platform/design-tokens
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: bootstrap repo scaffolding (M0.1) #1

Merged
sharang merged 2 commits from feat/m0.1-bootstrap into main 2026-05-18 19:15:37 +00:00
Conversation 0 Commits 2 Files Changed 15
+695 -1
sharang commented 2026-05-18 19:08:19 +00:00
Owner
Copy Link
Copy Source

What

  • Bootstraps the §1.2 scaffolding for this repo: README.md, CONTRIBUTING.md, CODEOWNERS, CHANGELOG.md, .gitea/pull_request_template.md, .gitea/issue_template/{bug,feature}.md, LICENSE.

  • Adds the per-stack CI workflow at .gitea/workflows/ci.yaml plus the shared release.yaml.

  • Drops in the hand-rolled extras called out in templates/README.templates.md: commitlint.config.cjs, cliff.toml, .editorconfig, .gitignore, empty .env.example.

  • Repo-specific: TypeScript CI workflow. Library is Apache-2.0 (downstream products vendor it). Package skeleton lands alongside M5.1.

Why

This is the M0.1 bootstrap PR — first work item in IMPLEMENTATION_PLAN.md. Every repo created under the new platform/ Gitea org needs the same §1.2 scaffolding before any feature work can land, so that CI, branch protection, commit conventions, audit/ownership, and the PR template are all enforced from the very first feature PR.

Linked milestone: M0.1

How

  • Templates copied verbatim from benjamin_boenisch/templates/, following the file-map in templates/README.templates.md.
  • Placeholders substituted per the table in that doc: {{REPO_NAME}}, {{ONE_LINE_DESCRIPTION}}, {{PORT}}, {{slug}}, {{x.y}}, plane, license token, status.
  • CI workflow chosen per repo stack:
    • tenant-registryci-go.yaml
    • portal, design-tokensci-typescript.yaml
    • orca-platform → minimal ci.yaml that runs orca validate only (no app code yet, so lint/test/build jobs would be no-ops)
    • docs, seed-dataci-typescript.yaml skeleton (commitlint + gitleaks + trivy now; lint/test/build will light up when real package code lands)
  • Branch protection still needs to be configured in Gitea UI (or via API) — that's tracked under M0.2 and is intentionally out of scope here so this PR can land first to give M0.2 something to protect.
  • LICENSE is the canonical MIT for portal/docs/orca/seed-data, Apache-2.0 for the library-shaped repos (tenant-registry as a Go service consumed by other planes, design-tokens as a shared package).

Test plan

  • Unit tests added/updated
  • Integration tests added/updated (real DB via testcontainers)
  • Playwright e2e added/updated (only if user-facing flow changed)
  • Manual smoke on stage after deploy
  • Regression test added (only if this PR fixes a bug — must fail before the fix)

n/a — this PR adds no executable code. Verification is reviewer-eye on the template substitutions plus the CI workflow shape. Once M0.2 lands, CI itself will gate future PRs.

Risk

Blast radius: single repo. No services run yet; merging this affects only the contents of this repo's main branch.

What could break:

  • A template placeholder I missed renders as {{...}} in the README. Reviewer should grep {{ in the diff.
  • CI workflow references actions/secrets that aren't configured yet (REGISTRY_USER, ORCA_STAGE_TOKEN, etc.) — expected; the image job is gated on push to main so it only fires post-merge, and those secrets will be set in M0.2 before any merges to main happen.

Rollback plan: revert the PR. No infra, no state, no migrations involved.

Checklist

  • Docs updated (the docs ARE the change)
  • Audit events emitted for state changes (n/a — no state changes)
  • Secrets via Infisical, never in repo
  • Migration is forward-only + idempotent (n/a — no migration)
  • Tenant scoping enforced on every DB query (n/a — no DB access)
  • OpenAPI spec updated (n/a — no API change)
  • featureFlags.evaluate() used for any toggleable behavior (n/a)
  • CHANGELOG entry under "Unreleased" — added the skeleton; first real entry lands with M0.2.

Screenshots / recordings

n/a — no UI.

<!-- PR title MUST be a Conventional Commit, e.g.: feat(api): add POST /v1/tenants/:id/cancel fix(auth): reject JWT when org_id missing Mark draft if not ready for review. --> ## What - Bootstraps the §1.2 scaffolding for this repo: `README.md`, `CONTRIBUTING.md`, `CODEOWNERS`, `CHANGELOG.md`, `.gitea/pull_request_template.md`, `.gitea/issue_template/{bug,feature}.md`, `LICENSE`. - Adds the per-stack CI workflow at `.gitea/workflows/ci.yaml` plus the shared `release.yaml`. - Drops in the hand-rolled extras called out in `templates/README.templates.md`: `commitlint.config.cjs`, `cliff.toml`, `.editorconfig`, `.gitignore`, empty `.env.example`. - **Repo-specific:** TypeScript CI workflow. Library is Apache-2.0 (downstream products vendor it). Package skeleton lands alongside M5.1. ## Why This is the M0.1 bootstrap PR — first work item in `IMPLEMENTATION_PLAN.md`. Every repo created under the new `platform/` Gitea org needs the same §1.2 scaffolding before any feature work can land, so that CI, branch protection, commit conventions, audit/ownership, and the PR template are all enforced from the very first feature PR. Linked milestone: **M0.1** ## How - Templates copied verbatim from `benjamin_boenisch/templates/`, following the file-map in `templates/README.templates.md`. - Placeholders substituted per the table in that doc: `{{REPO_NAME}}`, `{{ONE_LINE_DESCRIPTION}}`, `{{PORT}}`, `{{slug}}`, `{{x.y}}`, plane, license token, status. - CI workflow chosen per repo stack: - `tenant-registry` → `ci-go.yaml` - `portal`, `design-tokens` → `ci-typescript.yaml` - `orca-platform` → minimal `ci.yaml` that runs `orca validate` only (no app code yet, so `lint/test/build` jobs would be no-ops) - `docs`, `seed-data` → `ci-typescript.yaml` skeleton (commitlint + gitleaks + trivy now; lint/test/build will light up when real package code lands) - Branch protection still needs to be configured in Gitea UI (or via API) — that's tracked under M0.2 and is intentionally out of scope here so this PR can land first to give M0.2 something to protect. - `LICENSE` is the canonical MIT for portal/docs/orca/seed-data, Apache-2.0 for the library-shaped repos (`tenant-registry` as a Go service consumed by other planes, `design-tokens` as a shared package). ## Test plan - [ ] Unit tests added/updated - [ ] Integration tests added/updated (real DB via testcontainers) - [ ] Playwright e2e added/updated (only if user-facing flow changed) - [ ] Manual smoke on stage after deploy - [ ] Regression test added (only if this PR fixes a bug — must fail before the fix) n/a — this PR adds no executable code. Verification is reviewer-eye on the template substitutions plus the CI workflow shape. Once M0.2 lands, CI itself will gate future PRs. ## Risk **Blast radius:** single repo. No services run yet; merging this affects only the contents of this repo's `main` branch. **What could break:** - A template placeholder I missed renders as `{{...}}` in the README. Reviewer should grep `{{` in the diff. - CI workflow references actions/secrets that aren't configured yet (`REGISTRY_USER`, `ORCA_STAGE_TOKEN`, etc.) — expected; the `image` job is gated on `push` to main so it only fires post-merge, and those secrets will be set in M0.2 before any merges to main happen. **Rollback plan:** revert the PR. No infra, no state, no migrations involved. ## Checklist - [x] Docs updated (the docs ARE the change) - [ ] Audit events emitted for state changes (n/a — no state changes) - [x] Secrets via Infisical, never in repo - [ ] Migration is forward-only + idempotent (n/a — no migration) - [ ] Tenant scoping enforced on every DB query (n/a — no DB access) - [ ] OpenAPI spec updated (n/a — no API change) - [ ] `featureFlags.evaluate()` used for any toggleable behavior (n/a) - [x] CHANGELOG entry under "Unreleased" — added the skeleton; first real entry lands with M0.2. ## Screenshots / recordings n/a — no UI. --- <!-- Reviewer reminder: in this order — risk → tests → security → correctness → style. Squash-merge after approval. PR title becomes the commit message. -->
sharang added 1 commit 2026-05-18 19:08:20 +00:00
chore: bootstrap repo scaffolding (M0.1)
ci / shared (pull_request) Failing after 5s
Details
ci / test (pull_request) Failing after 2s
Details
ci / e2e (pull_request) Has been skipped
Details
ci / image (pull_request) Has been skipped
Details
f3366f0f20 
Adds the §1.2 scaffolding required by IMPLEMENTATION_PLAN.md M0.1:
README, CONTRIBUTING, CODEOWNERS, CHANGELOG, PR + issue templates,
CI workflow, release workflow, LICENSE, commitlint, cliff config,
.editorconfig, .gitignore, .env.example.

Refs: M0.1
sharang added 1 commit 2026-05-18 19:13:22 +00:00
chore: relicense to proprietary, all rights reserved
ci / shared (pull_request) Failing after 5s
Details
ci / test (pull_request) Failing after 2s
Details
ci / e2e (pull_request) Has been skipped
Details
ci / image (pull_request) Has been skipped
Details
8507009898 
Replaces the OSS license (MIT or Apache-2.0) with a strict proprietary
notice naming Sharang Parnerkar and Benjamin Boenisch as the sole
copyright holders. No third party gets a license to use, copy, modify,
or distribute the contents of this repo without prior written permission
from both founders.

Refs: M0.1
sharang merged commit 2e3b7c0499 into main 2026-05-18 19:15:37 +00:00
sharang deleted branch feat/m0.1-bootstrap 2026-05-18 19:15:37 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Benjamin_Boenisch sharang (Sharang Parnerkar)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: platform/design-tokens#1
Delete Branch "feat/m0.1-bootstrap"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?