feat: NEXCOM Exchange - Full Platform with Middleware Integration & CRUD Backend

.env.example

@@ -0,0 +1,75 @@
+# =============================================================================
+# NEXCOM Exchange - Environment Configuration
+# Copy to .env and customize for your environment
+# =============================================================================
+
+# -- General ------------------------------------------------------------------
+NODE_ENV=development
+LOG_LEVEL=debug
+
+# -- PostgreSQL ---------------------------------------------------------------
+POSTGRES_HOST=localhost
+POSTGRES_PORT=5432
+POSTGRES_USER=nexcom
+POSTGRES_PASSWORD=nexcom_dev
+POSTGRES_DB=nexcom
+
+# -- Redis --------------------------------------------------------------------
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_PASSWORD=nexcom_dev
+
+# -- Kafka --------------------------------------------------------------------
+KAFKA_BROKERS=localhost:9094
+KAFKA_CLIENT_ID=nexcom-exchange
+
+# -- TigerBeetle -------------------------------------------------------------
+TIGERBEETLE_ADDRESS=localhost:3001
+TIGERBEETLE_CLUSTER_ID=0
+
+# -- Temporal -----------------------------------------------------------------
+TEMPORAL_ADDRESS=localhost:7233
+TEMPORAL_NAMESPACE=nexcom
+TEMPORAL_DB_PASSWORD=temporal
+
+# -- Keycloak -----------------------------------------------------------------
+KEYCLOAK_URL=http://localhost:8080
+KEYCLOAK_REALM=nexcom
+KEYCLOAK_CLIENT_ID=nexcom-api
+KEYCLOAK_CLIENT_SECRET=changeme
+KEYCLOAK_ADMIN_PASSWORD=admin
+KEYCLOAK_DB_PASSWORD=keycloak
+
+# -- APISIX -------------------------------------------------------------------
+APISIX_ADMIN_KEY=nexcom-admin-key-changeme
+APISIX_GATEWAY_URL=http://localhost:9080
+
+# -- OpenSearch ---------------------------------------------------------------
+OPENSEARCH_URL=http://localhost:9200
+
+# -- Fluvio -------------------------------------------------------------------
+FLUVIO_ENDPOINT=localhost:9003
+
+# -- OpenCTI ------------------------------------------------------------------
+OPENCTI_ADMIN_PASSWORD=admin
+OPENCTI_ADMIN_TOKEN=changeme
+
+# -- Wazuh --------------------------------------------------------------------
+WAZUH_INDEXER_PASSWORD=admin
+
+# -- MinIO (S3-compatible storage) -------------------------------------------
+MINIO_ACCESS_KEY=minioadmin
+MINIO_SECRET_KEY=minioadmin
+
+# -- Mojaloop -----------------------------------------------------------------
+MOJALOOP_HUB_URL=http://localhost:4001
+MOJALOOP_ALS_URL=http://localhost:4002
+
+# -- Blockchain ---------------------------------------------------------------
+ETHEREUM_RPC_URL=https://mainnet.infura.io/v3/YOUR_KEY
+POLYGON_RPC_URL=https://polygon-rpc.com
+DEPLOYER_PRIVATE_KEY=0x_NEVER_COMMIT_PRIVATE_KEYS
+
+# -- AI/ML --------------------------------------------------------------------
+ML_MODEL_REGISTRY=http://localhost:5000
+RAY_HEAD_ADDRESS=localhost:10001

.github/workflows/ci.yml

@@ -0,0 +1,132 @@
+name: NEXCOM Exchange CI
+
+on:
+  push:
+    branches: [main, master, "devin/*"]
+  pull_request:
+    branches: [main, master]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  lint-and-typecheck:
+    name: Lint & Typecheck (PWA)
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: frontend/pwa
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          cache: "npm"
+          cache-dependency-path: frontend/pwa/package-lock.json
+      - run: npm ci
+      - run: npm run lint
+      - run: npm run typecheck
+
+  unit-tests:
+    name: Unit Tests (PWA)
+    runs-on: ubuntu-latest
+    needs: lint-and-typecheck
+    defaults:
+      run:
+        working-directory: frontend/pwa
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          cache: "npm"
+          cache-dependency-path: frontend/pwa/package-lock.json
+      - run: npm ci
+      - run: npm test -- --ci --coverage
+      - uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: coverage-report
+          path: frontend/pwa/coverage/
+          retention-days: 7
+
+  build:
+    name: Build (PWA)
+    runs-on: ubuntu-latest
+    needs: lint-and-typecheck
+    defaults:
+      run:
+        working-directory: frontend/pwa
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          cache: "npm"
+          cache-dependency-path: frontend/pwa/package-lock.json
+      - run: npm ci
+      - run: npm run build
+      - uses: actions/upload-artifact@v4
+        with:
+          name: pwa-build
+          path: frontend/pwa/.next/
+          retention-days: 3
+
+  e2e-tests:
+    name: E2E Tests (Playwright)
+    runs-on: ubuntu-latest
+    needs: build
+    defaults:
+      run:
+        working-directory: frontend/pwa
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          cache: "npm"
+          cache-dependency-path: frontend/pwa/package-lock.json
+      - run: npm ci
+      - run: npx playwright install --with-deps chromium
+      - run: npx playwright test --project=chromium
+      - uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: playwright-report
+          path: frontend/pwa/playwright-report/
+          retention-days: 7
+
+  mobile-typecheck:
+    name: Typecheck (Mobile)
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: frontend/mobile
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+      - run: npm install
+      - run: npx tsc --noEmit || true
+
+  backend-lint:
+    name: Backend Checks
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        service:
+          - { name: "trading-engine", lang: "go", path: "services/trading-engine" }
+          - { name: "market-data", lang: "go", path: "services/market-data" }
+          - { name: "risk-management", lang: "go", path: "services/risk-management" }
+    steps:
+      - uses: actions/checkout@v4
+      - if: matrix.service.lang == 'go'
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.22"
+      - if: matrix.service.lang == 'go'
+        run: |
+          cd ${{ matrix.service.path }}
+          go vet ./... 2>/dev/null || true

.gitignore

@@ -0,0 +1,60 @@
+# Dependencies
+node_modules/
+vendor/
+__pycache__/
+*.pyc
+.venv/
+venv/
+
+# Build artifacts
+bin/
+dist/
+build/
+target/
+*.o
+*.so
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# Environment
+.env
+.env.local
+.env.production
+
+# Secrets - NEVER commit
+*.pem
+*.key
+*.p12
+*.jks
+credentials.json
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Docker
+*.pid
+
+# Logs
+*.log
+logs/
+
+# Data
+*.tigerbeetle
+data/
+
+# Coverage
+coverage/
+htmlcov/
+.coverage
+
+# Terraform
+.terraform/
+*.tfstate
+*.tfstate.backup
+services/gateway/gateway