[LSP-1272] feat: add workflows for deployment and environment management, update…

.github/CODEOWNERS

@@ -0,0 +1,21 @@
+# Lines starting with '#' are comments.
+
+# Each line is a file pattern followed by one or more owners.
+
+# These owners will be the default owners for everything in the repo.
+
+- @devicebits/Developers
+
+# Order is important. The last matching pattern has the most precedence.
+
+# So if a pull request only touches javascript files, only these owners
+
+# will be requested to review.
+
+# \*.js @octocat @github/js
+
+# .github/\*
+
+# You can also use email addresses if you prefer.
+
+# docs/\* docs@example.com

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,20 @@
+## Background
+
+Description of what you were asked to do. Try to be as detailed as possible.
+The idea is to give enough background to the reviewer to perform the code review.
+
+## Changes done
+
+High level description of what changes you introduced in this PR. Don't bother going into details as they can be seen in the code. Describe _what_ was done, not how or where.
+
+## Pending to be done
+
+What things you left out and why. Maybe you left testing out because the PR was too big already? Maybe you will be following up with a second part with validations? Let your reviewers know!
+
+## Notes
+
+Any design decisions not obvious in the code. Did you have to go outside of our standard? If so, why?
+
+## Demo
+
+Screenshot/video to better understand the idea.

.github/workflows/release-prestage.yml

@@ -0,0 +1,49 @@
+name: Release Prestage
+description: |
+  This workflow is triggered on pull requests and deploys the application to the prestage environment.
+  It uses AWS credentials configured via OIDC and caches npm dependencies for faster builds.
+
+run-name: "[Automated] @${{ github.actor }} ran ${{ github.workflow }} on ${{ github.ref }}"
+on: [pull_request]
+
+jobs:
+  deploy-branch:
+    name: Deploy branch
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Setup AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: "${{ secrets.OIDC_AWS_ROLE_SLS_DEPLOYMENT_PROD }}"
+          aws-region: ${{ vars.AWS_DEFAULT_REGION || 'us-east-1' }}
+          role-session-name: "GITHUB-${{github.run_id}}"
+
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          registry-url: "https://npm.pkg.github.com"
+          scope: "@devicebits"
+          always-auth: true
+
+      - name: Cache multiple paths
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.npm
+            **/node_modules
+          key: ${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}
+
+      - name: Install Dependencies
+        run: npm ci
+
+      - name: deploy branch
+        run: |
+          echo -e "$STAGENAME:\n  <<: *DEFAULT" >> serverless.env.yml
+          cat serverless.env.yml
+          npx sls deploy --stage $STAGENAME
+        env:
+          STAGENAME: qa-${{ github.event.pull_request.head.ref }}

.github/workflows/release-production.yml

@@ -0,0 +1,45 @@
+name: Release Production
+run-name: "[Automated] @${{ github.actor }} ran ${{ github.workflow }} on ${{ github.ref }}"
+description: |
+  This workflow is triggered on version tag pushes and deploys the application to the production environment.
+  It uses AWS credentials configured via OIDC and caches npm dependencies for faster builds.
+
+on:
+  push:
+    tags:
+      - "v[0-9]+.[0-9]+.[0-9]+"
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Setup AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: "${{ secrets.OIDC_AWS_ROLE_SLS_DEPLOYMENT_PROD }}"
+          aws-region: ${{ vars.AWS_DEFAULT_REGION || 'us-east-1' }}
+          role-session-name: "GITHUB-${{github.run_id}}"
+
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 18
+          registry-url: "https://npm.pkg.github.com"
+          scope: "@devicebits"
+          always-auth: true
+
+      - name: Cache npm cache
+        uses: actions/cache@v4
+        with:
+          path: |
+            ~/.npm
+          key: ${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Deploy to production
+        run: npm run deploy:production

.github/workflows/release-staging.yml

@@ -0,0 +1,45 @@
+name: Release Staging
+description: |
+  This workflow is triggered on pushes to the main branch and deploys the application to the staging environment.
+  It uses AWS credentials configured via OIDC and caches npm dependencies for faster builds.
+run-name: "[Automated] @${{ github.actor }} ran ${{ github.workflow }} on ${{ github.ref }}"
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Setup AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: "${{ secrets.OIDC_AWS_ROLE_SLS_DEPLOYMENT_PROD }}"
+          aws-region: ${{ vars.AWS_DEFAULT_REGION || 'us-east-1' }}
+          role-session-name: "GITHUB-${{github.run_id}}"
+
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 18
+          registry-url: "https://npm.pkg.github.com"
+          scope: "@devicebits"
+          always-auth: true
+
+      - name: Cache npm cache
+        uses: actions/cache@v4
+        with:
+          path: |
+            ~/.npm
+          key: ${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Deploy to staging
+        run: npm run deploy:staging

.github/workflows/remove-prestage.yml

@@ -0,0 +1,47 @@
+name: Remove Prestage
+run-name: "[Automated] @${{ github.actor }} ran ${{ github.workflow }} on ${{ github.ref }}"
+on:
+  pull_request:
+    types: [closed]
+
+jobs:
+  rm-branch-deploy:
+    name: Remove branch deployment
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Setup AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: "${{ secrets.OIDC_AWS_ROLE_SLS_DEPLOYMENT_PROD }}"
+          aws-region: ${{ vars.AWS_DEFAULT_REGION || 'us-east-1' }}
+          role-session-name: "GITHUB-${{github.run_id}}"
+
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 18
+          registry-url: "https://npm.pkg.github.com"
+          scope: "@devicebits"
+          always-auth: true
+
+      - name: Cache multiple paths
+        uses: actions/cache@v4
+        with:
+          path: |
+            ~/.npm
+            **/node_modules
+          key: ${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Remove branch deployment
+        run: |
+          echo -e "${STAGENAME}:\n  <<: *DEFAULT" >> serverless.env.yml
+          echo ${STAGENAME}
+          ./node_modules/.bin/sls remove --stage ${STAGENAME}
+        env:
+          STAGENAME: qa-${{ github.event.pull_request.head.ref }}

.gitignore

@@ -1,2 +1,4 @@
 node_modules
 .serverless
+mysql/
+logs/