.container-images/fastapi.Dockerfile

@@ -1,9 +0,0 @@
-FROM python:3.11-slim
-
-WORKDIR /app
-COPY requirements.txt .
-RUN pip install --no-cache-dir -r requirements.txt
-
-COPY src/services/app ./app
-# 'python -m' avoids entrypoint shell
-CMD ["python", "-m", "uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]

.forgejo/workflows/ci.yaml

@@ -1,21 +0,0 @@
-on: [push]
-
-jobs:
-  lint-build:
-    runs-on: podman
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Run pre-commit checks
-        run: |
-          pip install pre-commit
-          pre-commit run --all-files
-
-      - name: Build FastAPI image
-        run: |
-          podman build -t cmmc-fastapi:${{ forgejo.sha }} \
-                       -f .container-images/fastapi.Dockerfile .
-
-      # optional push to internal registry:
-      # - name: Push image
-      #   run: podman push cmmc-fastapi:${{ forgejo.sha }} <registry>/<path>:${{ forgejo.sha }}

.gitignore

@@ -1,90 +0,0 @@
-############################################################
-#  Core language + tooling
-############################################################
-# Python
-__pycache__/
-*.py[cod]
-*.pyo
-*.pyd
-*.egg-info/
-*.egg
-*.trace
-pip-wheel-metadata/
-
-# Virtual-envs
-.venv/
-venv/
-.env/
-# Poetry / pipenv virtual envs
-.poetry/
-.pipenv/
-
-# Ruff / pytest cache
-.cache/
-.pytest_cache/
-
-# Node (used by markdownlint-cli2, etc.)
-node_modules/
-npm-debug.log*
-pnpm-debug.log*
-yarn-debug.log*
-yarn-error.log*
-
-############################################################
-#  Containers & Podman Compose
-############################################################
-# Podman/Docker build cache & artifacts
-*.tar
-*.oci
-# Local image layers (rootless)
-~/.local/share/containers/
-# Podman-compose temp files
-podman-compose.env
-
-############################################################
-#  Infrastructure-as-Code generated artifacts
-############################################################
-# Terraform
-.terraform/
-terraform.tfstate
-terraform.tfstate.*
-crash.log
-# TFLint / tfsec results
-.tflint.*
-tfsec.log
-
-# Helm
-charts/
-*.tgz
-# Helmfile diff/output
-helmfile*.yaml.orig
-
-############################################################
-#  Documentation & diagrams
-############################################################
-# Structurizr export cache
-docs/architecture/c4/*.png
-docs/architecture/c4/*.svg
-
-############################################################
-#  IDE / Editor cruft
-############################################################
-# VS Code
-.vscode/
-.history/
-# JetBrains
-.idea/
-*.iml
-
-############################################################
-#  OS-level temp files
-############################################################
-.DS_Store
-Thumbs.db
-ehthumbs.db
-desktop.ini
-$RECYCLE.BIN/
-
-############################################################
-#  Secrets — keep these paths tracked if you use SOPS/Vault!
-##############

.pre-commit-config.yaml

@@ -1,31 +0,0 @@
-repos:
-  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.4.4          # latest Ruff tag that ships hooks file
-    hooks:
-      - id: ruff
-        stages: [pre-commit]
-
-  - repo: https://github.com/markdownlint/markdownlint
-    rev: v0.12.0
-    hooks:
-      - id: markdownlint
-        stages: [pre-commit]
-        files: \.(md|markdown)$
-        exclude: \.venv/ 
-
-  - repo: https://github.com/aquasecurity/tfsec
-    rev: v1.28.4
-    hooks:
-      - id: tfsec
-        args: ["--no-colour"]
-        stages: [pre-commit]
-
-  - repo: https://github.com/mxab/pre-commit-trivy
-    rev: v0.15.0           # latest tag as of June 2025
-    hooks:
-      - id: trivyfs-docker     # scan source tree for vulns/secrets
-        stages: [pre-push]
-        args:
-          - --skip-dirs
-          - .git
-          - .forgejo

Makefile

@@ -1,15 +0,0 @@
-compose = podman-compose -f dev-compose.yaml
-
-up:            ## start local stack
-	$(compose) up -d
-
-down:          ## stop stack
-	$(compose) down
-
-logs:          ## follow logs
-	$(compose) logs -f
-
-build:         ## build FastAPI image locally
-	podman build -t cmmc-fastapi:latest -f .container-images/fastapi.Dockerfile .
-
-.PHONY: up down logs build

dev-compose.yaml

@@ -1,50 +0,0 @@
-version: "3.9"
-
-x-common-env: &common-env
-  TZ: "UTC"
-
-services:
-  kong:
-    image: docker.io/library/kong:3.7
-    container_name: kong
-    restart: unless-stopped
-    environment:
-      <<: *common-env
-      KONG_DATABASE: "off"
-      KONG_DECLARATIVE_CONFIG: /config/kong.yml
-      KONG_LOG_LEVEL: info
-    volumes:
-      - ./kong/kong.yml:/config/kong.yml:ro
-    ports:
-      - "8000:8000"     # proxy
-      - "8001:8001"     # admin api
-    networks: [internal]
-
-  keycloak:
-    image: quay.io/keycloak/keycloak:25.0.0
-    container_name: keycloak
-    command: start-dev
-    restart: unless-stopped
-    environment:
-      <<: *common-env
-      KEYCLOAK_ADMIN: admin
-      KEYCLOAK_ADMIN_PASSWORD: admin
-      KC_PROXY_HEADERS: xforwarded
-    ports:
-      - "8080:8080"
-    networks: [internal]
-
-  fastapi:
-    image: cmmc-fastapi:latest   # built by CI or `make build`
-    container_name: fastapi
-    restart: unless-stopped
-    environment:
-      <<: *common-env
-      APP_ENV: dev
-    ports:
-      - "8008:8000"
-    networks: [internal]
-
-networks:
-  internal:
-    driver: bridge

requirements.txt

@@ -1,2 +0,0 @@
-fastapi==0.111.0
-uvicorn[standard]==0.30.0

src/services/.container-images/fastapi.Dockerfile

@@ -1,9 +0,0 @@
-FROM python:3.11-slim
-
-WORKDIR /app
-COPY requirements.txt .
-RUN pip install --no-cache-dir -r requirements.txt
-
-COPY src/services/app ./app
-# 'python -m' avoids entrypoint shell
-CMD ["python", "-m", "uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]

src/services/app/main.py

@@ -1,13 +0,0 @@
-from fastapi import FastAPI
-
-app = FastAPI(title="CMMC Platform API MVP", version="0.1.0")
-
-
-@app.get("/healthz", tags=["meta"])
-async def healthz() -> dict[str, str]:
-    return {"status": "pong"}
-
-
-@app.get("/", tags=["meta"])
-async def root() -> dict[str, str]:
-    return {"message": "CMMC Platform – it works!"}