace_name: "@standardnotes/api-gateway"
+      deploy_worker: false
+      package_path: packages/api-gateway
+    secrets: inherit

examples/standardnotes/official-src/server-main/.github/workflows/auth.yml

@@ -0,0 +1,21 @@
+name: Auth Server
+
+concurrency:
+  group: auth
+  cancel-in-progress: true
+
+on:
+  push:
+    tags:
+      - '*standardnotes/auth-server*'
+  workflow_dispatch:
+
+jobs:
+  call_server_application_workflow:
+    name: Server Application
+    uses: standardnotes/server/.github/workflows/common-server-application.yml@main
+    with:
+      service_name: auth
+      workspace_name: "@standardnotes/auth-server"
+      package_path: packages/auth
+    secrets: inherit

examples/standardnotes/official-src/server-main/.github/workflows/common-deploy.yml

@@ -0,0 +1,55 @@
+name: Reusable Server Application Deployment Workflow
+
+on:
+  workflow_call:
+    inputs:
+      service_name:
+        required: true
+        type: string
+      docker_image:
+        required: true
+        type: string
+    secrets:
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+      AWS_ECR_REGISTRY:
+        required: true
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v3
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+
+    - name: Download task definition
+      run: |
+        aws ecs describe-task-definition --task-definition ${{ inputs.service_name }}-prod --query taskDefinition > task-definition.json
+
+    - name: Fill in the new version in the Amazon ECS task definition
+      run: |
+        jq '(.containerDefinitions[] | select(.name=="${{ inputs.service_name }}-prod") | .environment[] | select(.name=="VERSION")).value = "${{ github.sha }}"' task-definition.json > tmp.json && mv tmp.json task-definition.json
+
+    - name: Fill in the new image ID in the Amazon ECS task definition
+      id: task-def-prod
+      uses: aws-actions/amazon-ecs-render-task-definition@v1
+      with:
+        task-definition: task-definition.json
+        container-name: ${{ inputs.service_name }}-prod
+        image: ${{ secrets.AWS_ECR_REGISTRY }}/${{ inputs.docker_image }}
+
+    - name: Deploy Amazon ECS task definition
+      uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+      with:
+        task-definition: ${{ steps.task-def-prod.outputs.task-definition }}
+        service: ${{ inputs.service_name }}
+        cluster: prod
+        wait-for-service-stability: true

examples/standardnotes/official-src/server-main/.github/workflows/common-docker-image.yml

@@ -0,0 +1,95 @@
+name: Reusable Publish Docker Image Workflow
+
+on:
+  workflow_call:
+    inputs:
+      service_name:
+        required: true
+        type: string
+      package_path:
+        required: true
+        type: string
+      workspace_name:
+        required: true
+        type: string
+    secrets:
+      DOCKER_USERNAME:
+        required: true
+      DOCKER_PASSWORD:
+        required: true
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - uses: actions/setup-python@v4
+      with:
+        python-version: '3.11'
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: |
+          packages/**/dist
+        key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Install dependencies
+      run: yarn install --immutable
+
+    - name: Build
+      if: steps.cache-build.outputs.cache-hit != 'true'
+      run: yarn build
+
+    - name: Login to Docker Hub
+      uses: docker/login-action@v3
+      with:
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_PASSWORD }}
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v3
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+
+    - name: Login to Amazon ECR
+      id: login-ecr
+      uses: aws-actions/amazon-ecr-login@v2
+
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@master
+      with:
+        platforms: all
+
+    - name: Set up Docker Buildx
+      id: buildx
+      uses: docker/setup-buildx-action@master
+
+    - name: Publish Docker image
+      uses: docker/build-push-action@v4
+      with:
+        builder: ${{ steps.buildx.outputs.name }}
+        context: .
+        file: ${{ inputs.package_path }}/Dockerfile
+        platforms: linux/amd64,linux/arm64
+        push: true
+        tags: |
+          standardnotes/${{ inputs.service_name }}:latest
+          standardnotes/${{ inputs.service_name }}:${{ github.sha }}
+          ${{ steps.login-ecr.outputs.registry }}/${{ inputs.service_name }}:${{ github.sha }}
+          ${{ steps.login-ecr.outputs.registry }}/${{ inputs.service_name }}:latest

examples/standardnotes/official-src/server-main/.github/workflows/common-e2e.yml

@@ -0,0 +1,26 @@
+name: Reusable Run E2E Test Suite Workflow
+
+on:
+  workflow_call:
+    inputs:
+      snjs_image_tag:
+        type: string
+        default: latest
+        description: The Docker image tag used for SNJS container
+      suite:
+        type: string
+        default: all
+        description: The test suite to run
+
+jobs:
+  e2e-self-hosted:
+    uses: standardnotes/server/.github/workflows/e2e-self-hosted.yml@main
+    with:
+      snjs_image_tag: ${{ inputs.snjs_image_tag }}
+      suite: ${{ inputs.suite }}
+
+  e2e-home-server:
+    uses: standardnotes/server/.github/workflows/e2e-home-server.yml@main
+    with:
+      snjs_image_tag: ${{ inputs.snjs_image_tag }}
+      suite: ${{ inputs.suite }}

examples/standardnotes/official-src/server-main/.github/workflows/common-self-hosting.yml

@@ -0,0 +1,47 @@
+name: Reusable Publish Docker Self Hosting Image Workflow
+
+on:
+  workflow_call:
+    secrets:
+      DOCKER_USERNAME:
+        required: true
+      DOCKER_PASSWORD:
+        required: true
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Login to Docker Hub
+      uses: docker/login-action@v3
+      with:
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_PASSWORD }}
+
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@master
+      with:
+        platforms: all
+
+    - name: Set up Docker Buildx
+      id: buildx
+      uses: docker/setup-buildx-action@master
+
+    - name: Publish Docker image
+      uses: docker/build-push-action@v4
+      with:
+        builder: ${{ steps.buildx.outputs.name }}
+        context: .
+        file: Dockerfile
+        platforms: linux/amd64,linux/arm64
+        push: true
+        tags: |
+          standardnotes/server:latest
+          standardnotes/server:${{ github.sha }}

examples/standardnotes/official-src/server-main/.github/workflows/common-server-application.yml

@@ -0,0 +1,67 @@
+name: Reusable Server Application Workflow
+
+on:
+  workflow_call:
+    inputs:
+      service_name:
+        required: true
+        type: string
+      workspace_name:
+        required: true
+        type: string
+      deploy_web:
+        required: false
+        default: true
+        type: boolean
+      deploy_worker:
+        required: false
+        default: true
+        type: boolean
+      package_path:
+        required: true
+        type: string
+    secrets:
+      DOCKER_USERNAME:
+        required: true
+      DOCKER_PASSWORD:
+        required: true
+      CI_PAT_TOKEN:
+        required: true
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+
+jobs:
+  publish:
+    name: Publish Docker Image
+    uses: standardnotes/server/.github/workflows/common-docker-image.yml@main
+    with:
+      service_name: ${{ inputs.service_name }}
+      package_path: ${{ inputs.package_path }}
+      workspace_name: ${{ inputs.workspace_name }}
+    secrets: inherit
+
+  deploy-web:
+    if: ${{ inputs.deploy_web }}
+
+    needs: publish
+
+    name: Deploy Web
+    uses: standardnotes/server/.github/workflows/common-deploy.yml@main
+    with:
+      service_name: ${{ inputs.service_name }}
+      docker_image: ${{ inputs.service_name }}:${{ github.sha }}
+    secrets: inherit
+
+  deploy-worker:
+    if: ${{ inputs.deploy_worker }}
+
+    needs: publish
+
+    name: Deploy Worker
+    uses: standardnotes/server/.github/workflows/common-deploy.yml@main
+    with:
+      service_name: ${{ inputs.service_name }}-worker
+      docker_image: ${{ inputs.service_name }}:${{ github.sha }}
+    secrets: inherit

examples/standardnotes/official-src/server-main/.github/workflows/e2e-home-server.yml

@@ -0,0 +1,105 @@
+name: E2E Home Server Test Suite
+
+on:
+  workflow_call:
+    inputs:
+      snjs_image_tag:
+        type: string
+        default: latest
+        description: The Docker image tag used for SNJS container
+      suite:
+        type: string
+        default: all
+        description: The test suite to run
+
+jobs:
+  e2e-home-server:
+    name: (Home Server) E2E Test Suite
+    strategy:
+      fail-fast: false
+      matrix:
+        db_type: [mysql, sqlite]
+        cache_type: [redis, memory]
+
+    runs-on: ubuntu-latest
+
+    services:
+      snjs:
+        image: standardnotes/snjs:${{ inputs.snjs_image_tag }}
+        ports:
+        - 9001:9001
+      cache:
+        image: redis
+        ports:
+          - 6379:6379
+      db:
+        image: mysql
+        ports:
+          - 3306:3306
+        env:
+          MYSQL_ROOT_PASSWORD: root
+          MYSQL_DATABASE: standardnotes
+          MYSQL_USER: standardnotes
+          MYSQL_PASSWORD: standardnotes
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Install Dependencies
+      run: yarn install --immutable
+
+    - name: Build
+      run: yarn build
+
+    - name: Copy dotenv file
+      run: cp packages/home-server/.env.sample packages/home-server/.env
+
+    - name: Fill in env variables
+      run: |
+        sed -i "s/JWT_SECRET=/JWT_SECRET=$(openssl rand -hex 32)/g" packages/home-server/.env
+        sed -i "s/AUTH_JWT_SECRET=/AUTH_JWT_SECRET=$(openssl rand -hex 32)/g" packages/home-server/.env
+        sed -i "s/ENCRYPTION_SERVER_KEY=/ENCRYPTION_SERVER_KEY=$(openssl rand -hex 32)/g" packages/home-server/.env
+        sed -i "s/PSEUDO_KEY_PARAMS_KEY=/PSEUDO_KEY_PARAMS_KEY=$(openssl rand -hex 32)/g" packages/home-server/.env
+        sed -i "s/VALET_TOKEN_SECRET=/VALET_TOKEN_SECRET=$(openssl rand -hex 32)/g" packages/home-server/.env
+        echo "ACCESS_TOKEN_AGE=4" >> packages/home-server/.env
+        echo "REFRESH_TOKEN_AGE=10" >> packages/home-server/.env
+        echo "REVISIONS_FREQUENCY=2" >> packages/home-server/.env
+        echo "CONTENT_SIZE_TRANSFER_LIMIT=1000000" >> packages/home-server/.env
+        echo "DB_HOST=localhost" >> packages/home-server/.env
+        echo "DB_PORT=3306" >> packages/home-server/.env
+        echo "DB_DATABASE=standardnotes" >> packages/home-server/.env
+        echo "DB_SQLITE_DATABASE_PATH=homeserver.db" >> packages/home-server/.env
+        echo "DB_USERNAME=standardnotes" >> packages/home-server/.env
+        echo "DB_PASSWORD=standardnotes" >> packages/home-server/.env
+        echo "DB_TYPE=${{ matrix.db_type }}" >> packages/home-server/.env
+        echo "DB_DEBUG_LEVEL=all" >> packages/home-server/.env
+        echo "REDIS_URL=redis://localhost:6379" >> packages/home-server/.env
+        echo "CACHE_TYPE=${{ matrix.cache_type }}" >> packages/home-server/.env
+        echo "FILES_SERVER_URL=http://localhost:3123" >> packages/home-server/.env
+        echo "E2E_TESTING=true" >> packages/home-server/.env
+
+    - name: Run Server
+      run: nohup yarn workspace @standardnotes/home-server start > logs/output.log 2>&1 &
+      env:
+        PORT: 3123
+
+    - name: Wait for server to start
+      run: for i in {1..30}; do curl -s http://localhost:3123/healthcheck && break || sleep 1; done
+
+    - name: Run E2E Test Suite
+      run: yarn dlx mocha-headless-chrome --timeout 3600000 -f http://localhost:9001/mocha/test.html?suite=${{ inputs.suite }}
+
+    - name: Archive failed run logs
+      if: ${{ failure() }}
+      uses: actions/upload-artifact@v3
+      with:
+        name: home-server-failure-logs-${{ inputs.suite }}-${{ matrix.db_type }}-${{ matrix.cache_type }}
+        retention-days: 5
+        path: |
+          logs/output.log

examples/standardnotes/official-src/server-main/.github/workflows/e2e-self-hosted.yml

@@ -0,0 +1,70 @@
+name: E2E Self Hosted Test Suite
+
+on:
+  workflow_call:
+    inputs:
+      snjs_image_tag:
+        type: string
+        default: latest
+        description: The Docker image tag used for SNJS container
+      suite:
+        type: string
+        default: all
+        description: The test suite to run
+
+jobs:
+  e2e:
+    name: (Self Hosting) E2E Test Suite
+    strategy:
+      fail-fast: false
+      matrix:
+        service_proxy_type: [http, grpc]
+    runs-on: ubuntu-latest
+
+    services:
+      snjs:
+        image: standardnotes/snjs:${{ inputs.snjs_image_tag }}
+        ports:
+        - 9001:9001
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Install
+      run: yarn install --immutable
+
+    - name: Run Server
+      run: docker compose -f docker-compose.ci.yml up -d
+      env:
+        DB_TYPE: mysql
+        CACHE_TYPE: redis
+        SERVICE_PROXY_TYPE: ${{ matrix.service_proxy_type }}
+
+    - name: Output Server Logs to File
+      run: docker compose -f docker-compose.ci.yml logs -f > logs/docker-compose.log 2>&1 &
+      env:
+        DB_TYPE: mysql
+        CACHE_TYPE: redis
+        SERVICE_PROXY_TYPE: ${{ matrix.service_proxy_type }}
+
+    - name: Wait for server to start
+      run: docker/is-available.sh http://localhost:3123 $(pwd)/logs
+
+    - name: Run E2E Test Suite
+      run: yarn dlx mocha-headless-chrome --timeout 3600000 -f http://localhost:9001/mocha/test.html?suite=${{ inputs.suite }}
+
+    - name: Archive failed run logs
+      if: ${{ failure() }}
+      uses: actions/upload-artifact@v3
+      with:
+        name: self-hosted-failure-logs-${{ inputs.suite }}
+        retention-days: 5
+        path: |
+          logs/*.err
+          logs/*.log

examples/standardnotes/official-src/server-main/.github/workflows/e2e-test-suite.yml

@@ -0,0 +1,33 @@
+name: E2E Test Suite
+
+run-name: E2E ${{ inputs.suite }} Test Suite against ${{ inputs.ref_name }} by ${{ inputs.author }}
+
+on:
+  schedule:
+    - cron: '0 */12 * * *'
+  workflow_dispatch:
+    inputs:
+      snjs_image_tag:
+        type: string
+        default: latest
+        description: The Docker image tag used for SNJS container
+      suite:
+        type: string
+        default: all
+        description: The test suite to run
+      author:
+        type: string
+        default: unknown
+        description: The author that triggered the workflow
+      ref_name:
+        type: string
+        default: unknown
+        description: The ref name from which the workflow was triggered
+
+jobs:
+  e2e:
+    name: E2E
+    uses: standardnotes/server/.github/workflows/common-e2e.yml@main
+    with:
+      snjs_image_tag: ${{ inputs.snjs_image_tag || 'latest' }}
+      suite: ${{ inputs.suite || 'all' }}

examples/standardnotes/official-src/server-main/.github/workflows/files.yml

@@ -0,0 +1,21 @@
+name: Files Server
+
+concurrency:
+  group: files
+  cancel-in-progress: true
+
+on:
+  push:
+    tags:
+      - '*standardnotes/files-server*'
+  workflow_dispatch:
+
+jobs:
+  call_server_application_workflow:
+    name: Server Application
+    uses: standardnotes/server/.github/workflows/common-server-application.yml@main
+    with:
+      service_name: files
+      workspace_name: "@standardnotes/files-server"
+      package_path: packages/files
+    secrets: inherit

examples/standardnotes/official-src/server-main/.github/workflows/pr.yml

@@ -0,0 +1,112 @@
+name: Pull Request
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: |
+          packages/**/dist
+        key: ${{ runner.os }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Install
+      run: yarn install
+
+    - name: Build
+      run: yarn build
+
+  lint:
+    runs-on: ubuntu-latest
+
+    needs: build
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: |
+          packages/**/dist
+        key: ${{ runner.os }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Install
+      run: yarn install
+
+    - name: Build
+      if: steps.cache-build.outputs.cache-hit != 'true'
+      run: yarn build
+
+    - name: Lint
+      run: yarn lint
+
+  test:
+    runs-on: ubuntu-latest
+
+    needs: build
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: |
+          packages/**/dist
+        key: ${{ runner.os }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Install
+      run: yarn install
+
+    - name: Build
+      if: steps.cache-build.outputs.cache-hit != 'true'
+      run: yarn build
+
+    - name: Test
+      run: yarn test
+
+  e2e-base:
+    needs: build
+    name: E2E Base Suite
+    uses: standardnotes/server/.github/workflows/common-e2e.yml@main
+    with:
+      snjs_image_tag: 'latest'
+      suite: 'base'
+
+  e2e-vaults:
+    needs: build
+    name: E2E Vaults Suite
+    uses: standardnotes/server/.github/workflows/common-e2e.yml@main
+    with:
+      snjs_image_tag: 'latest'
+      suite: 'vaults'

examples/standardnotes/official-src/server-main/.github/workflows/publish.yml

@@ -0,0 +1,175 @@
+name: Publish Packages
+
+on:
+  push:
+    branches: [ main ]
+
+permissions:
+  id-token: write
+
+jobs:
+  build:
+    if: contains(github.event.head_commit.message, 'chore(release)') == false
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: |
+          packages/**/dist
+        key: ${{ runner.os }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Install
+      run: yarn install --immutable
+
+    - name: Build
+      run: yarn build
+
+  lint:
+    runs-on: ubuntu-latest
+
+    needs: build
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: |
+          packages/**/dist
+        key: ${{ runner.os }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Install
+      run: yarn install --immutable
+
+    - name: Build
+      if: steps.cache-build.outputs.cache-hit != 'true'
+      run: yarn build
+
+    - name: Lint
+      run: yarn lint
+
+  test:
+    runs-on: ubuntu-latest
+
+    needs: build
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: |
+          packages/**/dist
+        key: ${{ runner.os }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Install
+      run: yarn install --immutable
+
+    - name: Build
+      if: steps.cache-build.outputs.cache-hit != 'true'
+      run: yarn build
+
+    - name: Test
+      run: yarn test
+
+  e2e-base:
+    needs: build
+    name: E2E Base Suite
+    uses: standardnotes/server/.github/workflows/common-e2e.yml@main
+    with:
+      snjs_image_tag: 'latest'
+      suite: 'base'
+
+  e2e-vaults:
+    needs: build
+    name: E2E Vaults Suite
+    uses: standardnotes/server/.github/workflows/common-e2e.yml@main
+    with:
+      snjs_image_tag: 'latest'
+      suite: 'vaults'
+
+  publish-self-hosting:
+    needs: [ test, lint, e2e-base, e2e-vaults ]
+    name: Publish Self Hosting Docker Image
+    uses: standardnotes/server/.github/workflows/common-self-hosting.yml@main
+    secrets: inherit
+
+  publish-services:
+    needs: [ test, lint, e2e-base, e2e-vaults ]
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.CI_PAT_TOKEN }}
+          fetch-depth: 0
+
+      - name: Cache build
+        id: cache-build
+        uses: actions/cache@v3
+        with:
+          path: |
+            packages/**/dist
+          key: ${{ runner.os }}-build-${{ github.sha }}
+
+      - name: Setup git config
+        run: |
+          git config --global user.name "standardci"
+          git config --global user.email "ci@standardnotes.com"
+
+      - name: Import GPG key
+        uses: crazy-max/ghaction-import-gpg@v6
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+
+      - name: Set up Node
+        uses: actions/setup-node@v3
+        with:
+          registry-url: 'https://registry.npmjs.org'
+          node-version-file: '.nvmrc'
+
+      - name: Install
+        run: yarn install --immutable
+
+      - name: Build
+        if: steps.cache-build.outputs.cache-hit != 'true'
+        run: yarn build
+
+      - name: Bump version
+        run: yarn release
+
+      - name: Publish
+        run: yarn publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_TOKEN }}

examples/standardnotes/official-src/server-main/.github/workflows/revisions.yml

@@ -0,0 +1,21 @@
+name: Revisions Server
+
+concurrency:
+  group: revisions_server
+  cancel-in-progress: true
+
+on:
+  push:
+    tags:
+      - '*standardnotes/revisions-server*'
+  workflow_dispatch:
+
+jobs:
+  call_server_application_workflow:
+    name: Server Application
+    uses: standardnotes/server/.github/workflows/common-server-application.yml@main
+    with:
+      service_name: revisions
+      workspace_name: "@standardnotes/revisions-server"
+      package_path: packages/revisions
+    secrets: inherit

examples/standardnotes/official-src/server-main/.github/workflows/scheduler.yml

@@ -0,0 +1,22 @@
+name: Scheduler Server
+
+concurrency:
+  group: scheduler
+  cancel-in-progress: true
+
+on:
+  push:
+    tags:
+      - '*standardnotes/scheduler-server*'
+  workflow_dispatch:
+
+jobs:
+  call_server_application_workflow:
+    name: Server Application
+    uses: standardnotes/server/.github/workflows/common-server-application.yml@main
+    with:
+      service_name: scheduler
+      workspace_name: "@standardnotes/scheduler-server"
+      deploy_web: false
+      package_path: packages/scheduler
+    secrets: inherit

examples/standardnotes/official-src/server-main/.github/workflows/syncing-server.yml

@@ -0,0 +1,21 @@
+name: Syncing Server
+
+concurrency:
+  group: syncing_server
+  cancel-in-progress: true
+
+on:
+  push:
+    tags:
+      - '*standardnotes/syncing-server*'
+  workflow_dispatch:
+
+jobs:
+  call_server_application_workflow:
+    name: Server Application
+    uses: standardnotes/server/.github/workflows/common-server-application.yml@main
+    with:
+      service_name: syncing-server-js
+      workspace_name: "@standardnotes/syncing-server"
+      package_path: packages/syncing-server
+    secrets: inherit

examples/standardnotes/official-src/server-main/.github/workflows/websockets.yml

@@ -0,0 +1,21 @@
+name: Websockets Server
+
+concurrency:
+  group: websockets
+  cancel-in-progress: true
+
+on:
+  push:
+    tags:
+      - '*standardnotes/websockets-server*'
+  workflow_dispatch:
+
+jobs:
+  call_server_application_workflow:
+    name: Server Application
+    uses: standardnotes/server/.github/workflows/common-server-application.yml@main
+    with:
+      service_name: websockets
+      workspace_name: "@standardnotes/websockets-server"
+      package_path: packages/websockets
+    secrets: inherit

examples/standardnotes/official-src/server-main/.gitignore

@@ -0,0 +1,29 @@
+.eslintcache
+.DS_Store
+.idea
+dist
+coverage
+.env
+
+.yarn/*
+!.yarn/cache
+!.yarn/patches
+!.yarn/plugins
+!.yarn/releases
+!.yarn/sdks
+!.yarn/versions
+
+yarn.build-error.log
+
+packages/files/uploads/*
+!packages/files/uploads/.gitkeep
+
+data/*
+!data/.gitkeep
+
+packages/**/data/*
+
+logs/*
+!logs/.gitkeep
+
+docker-compose.yml

examples/standardnotes/official-src/server-main/.nvmrc

@@ -0,0 +1 @@
+20.6.1

examples/standardnotes/official-src/server-main/.prettierrc

@@ -0,0 +1,6 @@
+{
+  "singleQuote": true,
+  "trailingComma": "all",
+  "printWidth": 120,
+  "semi": false
+}

examples/standardnotes/official-src/server-main/.vscode/extensions.json

@@ -0,0 +1,7 @@
+{
+  "recommendations": [
+    "arcanis.vscode-zipfs",
+    "dbaeumer.vscode-eslint",
+    "esbenp.prettier-vscode"
+  ]
+}

examples/standardnotes/official-src/server-main/.vscode/settings.json

@@ -0,0 +1,11 @@
+{
+  "search.exclude": {
+    "**/.yarn": true,
+    "**/.pnp.*": true
+  },
+  "eslint.nodePath": ".yarn/sdks",
+  "prettier.prettierPath": ".yarn/sdks/prettier/index.js",
+  "typescript.tsdk": ".yarn/sdks/typescript/lib",
+  "typescript.enablePromptUseWorkspaceTsdk": true,
+  "terraform.languageServer.enable": false
+}