luke-h1 · luke-h1 · Dec 14, 2025 · Dec 14, 2025 · Dec 14, 2025 · Dec 14, 2025
diff --git a/.bun-version b/.bun-version
@@ -1 +1 @@
-1.2.5
+1.3.2
diff --git a/.changeset/README.md b/.changeset/README.md
@@ -0,0 +1,29 @@
+# Changesets
+
+Hello and welcome! This folder has been automatically generated by `@changesets/cli`, a build tool that works
+with multi-package repos, or single-package repos to help you version and publish your code. You can
+find the full documentation for it [in our repository](https://github.com/changesets/changesets)
+
+We have a quick list of common questions to get you started engaging with this project in
+[our documentation](https://github.com/changesets/changesets/blob/main/docs/common-questions.md)
+
+## Usage
+
+To add a changeset, run:
+
+```bash
+bun run changeset
+```
+
+To version the package based on changesets, run:
+
+```bash
+bun run changeset:version
+```
+
+To check the status of changesets, run:
+
+```bash
+bun run changeset:status
+```
+
diff --git a/.changeset/config.json b/.changeset/config.json
@@ -0,0 +1,16 @@
+{
+  "$schema": "https://unpkg.com/@changesets/[email protected]/schema.json",
+  "changelog": "@changesets/cli/changelog",
+  "commit": false,
+  "fixed": [],
+  "linked": [],
+  "access": "restricted",
+  "baseBranch": "main",
+  "updateInternalDependencies": "patch",
+  "ignore": [],
+  "privatePackages": {
+    "version": true,
+    "tag": false
+  }
+}
+
diff --git a/.github/actions/deploy/action.yml b/.github/actions/deploy/action.yml
@@ -13,10 +13,6 @@ inputs:
 runs:
   using: composite
   steps:
-    - name: Validate environment
-      shell: bash
-      run: if [ "${{ inputs.environment }}" != "staging" ] && [ "${{ inputs.environment }}" != "live" ]; then echo "Invalid environment"; exit 1; fi
-
     - name: Setup Terraform
       uses: hashicorp/setup-terraform@v3
       with:
@@ -56,26 +52,41 @@ runs:
       working-directory: terraform
       run: terraform validate
 
-    - name: Setup version information
+    - name: Build functions for Lambda
       shell: bash
-      env:
-        GITHUB_EVENT_NAME: ${{ github.event_name }}
-        GITHUB_REF_NAME: ${{ github.ref_name }}
       run: |
-        chmod +x scripts/version.sh
-        ./scripts/version.sh info
+        docker run --rm \
+          --platform linux/amd64 \
+          -v "${{ github.workspace }}:/workspace" \
+          -w /workspace \
+          swift:6.1-amazonlinux2 \
+          bash -c "swift build -c release --static-swift-stdlib && \
+            cp .build/release/lambda .build/release/bootstrap && \
+            chmod 755 .build/release/bootstrap && \
+            mkdir -p .build/release/authorizer-package && \
+            cp .build/release/authorizer .build/release/authorizer-package/bootstrap && \
+            chmod 755 .build/release/authorizer-package/bootstrap"
+        sudo chown -R $(id -u):$(id -g) .build
 
-    - name: Build .NET Lambda functions
+    - name: Get version
+      id: version
       shell: bash
       run: |
-        chmod +x scripts/build.sh
-        ./scripts/build.sh
+        # Use VERSION env var if set (for pre-releases), otherwise read from package.json
+        if [ -n "$VERSION" ]; then
+          echo "Using provided version: $VERSION"
+          echo "APP_VERSION=$VERSION" >> $GITHUB_ENV
+        else
+          PKG_VERSION=$(jq -r .version package.json)
+          echo "Using package.json version: $PKG_VERSION"
+          echo "APP_VERSION=$PKG_VERSION" >> $GITHUB_ENV
+        fi
 
     - name: Terraform plan
       id: plan
       shell: bash
       working-directory: terraform
-      run: terraform plan -no-color -out=tfplan -var="app_version=$VERSION" -var="git_sha=$GIT_SHA"
+      run: terraform plan -no-color -out=tfplan -var="app_version=${{ env.APP_VERSION }}" -var="git_sha=$GIT_SHA"
 
     - name: Terraform apply
       shell: bash

diff --git a/.github/actions/install/action.yml b/.github/actions/install/action.yml
@@ -3,38 +3,18 @@ description: Install dependencies
 runs:
   using: composite
   steps:
-    - name: Install moreutils
-      run: sudo apt install moreutils
-      shell: bash
-
-    # https://github.com/actions/virtual-environments/issues/1187
-    - name: tune linux network
-      run: sudo ethtool -K eth0 tx off rx off
-      shell: bash
-
     - name: Ensure branch is rebased with main
       run: git stash && git pull --rebase
       shell: bash
 
-    - name: Setup .NET
-      uses: actions/setup-dotnet@v4
+    - name: Setup Swift
+      uses: swift-actions/setup-swift@v3
       with:
-        dotnet-version: "8.0.x"
-
-    - name: Restore .NET dependencies for main lambda
-      shell: bash
-      working-directory: apps/lho-lambda/src
-      run: dotnet restore
-
-    - name: Restore .NET dependencies for authorizer
-      shell: bash
-      working-directory: apps/lho-authorizer/src
-      run: dotnet restore
+        swift-version: "6.1.0"
 
-    # https://github.com/actions/virtual-environments/issues/1187
-    - name: tune linux network
-      run: sudo ethtool -K eth0 tx off rx off
+    - name: Resolve Swift dependencies
       shell: bash
+      run: swift package resolve
 
     - name: 🥟 Setup Bun
       uses: oven-sh/setup-bun@v2

diff --git a/.github/actions/validate/action.yml b/.github/actions/validate/action.yml
@@ -1,14 +1,12 @@
-name: Install
+name: Validate
 description: Validate
 runs:
   using: composite
   steps:
-    - name: Build main lambda
+    - name: Run SwiftLint
       shell: bash
-      working-directory: apps/lho-lambda
-      run: dotnet build --configuration Release --no-restore
+      run: swiftlint
 
-    - name: Build authorizer lambda
+    - name: Build functions
       shell: bash
-      working-directory: apps/lho-authorizer
-      run: dotnet build --configuration Release --no-restore
+      run: swift build -c release
diff --git a/.github/workflows/build-prerelease-version.yml b/.github/workflows/build-prerelease-version.yml
@@ -1,11 +1,12 @@
-name: Build pre-release version
+name: Deploy Staging (Pre-release)
+
 on:
   workflow_dispatch:
-  pull_request:
-    types: [opened, synchronize, edited, reopened]
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
+
 env:
   TF_VAR_env: staging
   TF_VAR_env_vars: ${{ secrets.LIVE_ENV_VARS }}
@@ -17,62 +18,51 @@ env:
   TF_VAR_certificate_chain: ${{ secrets.STAGING_CERTIFICATE_CHAIN }}
   TF_VAR_deployed_by: ${{ github.actor }}
   TF_VAR_git_sha: ${{ github.sha }}
-  TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
-  TURBO_TEAM: luke-h1-project
   TF_VAR_api_key: ${{ secrets.STAGING_API_KEY }}
-  TF_VAR_discord_webhook_url: ${{ secrets.DISCORD_ALERTS_WEBHOOK_URL}}
+  TF_VAR_discord_webhook_url: ${{ secrets.DISCORD_ALERTS_WEBHOOK_URL }}
 
 permissions: write-all
 
 jobs:
   deploy:
-    name: Deploy to staging
+    name: Deploy to Staging
     runs-on: ubuntu-latest
-    timeout-minutes: 10
+    timeout-minutes: 15
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          ref: ${{ github.head_ref }}
-
-      - name: Ensure rebased with main
-        run: ./scripts/ensure-rebased.sh
-
-      - name: Install
-        uses: ./.github/actions/install
 
-      - name: Validate
-        uses: ./.github/actions/validate
-
-      - name: Changelogs
-        uses: ./.github/actions/changelog
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v2
         with:
-          prerelease: true
-          publish: false
+          bun-version-file: ".bun-version"
+
+      - name: Install dependencies
+        run: bun install --frozen-lockfile
 
-      - name: fetch latest commits
-        run: git fetch && git pull
+      - name: Get pre-release version
+        id: version
+        run: |
+          BASE_VERSION=$(jq -r .version package.json)
+          SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7)
+          PRERELEASE_VERSION="${BASE_VERSION}-staging.${SHORT_SHA}"
+          echo "version=${PRERELEASE_VERSION}" >> $GITHUB_OUTPUT
+          echo "Pre-release version: ${PRERELEASE_VERSION}"
 
       - name: Deploy
         uses: ./.github/actions/deploy
         with:
           environment: staging
           aws-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        env:
+          VERSION: ${{ steps.version.outputs.version }}
 
-      - name: Get versions
-        id: lambda-version
+      - name: Summary
         run: |
-          echo "::set-output name=LAMBDA_VERSION::$(./scripts/version.sh get)"
-          echo "::set-output name=AUTHORIZER_VERSION::$(./scripts/version.sh get)"
-
-      - uses: actions/github-script@v7
-        with:
-          script: |
-            github.rest.issues.createComment({
-              issue_number: context.issue.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              body: '* [Lambda version](https://nowplaying-${{env.TF_VAR_env}}.lhowsam.com) - `${{ steps.lambda-version.outputs.LAMBDA_VERSION }}`\n* [Authorizer version](https://nowplaying-${{env.TF_VAR_env}}.lhowsam.com) - `${{ steps.lambda-version.outputs.AUTHORIZER_VERSION }}`'
-            })
+          echo "## 🚀 Staging Deployment" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "- **Version**: \`${{ steps.version.outputs.version }}\`" >> $GITHUB_STEP_SUMMARY
+          echo "- **URL**: https://nowplaying-staging.lhowsam.com" >> $GITHUB_STEP_SUMMARY
diff --git a/.github/workflows/build-release-version.yml b/.github/workflows/build-release-version.yml
@@ -31,7 +31,7 @@ env:
 jobs:
   release:
     name: Release packages
-    runs-on: ubuntu-latest
+    runs-on: macos-latest
     timeout-minutes: 10
     steps:
       - name: Checkout repository

diff --git a/.github/workflows/deploy-test.yml b/.github/workflows/deploy-test.yml
@@ -0,0 +1,103 @@
+name: Deploy Test (PR Preview)
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  TF_VAR_env: test
+  TF_VAR_env_vars: ${{ secrets.LIVE_ENV_VARS }}
+  TF_VAR_zone_id: ${{ secrets.LIVE_ZONE_ID }}
+  TF_VAR_root_domain: lhowsam.com
+  TF_VAR_sub_domain: nowplaying.lhowsam.com
+  TF_VAR_private_key: ${{ secrets.STAGING_PRIVATE_KEY }}
+  TF_VAR_certificate_body: ${{ secrets.STAGING_CERTIFICATE_BODY }}
+  TF_VAR_certificate_chain: ${{ secrets.STAGING_CERTIFICATE_CHAIN }}
+  TF_VAR_deployed_by: ${{ github.actor }}
+  TF_VAR_git_sha: ${{ github.sha }}
+  TF_VAR_api_key: ${{ secrets.STAGING_API_KEY }}
+  TF_VAR_discord_webhook_url: ${{ secrets.DISCORD_ALERTS_WEBHOOK_URL }}
+
+permissions: write-all
+
+jobs:
+  deploy:
+    name: Deploy to Test
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: ${{ github.head_ref }}
+
+      - name: Ensure rebased with main
+        run: ./scripts/ensure-rebased.sh
+
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v2
+        with:
+          bun-version-file: ".bun-version"
+
+      - name: Install dependencies
+        run: bun install --frozen-lockfile
+
+      - name: Get pre-release version
+        id: version
+        run: |
+          BASE_VERSION=$(jq -r .version package.json)
+          PR_NUMBER=${{ github.event.pull_request.number }}
+          SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7)
+          PRERELEASE_VERSION="${BASE_VERSION}-pr.${PR_NUMBER}.${SHORT_SHA}"
+          echo "version=${PRERELEASE_VERSION}" >> $GITHUB_OUTPUT
+          echo "Pre-release version: ${PRERELEASE_VERSION}"
+
+      - name: Deploy
+        uses: ./.github/actions/deploy
+        with:
+          environment: ${{ env.TF_VAR_env }}
+          aws-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        env:
+          VERSION: ${{ steps.version.outputs.version }}
+
+      - name: Comment on PR
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const version = '${{ steps.version.outputs.version }}';
+            const marker = '<!-- test-deployment-comment -->';
+            const body = `${marker}\n## 🚀 Test Deployment\n\n- **Version**: \`${version}\`\n- **URL**: https://nowplaying-test.lhowsam.com\n- **Health**: https://nowplaying-test.lhowsam.com/api/health\n- **Version API**: https://nowplaying-test.lhowsam.com/api/version`;
+
+            // Find existing comment
+            const { data: comments } = await github.rest.issues.listComments({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+            });
+
+            const existingComment = comments.find(comment => comment.body.includes(marker));
+
+            if (existingComment) {
+              // Update existing comment
+              await github.rest.issues.updateComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: existingComment.id,
+                body: body
+              });
+            } else {
+              // Create new comment
+              await github.rest.issues.createComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.issue.number,
+                body: body
+              });
+            }