Fast, searchable catalog of Star Wars d6 RPG species with Firebase backend.
- 🔍 Fast search by name, homeworld, and sources (< 200ms)
- 📱 Responsive design with Star Wars theme
- 🔒 Secure admin-only imports and edits
- 📊 Complete species stats and abilities
- 🖼️ Image support with WebP optimization
- ♿ Accessible and keyboard-navigable
- 📦 Offline-capable PWA
- Frontend: React 19 + Vite + TypeScript + Tailwind CSS
- Backend: Firebase (Firestore, Auth, Storage, Functions, Hosting)
- Validation: Zod schemas
- Testing: Vitest (unit) + Playwright (E2E)
- CI/CD: GitHub Actions
star-wars-d6/
├── web/ # Frontend React app
│ ├── src/
│ │ ├── admin/ # Admin UI components
│ │ ├── components/ # Shared UI components
│ │ ├── pages/ # Route pages
│ │ ├── schemas/ # Zod validation schemas
│ │ └── utils/ # Utility functions
│ └── package.json
├── api/ # Firebase Cloud Functions
│ ├── src/
│ │ ├── functions/ # Cloud Functions
│ │ └── utils/ # Shared utilities
│ └── package.json
├── packages/
│ └── types/ # Shared TypeScript types
├── firebase.json # Firebase configuration
├── firestore.rules # Firestore security rules
├── storage.rules # Storage security rules
└── package.json # Root workspace config
- Node.js 20+
- npm 10+
- Firebase CLI:
npm install -g firebase-tools
npm installFollow the detailed guide in scripts/setup-firebase.md:
- Create Firebase project in console
- Enable Firestore, Auth, Storage, Functions, Hosting
- Copy Firebase config to
web/.env - Initialize Firebase CLI
- Deploy security rules
- Set up admin user
Quick start (only required for production deploys):
# Login to Firebase
firebase login
# Initialize project
firebase init
# Deploy rules
firebase deploy --only firestore:rules,firestore:indexes,storage:rulesCopy example files and add your Firebase config:
cp web/.env.example web/.env
cp api/.env.example api/.envEdit web/.env with Firebase config from console.
This repository includes a small smoke script to verify Puppeteer is usable by automated runners (for example, Claude Code or CI).
- Run the smoke test (uses the bundled Chromium by default):
npm run smoke:puppeteer- Use an existing Chrome/Chromium binary to avoid launching the downloaded Chromium (handy in CI or when system libs are missing):
PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium-browser npm run smoke:puppeteer- If the smoke test fails with a shared-library error (for example, missing libxkbcommon.so.0), install the OS packages listed in
TASKS.md(Debian/Ubuntu and Fedora examples are provided there).
See scripts/puppeteer-smoke.js for the exact behavior (it honors the PUPPETEER_EXECUTABLE_PATH env var and prints helpful troubleshooting tips).
Quick Start (Recommended):
# 1. Create .env file (one-time setup)
cp .env.example .env
# Edit .env and add your MYSQL_URL
# 2. Start both servers with single command
npm run devThis starts:
- MySQL API at http://localhost:4000
- Vite dev server at http://localhost:5173
Manual Start (separate terminals):
# Terminal 1: MySQL API
npm run dev:mysql-api
# Terminal 2: Vite dev server
npm run dev:web📖 Documentation:
- docs/DEV_LAUNCHER.md - Development launcher guide
- dev/LOCAL_DEV_SETUP.md - Architecture and manual setup
Note: Firebase emulators are not required for local development. The web app uses a local MySQL API with Vite proxy. Firebase Auth remains active for authentication.
# Run all tests
npm test
# Run web tests only
npm run test:web
# Run with UI
npm run test:web -- --ui
# Run with coverage
npm run test:web -- --coverage# Lint all code
npm run lint
# Fix lint issues
npm run lint:fix
# Format code
npm run format
# Check formatting
npm run format:checknpm run buildThis builds:
- Web app →
web/dist/ - API functions →
api/dist/
# Deploy everything
npm run firebase:deploy
# Deploy specific services
firebase deploy --only hosting
firebase deploy --only functions
firebase deploy --only firestore:rulesSee CLAUDE.md for AI-assisted development workflow.
See TASKS.md for detailed task checklist organized by milestone.
See PLANNING.md for architecture decisions and technical design.
npm run dev- Start web dev servernpm run build- Build all packagesnpm run test- Run all testsnpm run lint- Lint all codenpm run format- Format all codenpm run type-check- Type check all packages
npm run dev --workspace=web- Start Vite dev servernpm run build --workspace=web- Build production bundlenpm run test --workspace=web- Run Vitest testsnpm run preview --workspace=web- Preview production build
npm run dev --workspace=api- Start Functions emulatornpm run build --workspace=api- Compile TypeScriptnpm run deploy --workspace=api- Deploy Functions
Note: emulator support has been removed from the standard dev flow. Use the local MySQL API (
dev:mysql-api) + Vite proxy for development. Firebase Auth remains in use for authentication flows.
- Read CLAUDE.md for development guidelines
- Pick a task from TASKS.md
- Create a feature branch
- Make changes with tests
- Run lint and format
- Commit with descriptive message
- Push and create PR
MIT
- PRD - Product Requirements Document
- PLANNING.md - Technical architecture and design
- TASKS.md - Detailed task breakdown
- Firebase Setup Guide - Step-by-step Firebase configuration
Important housekeeping performed on this repository:
- A sensitive Firebase service-account JSON that was accidentally committed was removed from the reachable history and
masterwas force-updated on the remote to a cleaned state. If you or CI ever used that credential, rotate or revoke it in GCP immediately (see "Rotate credentials" below). - Large build and image assets were migrated into Git LFS to reduce repository object bloat. Anyone who clones this repo must have Git LFS installed.
Rotate credentials (required)
- If the deleted service account was ever used in any environment, rotate its keys or delete the service account in the Google Cloud Console and create a new one. Treat the old private key as compromised.
- Replace credentials on any deployed infrastructure (CI, servers, hosting) with the new service account and ensure the old key is removed.
How to set the service account for local development
- Option A (recommended): Save the service account JSON locally and point Google SDKs at it with:
export GOOGLE_APPLICATION_CREDENTIALS="/path/to/star-wars-d6-service-account.json"
# or (if code expects a stringified env var): export FIREBASE_SERVICE_ACCOUNT="$(cat /path/to/star-wars-d6-service-account.json)"- Do NOT commit the JSON or paste it into tracked files. Add it to your machine's secure storage or CI secret store.
Git LFS — short instructions
- Install Git LFS (macOS/Homebrew, Linux package manager, or https://git-lfs.github.com/).
- Initialize locally (one-time):
git lfs install- The repo tracks large images and build artifacts (see
.gitattributes). If you need to migrate additional large file patterns, update.gitattributesand rungit lfs migrate import --include="path/**"(this rewrites history and requires a force-push).
What to do after the forced history rewrite
- This repository's
masterbranch was force-updated to remove sensitive data. Collaborators should either reclone the repository or reset their localmasterto match the remote. Example commands:
# fast, destructive sync (recommended for collaborators)
git fetch origin
git checkout master
git reset --hard origin/master
# or simply reclone to avoid any local confusion
git clone <repo-url>- Make sure everyone has Git LFS installed before running
git pullor cloning, so LFS objects are fetched correctly.
Pre-push checks (recommended)
- Add a lightweight pre-push hook or CI check to scan for common secret patterns (private keys, API keys, service-account.json) to prevent accidental commits. Tools like
detect-secrets,git-secrets, or simple grep checks are useful.
Backup branch
- A pre-cleanup backup branch
backup-before-cleanup-20251012054132was created during remediation and has now been deleted from this repository to avoid retaining the sensitive state in refs. If you need the pre-cleanup history for any reason, contact the repo owner immediately — it may not be recoverable after deletion.