initialize the cloud functions repo with kustomize the functions fomr constructive

Author: Anmol1696

.eslintrc.json

@@ -0,0 +1,67 @@
+{
+  "env": {
+    "browser": true,
+    "es2021": true,
+    "node": true,
+    "jest": true
+  },
+  "extends": [
+    "eslint:recommended",
+    "plugin:@typescript-eslint/recommended",
+    "prettier"
+  ],
+  "overrides": [],
+  "parser": "@typescript-eslint/parser",
+  "parserOptions": {
+    "ecmaVersion": "latest",
+    "sourceType": "module"
+  },
+  "plugins": [
+    "@typescript-eslint",
+    "simple-import-sort",
+    "unused-imports"
+  ],
+  "rules": {
+    "indent": [
+      "error",
+      2
+    ],
+    "quotes": [
+      "error",
+      "single",
+      {
+        "avoidEscape": true,
+        "allowTemplateLiterals": true
+      }
+    ],
+    "quote-props": [
+      "error",
+      "as-needed"
+    ],
+    "semi": [
+      "error",
+      "always"
+    ],
+    "comma-dangle": [
+      "error",
+      "never"
+    ],
+    "simple-import-sort/imports": 1,
+    "simple-import-sort/exports": 1,
+    "unused-imports/no-unused-imports": 1,
+    "@typescript-eslint/no-unused-vars": [
+      1,
+      {
+        "argsIgnorePattern": "React|res|next|^_"
+      }
+    ],
+    "@typescript-eslint/no-explicit-any": 0,
+    "@typescript-eslint/no-var-requires": 0,
+    "no-console": 0,
+    "@typescript-eslint/ban-ts-comment": 0,
+    "prefer-const": 0,
+    "no-case-declarations": 0,
+    "no-implicit-globals": 0,
+    "@typescript-eslint/no-unsafe-declaration-merging": 0
+  }
+}

.github/workflows/test-k8s-deployment.yaml

@@ -0,0 +1,220 @@
+name: CI Test K8s
+
+on:
+  pull_request:
+    branches:
+      - main
+      - release/*
+    paths:
+      - "k8s/**"
+      - ".github/workflows/test-k8s-deployment.yaml"
+  push:
+    branches:
+      - main
+      - release/*
+    paths:
+      - "k8s/**"
+      - ".github/workflows/test-k8s-deployment.yaml"
+  workflow_dispatch: {}
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-test-deployment
+  cancel-in-progress: true
+
+jobs:
+  k8s-ci-test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 45
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup kind cluster
+        uses: helm/kind-action@v1
+        with:
+          cluster_name: local
+          wait: 120s
+
+      - name: Install jq (for resource diagnostics)
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y jq
+
+      - name: Verify cluster
+        run: |
+          kubectl version
+          kubectl get nodes -o wide
+
+      - name: Install Knative (operators-knative-only)
+        run: |
+          cd k8s/scripts/setup
+          make operators-knative-only
+
+      - name: Trim Knative resources for CI
+        run: |
+          set -e
+
+          echo "=== Shrinking Knative control-plane resources ==="
+
+          echo "Patching knative-serving activator..."
+          kubectl -n knative-serving set resources deploy/activator \
+            --requests=cpu=50m,memory=80Mi --limits=cpu=200m,memory=256Mi \
+            || echo "WARN: failed to patch activator"
+
+          echo "Patching knative-serving autoscaler..."
+          kubectl -n knative-serving set resources deploy/autoscaler \
+            --requests=cpu=25m,memory=80Mi --limits=cpu=200m,memory=256Mi \
+            || echo "WARN: failed to patch autoscaler"
+
+          echo "Patching knative-serving controller..."
+          kubectl -n knative-serving set resources deploy/controller \
+            --requests=cpu=50m,memory=100Mi --limits=cpu=300m,memory=512Mi \
+            || echo "WARN: failed to patch controller"
+
+          echo "Patching knative-serving webhook..."
+          kubectl -n knative-serving set resources deploy/webhook \
+            --requests=cpu=25m,memory=80Mi --limits=cpu=200m,memory=256Mi \
+            || echo "WARN: failed to patch webhook"
+
+          echo "Patching knative net-kourier controller..."
+          kubectl -n knative-serving set resources deploy/net-kourier-controller \
+            --requests=cpu=25m,memory=80Mi --limits=cpu=200m,memory=256Mi \
+            || echo "WARN: failed to patch net-kourier-controller"
+
+          echo "Patching kourier gateway..."
+          kubectl -n kourier-system set resources deploy/3scale-kourier-gateway \
+            --requests=cpu=25m,memory=80Mi --limits=cpu=200m,memory=256Mi \
+            || echo "WARN: failed to patch 3scale-kourier-gateway"
+
+          echo "Optionally shrinking coredns..."
+          kubectl -n kube-system scale deploy/coredns --replicas=1 || echo "WARN: failed to scale coredns"
+          kubectl -n kube-system set resources deploy/coredns \
+            --requests=cpu=50m,memory=70Mi --limits=cpu=200m,memory=170Mi \
+            || echo "WARN: failed to patch coredns"
+
+          echo "Restarting control-plane pods so resource changes take effect..."
+          kubectl -n knative-serving rollout restart deploy/activator deploy/autoscaler deploy/controller deploy/webhook deploy/net-kourier-controller || true
+          kubectl -n kourier-system rollout restart deploy/3scale-kourier-gateway || true
+          kubectl -n kube-system rollout restart deploy/coredns || true
+
+      - name: Create ghcr-pull image pull secret (optional)
+        run: |
+          set -e
+          if [ -n "${GHCR_USERNAME:-}" ] && [ -n "${GHCR_TOKEN:-}" ]; then
+            echo "Creating ghcr-pull secret in default namespace"
+            kubectl create namespace default --dry-run=client -o yaml | kubectl apply -f -
+            kubectl create secret docker-registry ghcr-pull \
+              --docker-server=ghcr.io \
+              --docker-username="${GHCR_USERNAME}" \
+              --docker-password="${GHCR_TOKEN}" \
+              --docker-email="${GHCR_EMAIL:-devnull@example.com}" \
+              --dry-run=client -o yaml | kubectl apply -n default -f -
+          else
+            echo "GHCR_USERNAME/GHCR_TOKEN not set; assuming dashboard/db-job images are public."
+          fi
+        env:
+          GHCR_USERNAME: ${{ secrets.GH_USERNAME }}
+          GHCR_TOKEN: ${{ secrets.GH_PAT_TOKEN }}
+          GHCR_EMAIL: ${{ secrets.GH_EMAIL }}
+
+      - name: Sleep for a bit before install
+        run: |
+          sleep 10
+
+      - name: Apply CI overlay (on top of local)
+        run: |
+          cd k8s
+          kubectl kustomize overlays/ci --load-restrictor=LoadRestrictionsNone | kubectl apply -f -
+      
+      - name: Sleep for a bit
+        run: |
+          sleep 100
+
+      - name: Dump pod resource requests/limits (all namespaces)
+        if: always()
+        run: |
+          echo "=== Per-pod resource requests/limits ==="
+          kubectl get pods -A -o json \
+            | jq -r '
+                .items[]
+                | .metadata.namespace as $ns
+                | .metadata.name as $pod
+                | .spec.containers[]
+                | [$ns, $pod, .name,
+                   (.resources.requests.cpu // "0"),
+                   (.resources.requests.memory // "0"),
+                   (.resources.limits.cpu // "0"),
+                   (.resources.limits.memory // "0")]
+                | @tsv
+              ' \
+            | column -t
+
+          echo
+          echo "=== Aggregated resource requests per namespace (CPU cores, MiB) ==="
+          kubectl get pods -A -o json \
+            | jq -r '
+                [ .items[]
+                  | .metadata.namespace as $ns
+                  | {
+                      ns: $ns,
+                      cpu: ([.spec.containers[].resources.requests.cpu // "0"]
+                            | map(
+                                if test("m$") then (sub("m$";"") | tonumber / 1000)
+                                elif . == "0" then 0
+                                else tonumber
+                                end
+                              )
+                            | add),
+                      memMi: ([.spec.containers[].resources.requests.memory // "0"]
+                              | map(
+                                  if test("Gi$") then (sub("Gi$";"") | tonumber * 1024)
+                                  elif test("Mi$") then (sub("Mi$";"") | tonumber)
+                                  elif . == "0" then 0
+                                  else 0
+                                  end
+                                )
+                              | add)
+                    }
+                ]
+                | group_by(.ns)
+                | map({ns: .[0].ns, cpu: (map(.cpu) | add), memMi: (map(.memMi) | add)})
+                | sort_by(.ns)
+                | .[]
+                | [.ns, ( .cpu | tostring ), ( .memMi | tostring )]
+                | @tsv
+              ' \
+            | awk 'BEGIN{print "NAMESPACE\tCPU_CORES\tMEM_MIB"} {print}'
+
+      - name: Wait for local workloads
+        continue-on-error: true
+        run: |
+          set -e
+          echo "Namespaces:" && kubectl get ns
+          echo "All pods (initial):" && kubectl get pods -A
+
+          echo "All pods (final):" && kubectl get pods -A
+          echo "Knative services:" && kubectl get ksvc -A || true
+
+      - name: Dump diagnostics on failure
+        if: always()
+        run: |
+          echo "=== Namespaces ==="
+          kubectl get ns
+
+          echo "=== Pods (all namespaces) ==="
+          kubectl get pods -A -o wide || true
+
+          echo "=== Events (default) ==="
+          kubectl get events --sort-by=.lastTimestamp || true
+
+          echo "=== Deployments (default) ==="
+          kubectl get deploy -o wide || true
+
+          echo "=== Logs for default pods ==="
+          for pod in $(kubectl get pods -o jsonpath='{.items[*].metadata.name}'); do
+            echo "--------------------------------------------------"
+            echo "Logs for $pod"
+            kubectl describe pod "$pod" || true
+            kubectl logs "$pod" --all-containers --tail=200 || true
+          done

.prettierrc.json

@@ -0,0 +1,8 @@
+{
+  "trailingComma": "es5",
+  "tabWidth": 2,
+  "semi": true,
+  "useTabs": false,
+  "singleQuote": true,
+  "jsxSingleQuote": false
+}

AGENTS.md

@@ -0,0 +1,96 @@
+# Constructive Functions Agent Guide
+
+This guide helps AI agents quickly navigate the constructive-functions workspace.
+
+## Quick Start
+
+**Most important commands:**
+- `pnpm build` — Build all function packages (TypeScript → `dist/`)
+- `make docker-build` — Build Docker images for all functions
+- `make docker-build-simple-email` — Build just the simple-email image
+- `make docker-build-send-email-link` — Build just the send-email-link image
+- `cd k8s && make kustomize-local` — Deploy functions to a local Kubernetes cluster
+
+**Entry points:**
+- Function HTTP handlers: `functions/*/src/index.ts`
+- Docker entrypoints: `functions/*/Dockerfile` (`CMD ["node", "dist/index.js"]`)
+- K8s manifests: `k8s/base/functions/*` and `k8s/overlays/local/functions/*`
+
+## Monorepo Layout
+
+- `functions/*` — Function packages (`send-email-link`, `simple-email`)
+- `k8s/` — Kubernetes manifests, overlays, and setup scripts
+- `types/` — Custom type definitions for `@launchql/*` packages
+
+## Function Architecture
+
+**Image naming:**
+
+All Docker images use the registry prefix `ghcr.io/constructive-io/constructive-functions/`:
+
+- `ghcr.io/constructive-io/constructive-functions/simple-email:latest`
+- `ghcr.io/constructive-io/constructive-functions/send-email-link:latest`
+
+The `REGISTRY` variable in the Makefile controls this prefix.
+
+Both functions follow the same pattern:
+
+1. **Source** (`src/index.ts`):
+   - Import `app` from `@constructive-io/knative-job-fn` (Express app)
+   - Define HTTP handler with `app.post('/', ...)`
+   - Export `app` and start server if `require.main === module`
+2. **Build** (`package.json` → `tsc`):
+   - TypeScript compiles to `dist/index.js`
+3. **Docker** (`Dockerfile`):
+   - Uses `node:22-alpine`
+   - Installs production deps via `pnpm`
+   - Copies `dist/` and runs `node dist/index.js`
+
+## Common Workflows
+
+**Build all functions locally:**
+
+```bash
+pnpm install
+pnpm build
+```
+
+**Build Docker images:**
+
+```bash
+make docker-build                    # Build all functions
+make docker-build-simple-email         # Build one function
+make docker-build-send-email-link
+```
+
+**Deploy to Kubernetes (local):**
+
+```bash
+cd k8s
+make operators-knative-only   # Install Knative
+make kustomize-local          # Apply manifests
+make proxy-server            # Forward API to localhost:8080
+```
+
+**Run locally with Docker (manual):**
+
+```bash
+docker run -p 8080:8080 -e SIMPLE_EMAIL_DRY_RUN=true ghcr.io/constructive-io/constructive-functions/simple-email:latest
+```
+
+## Type Definitions
+
+The `types/` directory contains manual type definitions for packages without built-in types:
+
+- `@launchql/mjml` — Styled-email generator (MJML-based email templates)
+- `@launchql/postmaster` — Mailgun email sender
+- `@launchql/styled-email` — Email template components
+
+These are referenced in `tsconfig.json` via `"typeRoots": ["./types", "./node_modules/@types"]`.
+
+## Tips
+
+1. Build functions before building Docker images — `dist/` must exist
+2. Functions run on `PORT=8080` (Knative default)
+3. Email functions support dry-run mode via env vars (`SIMPLE_EMAIL_DRY_RUN`, `SEND_EMAIL_LINK_DRY_RUN`)
+4. K8s manifests reference Docker images; update image tags after pushing to registry