Round 3: Cloudflare

.dev.vars.example

@@ -0,0 +1,12 @@
+NEXT_PUBLIC_PANGEA_CLIENT_TOKEN=
+NEXT_PUBLIC_AUTHN_UI_URL=
+NEXT_PUBLIC_PANGEA_BASE_DOMAIN=aws.us.pangea.cloud
+
+PANGEA_SERVICE_TOKEN=
+PANGEA_AUDIT_CONFIG_ID=
+
+CLOUDFLARE_ACCOUNT_ID=
+CLOUDFLARE_API_TOKEN=
+
+GOOGLE_DRIVE_CREDENTIALS=
+GOOGLE_DRIVE_FOLDER_ID=

.editorconfig

@@ -0,0 +1,9 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true

.gitattributes

@@ -0,0 +1 @@
+* text=auto eol=lf

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @kenany

.github/renovate.json

@@ -0,0 +1,9 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "local>pangeacyber/.github:renovate-config",
+    ":semanticCommitsDisabled"
+  ],
+  "automerge": true,
+  "automergeStrategy": "rebase"
+}

.github/workflows/ci.yml

@@ -0,0 +1,90 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+
+  pull_request:
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - ready_for_review
+
+  merge_group:
+
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+env:
+  NEXT_TELEMETRY_DISABLED: 1
+
+jobs:
+  prefetch:
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/[email protected]
+
+      - name: Setup Node.js
+        uses: actions/[email protected]
+        with:
+          node-version: 22
+          cache: npm
+
+      - name: Install dependencies
+        run: npm ci
+
+  build:
+    needs: [prefetch]
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/[email protected]
+
+      - name: Setup Node.js
+        uses: actions/[email protected]
+        with:
+          node-version: 22
+          cache: npm
+
+      - name: Next.js cache
+        uses: actions/[email protected]
+        with:
+          path: |
+            ~/.npm
+            ${{ github.workspace }}/.next/cache
+          key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }}
+          restore-keys: |
+            ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build
+        env:
+          NEXT_PUBLIC_PANGEA_CLIENT_TOKEN: placeholder
+          PANGEA_SERVICE_TOKEN: placeholder
+        run: npm run build
+
+  lint:
+    needs: [prefetch]
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/[email protected]
+
+      - name: Setup Node.js
+        uses: actions/[email protected]
+        with:
+          node-version: 22
+          cache: npm
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Lint
+        run: npx biome ci

.gitignore

@@ -1,36 +1,9 @@
-# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
-
-# dependencies
-/node_modules
-/.pnp
-.pnp.js
-.yarn/install-state.gz
-
-# testing
-/coverage
-
-# next.js
-/.next/
-/out/
-
-# production
-/build
-
-# misc
-.DS_Store
-*.pem
-
-# debug
-npm-debug.log*
-yarn-debug.log*
-yarn-error.log*
-
-# local env files
-.env*.local
-
-# vercel
+.next
 .vercel
+.wrangler
+node_modules
+
+.dev.vars
+.env
 
-# typescript
 *.tsbuildinfo
-next-env.d.ts

README.md

@@ -1,14 +1,14 @@
-# pangea-ai-chat
+# pangea-ai-chat-cloudflare
 
-An example webapp demonstrating Pangea's [AI Guard][] and [Prompt Guard][]
-services.
+An example webapp on Cloudflare demonstrating Pangea's [AI Guard][] and
+[Prompt Guard][] services.
 
 ## Prerequisites
 
-- Node.js v20 or v22.
-- yarn v4.5.1 (or greater).
+- Node.js v22.
 - A [Pangea account][Pangea signup] with AI Guard, Prompt Guard, AuthN, and
   Secure Audit Log enabled.
+- A Cloudflare account.
 - A Google Drive folder containing spreadsheets.
 
   - Note down the ID of the folder for later (see [the LangChain docs][retrieve-the-google-docs]
@@ -51,20 +51,26 @@ After activating AuthN:
    users won't need to be manually added.
 2. For development only: under AuthN > General > Redirect (Callback) Settings,
    add `http://localhost:3000` as a redirect.
-3. Under AuthN > General > Social (OAuth), enable Google, GitHub, and LinkedIn.
+3. Under AuthN > General > Social (OAuth), enable Google.
 4. Under AuthN > Overview, note the "Client Token" and "Hosted Login" values for
    later.
 
+### Cloudflare Vectorize
+
+```
+npx wrangler vectorize create pangea-ai-chat --dimensions=768 --metric=cosine
+```
+
 ### Repository
 
 ```
 git clone https://github.com/pangeacyber/pangea-ai-chat.git
 cd pangea-ai-chat
-yarn install
-cp .env.template .env.local
+npm ci
+cp .dev.vars.example .dev.vars
 ```
 
-There are several values that need to be filled out in `.env.local`:
+There are several values that need to be filled out in `.dev.vars`:
 
 - `NEXT_PUBLIC_PANGEA_CLIENT_TOKEN`: This should be the AuthN "Client Token"
   that was noted earlier.
@@ -73,8 +79,6 @@ There are several values that need to be filled out in `.env.local`:
 - `PANGEA_SERVICE_TOKEN`: Pangea API token with access to AI Guard and Prompt
   Guard.
 - `PANGEA_AUDIT_CONFIG_ID`: Pangea Secure Audit Log configuration ID.
-- `AWS_ACCESS_KEY_ID`: AWS access key.
-- `AWS_SECRET_ACCESS_KEY`: Secret key associated with the AWS access key
 - `GOOGLE_DRIVE_CREDENTIALS`: Google service account credentials as a compacted
   JSON object. The value of this variable should be the contents of the
   `credentials.json` from earlier with its whitespace removed until it fits in a
@@ -86,7 +90,7 @@ There are several values that need to be filled out in `.env.local`:
 A development version of the app can be started with:
 
 ```
-yarn dev
+npm run dev
 ```
 
 Then navigate to <http://localhost:3000>.

biome.json

@@ -0,0 +1,28 @@
+{
+  "$schema": "./node_modules/@biomejs/biome/configuration_schema.json",
+  "extends": ["ultracite"],
+  "linter": {
+    "rules": {
+      "complexity": {
+        "noExcessiveCognitiveComplexity": "off"
+      },
+      "style": {
+        "noNonNullAssertion": "off",
+        "noParameterAssign": "off",
+        "useFilenamingConvention": "off",
+        "useSingleCaseStatement": "off"
+      },
+      "suspicious": {
+        "noConsole": "off",
+        "noConsoleLog": "off",
+        "noEmptyBlockStatements": "off"
+      }
+    }
+  },
+  "javascript": {
+    "formatter": {
+      "trailingCommas": "all",
+      "quoteStyle": "double"
+    }
+  }
+}

next-env.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="next" />
+/// <reference types="next/image-types/global" />
+
+// NOTE: This file should not be edited
+// see https://nextjs.org/docs/app/building-your-application/configuring/typescript for more information.

next.config.mjs

@@ -1,4 +1,15 @@
+import { setupDevPlatform } from "@cloudflare/next-on-pages/next-dev";
+
 /** @type {import('next').NextConfig} */
-const nextConfig = {};
+const nextConfig = {
+  eslint: {
+    // Using biome instead.
+    ignoreDuringBuilds: true,
+  },
+};
 
 export default nextConfig;
+
+if (process.env.NODE_ENV === "development") {
+  await setupDevPlatform();
+}