{"id":50454125,"url":"https://github.com/mizcausevic-dev/tenant-access-control-plane","last_synced_at":"2026-06-01T01:05:40.228Z","repository":{"id":357462696,"uuid":"1236252569","full_name":"mizcausevic-dev/tenant-access-control-plane","owner":"mizcausevic-dev","description":"Next.js control plane for tenant access governance, GraphQL APIs, role-aware workflows, and production-style delivery assets.","archived":false,"fork":false,"pushed_at":"2026-05-12T21:46:02.000Z","size":1348,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-12T23:22:29.723Z","etag":null,"topics":["access-control","control-plane","drizzle","graphql","identity-governance","nextjs","oidc","platform-engineering","playwright","postgresql","redis","tailwindcss","typescript"],"latest_commit_sha":null,"homepage":"https://kineticgain.com","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mizcausevic-dev.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-05-12T04:48:04.000Z","updated_at":"2026-05-12T21:46:06.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/mizcausevic-dev/tenant-access-control-plane","commit_stats":null,"previous_names":["mizcausevic-dev/tenant-access-control-plane"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/mizcausevic-dev/tenant-access-control-plane","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mizcausevic-dev%2Ftenant-access-control-plane","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mizcausevic-dev%2Ftenant-access-control-plane/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mizcausevic-dev%2Ftenant-access-control-plane/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mizcausevic-dev%2Ftenant-access-control-plane/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mizcausevic-dev","download_url":"https://codeload.github.com/mizcausevic-dev/tenant-access-control-plane/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mizcausevic-dev%2Ftenant-access-control-plane/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33755379,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-31T02:00:06.040Z","response_time":95,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","control-plane","drizzle","graphql","identity-governance","nextjs","oidc","platform-engineering","playwright","postgresql","redis","tailwindcss","typescript"],"created_at":"2026-06-01T01:05:40.173Z","updated_at":"2026-06-01T01:05:40.222Z","avatar_url":"https://github.com/mizcausevic-dev.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Tenant Access Control Plane\r\n\r\nNext.js flagship for **tenant access governance**, GraphQL contracts, role-aware approval flows, and production-style delivery assets.\r\n\r\n\u003e **What this repo proves**\r\n\u003e\r\n\u003e This is the broad-appeal full-stack control plane in the portfolio: modern frontend, typed API contract, real data layer, auth posture, tests, CI, and deploy assets in one product-shaped repo.\r\n\r\n## Why this repo exists\r\n\r\nThis project closes the biggest broad-appeal gap in the portfolio:\r\n\r\n- a modern full-stack app\r\n- a real data layer\r\n- a typed API contract\r\n- auth posture\r\n- caching\r\n- tests\r\n- CI\r\n- deploy assets\r\n\r\nIt is intentionally local-first. You can boot it without Docker, Postgres, or Redis and still get the full experience. When those services are available, the same code path upgrades into a more production-shaped deployment.\r\n\r\n## Stack\r\n\r\n- Next.js App Router\r\n- Tailwind CSS\r\n- GraphQL Yoga\r\n- Zustand\r\n- Drizzle ORM\r\n- PGlite local runtime with optional PostgreSQL\r\n- Redis-ready cache fallback\r\n- Signed demo session cookies with OIDC-ready configuration\r\n- Vitest\r\n- Playwright\r\n- GitHub Actions\r\n- Docker, Kubernetes manifests, and Helm chart\r\n\r\n## One-shot local run\r\n\r\n```powershell\r\ncd tenant-access-control-plane\r\nnpm install\r\nnpm run dev\r\n```\r\n\r\nOpen:\r\n\r\n- [http://127.0.0.1:3000/](http://127.0.0.1:3000/)\r\n- [http://127.0.0.1:3000/docs](http://127.0.0.1:3000/docs)\r\n- [http://127.0.0.1:3000/api/graphql](http://127.0.0.1:3000/api/graphql)\r\n\r\n## Optional production-style services\r\n\r\nCreate `.env.local` from [.env.example](./.env.example) and set any of the following:\r\n\r\n- `DATABASE_URL`\r\n- `REDIS_URL`\r\n- `OIDC_ISSUER`\r\n- `OIDC_CLIENT_ID`\r\n- `OIDC_CLIENT_SECRET`\r\n- `SESSION_SECRET`\r\n\r\nIf `DATABASE_URL` is not set, the repo falls back to a persistent local PGlite store under `.data/`.\r\n\r\nIf `REDIS_URL` is not set, the repo falls back to an in-memory TTL cache.\r\n\r\n## Verification\r\n\r\n```powershell\r\nnpm run lint\r\nnpm run test\r\nnpm run build\r\n```\r\n\r\nOptional e2e:\r\n\r\n```powershell\r\nnpx playwright install chromium\r\nnpm run test:e2e\r\n```\r\n\r\n## GraphQL example\r\n\r\n```graphql\r\nquery DashboardSnapshot {\r\n  dashboardSummary {\r\n    cacheMode\r\n    metrics {\r\n      label\r\n      value\r\n      change\r\n    }\r\n  }\r\n}\r\n```\r\n\r\n## Deployment assets\r\n\r\n- [Dockerfile](./Dockerfile)\r\n- [docker-compose.yml](./docker-compose.yml)\r\n- [k8s](./k8s)\r\n- [helm/tenant-access-control-plane](./helm/tenant-access-control-plane)\r\n- [.github/workflows/ci.yml](./.github/workflows/ci.yml)\r\n\r\n## Screenshots\r\n\r\n### Overview\r\n![Overview](./screenshots/01-overview.png)\r\n\r\n### GraphQL Contract\r\n![GraphQL](./screenshots/02-graphql.png)\r\n\r\n### Delivery Surface\r\n![Deploy](./screenshots/03-deploy.png)\r\n\r\n### Docs\r\n![Docs](./screenshots/04-docs.png)\r\n\r\n## Repo anatomy\r\n\r\n- [src/app/page.tsx](./src/app/page.tsx)\r\n- [src/components/control-plane.tsx](./src/components/control-plane.tsx)\r\n- [src/lib/domain/service.ts](./src/lib/domain/service.ts)\r\n- [src/lib/graphql/schema.ts](./src/lib/graphql/schema.ts)\r\n- [src/lib/db/schema.ts](./src/lib/db/schema.ts)\r\n- [docs/architecture.md](./docs/architecture.md)\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmizcausevic-dev%2Ftenant-access-control-plane","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmizcausevic-dev%2Ftenant-access-control-plane","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmizcausevic-dev%2Ftenant-access-control-plane/lists"}