started new discounts tutorial sample

Author: nickwesselman

sample-apps/discounts/.dockerignore

@@ -0,0 +1,3 @@
+web/node_modules
+web/frontend/node_modules
+web/frontend/dist

sample-apps/discounts/.gitignore

@@ -0,0 +1,28 @@
+# Environment Configuration
+.env
+.env.*
+
+# Dependency directory
+node_modules
+
+# Test coverage directory
+coverage
+
+# Ignore Apple macOS Desktop Services Store
+.DS_Store
+
+# Logs
+logs
+*.log
+
+# ngrok tunnel file
+config/tunnel.pid
+
+# vite build output
+dist/
+
+# extensions build output
+extensions/*/build
+
+# Node library SQLite database
+web/database.sqlite

sample-apps/discounts/.npmrc

@@ -0,0 +1,4 @@
+engine-strict=true
+auto-install-peers=true
+shamefully-hoist=true
+@shopify:registry=https://registry.npmjs.org

sample-apps/discounts/.vscode/extensions.json

@@ -0,0 +1,5 @@
+{
+  "recommendations": [
+    "shopify.polaris-for-vscode"
+  ]
+}

sample-apps/discounts/Dockerfile

@@ -0,0 +1,10 @@
+FROM node:18-alpine
+
+ARG SHOPIFY_API_KEY
+ENV SHOPIFY_API_KEY=$SHOPIFY_API_KEY
+EXPOSE 8081
+WORKDIR /app
+COPY web .
+RUN npm install
+RUN cd frontend && npm install && npm run build
+CMD ["npm", "run", "serve"]

sample-apps/discounts/README.md

@@ -0,0 +1,229 @@
+# Shopify App Template - Node
+
+This is a template for building a [Shopify app](https://shopify.dev/apps/getting-started) using Node and React. It contains the basics for building a Shopify app.
+
+Rather than cloning this repo, you can use your preferred package manager and the Shopify CLI with [these steps](#installing-the-template).
+
+## Benefits
+
+Shopify apps are built on a variety of Shopify tools to create a great merchant experience. The [create an app](https://shopify.dev/apps/getting-started/create) tutorial in our developer documentation will guide you through creating a Shopify app using this template.
+
+The Node app template comes with the following out-of-the-box functionality:
+
+- OAuth: Installing the app and granting permissions
+- GraphQL Admin API: Querying or mutating Shopify admin data
+- REST Admin API: Resource classes to interact with the API
+- Shopify-specific tooling:
+  - AppBridge
+  - Polaris
+  - Webhooks
+
+## Tech Stack
+
+This template combines a number of third party open-source tools:
+
+- [Express](https://expressjs.com/) builds the backend.
+- [Vite](https://vitejs.dev/) builds the [React](https://reactjs.org/) frontend.
+- [React Router](https://reactrouter.com/) is used for routing. We wrap this with file-based routing.
+- [React Query](https://react-query.tanstack.com/) queries the Admin API.
+
+The following Shopify tools complement these third-party tools to ease app development:
+
+- [Shopify API library](https://github.com/Shopify/shopify-node-api) adds OAuth to the Express backend. This lets users install the app and grant scope permissions.
+- [App Bridge React](https://shopify.dev/apps/tools/app-bridge/getting-started/using-react) adds authentication to API requests in the frontend and renders components outside of the App’s iFrame.
+- [Polaris React](https://polaris.shopify.com/) is a powerful design system and component library that helps developers build high quality, consistent experiences for Shopify merchants.
+- [Custom hooks](https://github.com/Shopify/shopify-frontend-template-react/tree/main/hooks) make authenticated requests to the Admin API.
+- [File-based routing](https://github.com/Shopify/shopify-frontend-template-react/blob/main/Routes.jsx) makes creating new pages easier.
+
+## Getting started
+
+### Requirements
+
+1. You must [download and install Node.js](https://nodejs.org/en/download/) if you don't already have it.
+1. You must [create a Shopify partner account](https://partners.shopify.com/signup) if you don’t have one.
+1. You must [create a development store](https://help.shopify.com/en/partners/dashboard/development-stores#create-a-development-store) if you don’t have one.
+
+### Installing the template
+
+This template can be installed using your preferred package manager:
+
+Using yarn:
+
+```shell
+yarn create @shopify/app
+```
+
+Using npm:
+
+```shell
+npm init @shopify/app@latest
+```
+
+Using pnpm:
+
+```shell
+pnpm create @shopify/app@latest
+```
+
+This will clone the template and install the required dependencies.
+
+#### Local Development
+
+[The Shopify CLI](https://shopify.dev/apps/tools/cli) connects to an app in your Partners dashboard. It provides environment variables, runs commands in parallel, and updates application URLs for easier development.
+
+You can develop locally using your preferred package manager. Run one of the following commands from the root of your app.
+
+Using yarn:
+
+```shell
+yarn dev
+```
+
+Using npm:
+
+```shell
+npm run dev
+```
+
+Using pnpm:
+
+```shell
+pnpm run dev
+```
+
+Open the URL generated in your console. Once you grant permission to the app, you can start development.
+
+## Deployment
+
+### Application Storage
+
+This template uses [SQLite](https://www.sqlite.org/index.html) to store session data. The database is a file called `database.sqlite` which is automatically created in the root. This use of SQLite works in production if your app runs as a single instance.
+
+The database that works best for you depends on the data your app needs and how it is queried. You can run your database of choice on a server yourself or host it with a SaaS company. Here’s a short list of databases providers that provide a free tier to get started:
+
+| Database   | Type             | Hosters                                                                                                                                                                                                                               |
+| ---------- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| MySQL      | SQL              | [Digital Ocean](https://www.digitalocean.com/try/managed-databases-mysql), [Planet Scale](https://planetscale.com/), [Amazon Aurora](https://aws.amazon.com/rds/aurora/), [Google Cloud SQL](https://cloud.google.com/sql/docs/mysql) |
+| PostgreSQL | SQL              | [Digital Ocean](https://www.digitalocean.com/try/managed-databases-postgresql), [Amazon Aurora](https://aws.amazon.com/rds/aurora/), [Google Cloud SQL](https://cloud.google.com/sql/docs/postgres)                                   |
+| Redis      | Key-value        | [Digital Ocean](https://www.digitalocean.com/try/managed-databases-redis), [Amazon MemoryDB](https://aws.amazon.com/memorydb/)                                                                                                        |
+| MongoDB    | NoSQL / Document | [Digital Ocean](https://www.digitalocean.com/try/managed-databases-mongodb), [MongoDB Atlas](https://www.mongodb.com/atlas/database)                                                                                                  |
+
+To use one of these, you need to change your session storage configuration. To help, here’s a list of [SessionStorage adapter packages](https://github.com/Shopify/shopify-api-js/tree/main/docs/usage/session-storage.md).
+
+### Build
+
+The frontend is a single page app. It requires the `SHOPIFY_API_KEY`, which you can find on the page for your app in your partners dashboard. Paste your app’s key in the command for the package manager of your choice:
+
+Using yarn:
+
+```shell
+cd web/frontend/ && SHOPIFY_API_KEY=REPLACE_ME yarn build
+```
+
+Using npm:
+
+```shell
+cd web/frontend/ && SHOPIFY_API_KEY=REPLACE_ME npm run build
+```
+
+Using pnpm:
+
+```shell
+cd web/frontend/ && SHOPIFY_API_KEY=REPLACE_ME pnpm run build
+```
+
+You do not need to build the backend.
+
+## Hosting
+
+When you're ready to set up your app in production, you can follow [our deployment documentation](https://shopify.dev/apps/deployment/web) to host your app on a cloud provider like [Heroku](https://www.heroku.com/) or [Fly.io](https://fly.io/).
+
+When you reach the step for [setting up environment variables](https://shopify.dev/apps/deployment/web#set-env-vars), you also need to set the variable `NODE_ENV=production`.
+
+## Known issues
+
+### Hot module replacement and Firefox
+
+When running the app with the CLI in development mode on Firefox, you might see your app constantly reloading when you access it.
+That happened in previous versions of the CLI, because of the way HMR websocket requests work.
+
+We fixed this issue with v3.4.0 of the CLI, so after updating it, you can make the following changes to your app's `web/frontend/vite.config.js` file:
+
+1. Change the definition `hmrConfig` object to be:
+
+   ```js
+   const host = process.env.HOST
+     ? process.env.HOST.replace(/https?:\/\//, "")
+     : "localhost";
+
+   let hmrConfig;
+   if (host === "localhost") {
+     hmrConfig = {
+       protocol: "ws",
+       host: "localhost",
+       port: 64999,
+       clientPort: 64999,
+     };
+   } else {
+     hmrConfig = {
+       protocol: "wss",
+       host: host,
+       port: process.env.FRONTEND_PORT,
+       clientPort: 443,
+     };
+   }
+   ```
+
+1. Change the `server.host` setting in the configs to `"localhost"`:
+
+   ```js
+   server: {
+     host: "localhost",
+     ...
+   ```
+
+### I can't get past the ngrok "Visit site" page
+
+When you’re previewing your app or extension, you might see an ngrok interstitial page with a warning:
+
+```text
+You are about to visit <id>.ngrok.io: Visit Site
+```
+
+If you click the `Visit Site` button, but continue to see this page, then you should run dev using an alternate tunnel URL that you run using tunneling software.
+We've validated that [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/run-tunnel/trycloudflare/) works with this template.
+
+To do that, you can [install the `cloudflared` CLI tool](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation/), and run:
+
+```shell
+# Note that you can also use a different port
+cloudflared tunnel --url http://localhost:3000
+```
+
+Out of the logs produced by cloudflare you will notice a https URL where the domain ends with `trycloudflare.com`. This is your tunnel URL. You need to copy this URL as you will need it in the next step.
+
+```shell
+2022-11-11T19:57:55Z INF Requesting new quick Tunnel on trycloudflare.com...
+2022-11-11T19:57:58Z INF +--------------------------------------------------------------------------------------------+
+2022-11-11T19:57:58Z INF |  Your quick Tunnel has been created! Visit it at (it may take some time to be reachable):  |
+2022-11-11T19:57:58Z INF |  https://randomly-generated-hostname.trycloudflare.com                                     |
+2022-11-11T19:57:58Z INF +--------------------------------------------------------------------------------------------+
+```
+
+Below you would replace `randomly-generated-hostname` with what you have copied from the terminal. In a different terminal window, navigate to your app's root and with the URL from above you would call:
+
+```shell
+# Using yarn
+yarn dev --tunnel-url https://randomly-generated-hostname.trycloudflare.com:3000
+# or using npm
+npm run dev --tunnel-url https://randomly-generated-hostname.trycloudflare.com:3000
+# or using pnpm
+pnpm dev --tunnel-url https://randomly-generated-hostname.trycloudflare.com:3000
+```
+
+## Developer resources
+
+- [Introduction to Shopify apps](https://shopify.dev/apps/getting-started)
+- [App authentication](https://shopify.dev/apps/auth)
+- [Shopify CLI](https://shopify.dev/apps/tools/cli)
+- [Shopify API Library documentation](https://github.com/Shopify/shopify-api-js#readme)

sample-apps/discounts/SECURITY.md

@@ -0,0 +1,59 @@
+# Security Policy
+
+## Supported versions
+
+### New features
+
+New features will only be added to the master branch and will not be made available in point releases.
+
+### Bug fixes
+
+Only the latest release series will receive bug fixes. When enough bugs are fixed and its deemed worthy to release a new gem, this is the branch it happens from.
+
+### Security issues
+
+Only the latest release series will receive patches and new versions in case of a security issue.
+
+### Severe security issues
+
+For severe security issues we will provide new versions as above, and also the last major release series will receive patches and new versions. The classification of the security issue is judged by the core team.
+
+### Unsupported Release Series
+
+When a release series is no longer supported, it's your own responsibility to deal with bugs and security issues. If you are not comfortable maintaining your own versions, you should upgrade to a supported version.
+
+## Reporting a bug
+
+All security bugs in shopify repositories should be reported to [our hackerone program](https://hackerone.com/shopify)
+Shopify's whitehat program is our way to reward security researchers for finding serious security vulnerabilities in the In Scope properties listed at the bottom of this page, including our core application (all functionality associated with a Shopify store, particularly your-store.myshopify.com/admin) and certain ancillary applications.
+
+## Disclosure Policy
+
+We look forward to working with all security researchers and strive to be respectful, always assume the best and treat others as peers. We expect the same in return from all participants. To achieve this, our team strives to:
+
+- Reply to all reports within one business day and triage within two business days (if applicable)
+- Be as transparent as possible, answering all inquires about our report decisions and adding hackers to duplicate HackerOne reports
+- Award bounties within a week of resolution (excluding extenuating circumstances)
+- Only close reports as N/A when the issue reported is included in Known Issues, Ineligible Vulnerabilities Types or lacks evidence of a vulnerability
+
+**The following rules must be followed in order for any rewards to be paid:**
+
+- You may only test against shops you have created which include your HackerOne YOURHANDLE @ wearehackerone.com registered email address.
+- You must not attempt to gain access to, or interact with, any shops other than those created by you.
+- The use of commercial scanners is prohibited (e.g., Nessus).
+- Rules for reporting must be followed.
+- Do not disclose any issues publicly before they have been resolved.
+- Shopify reserves the right to modify the rules for this program or deem any submissions invalid at any time. Shopify may cancel the whitehat program without notice at any time.
+- Contacting Shopify Support over chat, email or phone about your HackerOne report is not allowed. We may disqualify you from receiving a reward, or from participating in the program altogether.
+- You are not an employee of Shopify; employees should report bugs to the internal bug bounty program.
+- You hereby represent, warrant and covenant that any content you submit to Shopify is an original work of authorship and that you are legally entitled to grant the rights and privileges conveyed by these terms. You further represent, warrant and covenant that the consent of no other person or entity is or will be necessary for Shopify to use the submitted content.
+- By submitting content to Shopify, you irrevocably waive all moral rights which you may have in the content.
+- All content submitted by you to Shopify under this program is licensed under the MIT License.
+- You must report any discovered vulnerability to Shopify as soon as you have validated the vulnerability.
+- Failure to follow any of the foregoing rules will disqualify you from participating in this program.
+
+\*\* Please see our [Hackerone Profile](https://hackerone.com/shopify) for full details
+
+## Receiving Security Updates
+
+To receive all general updates to vulnerabilities, please subscribe to our hackerone [Hacktivity](https://hackerone.com/shopify/hacktivity)

sample-apps/discounts/extensions/product-discount/.gitignore

@@ -0,0 +1,3 @@
+/target
+Cargo.lock
+.output.graphql

sample-apps/discounts/extensions/product-discount/Cargo.toml

@@ -0,0 +1,15 @@
+[package]
+name = "product-discount"
+version = "1.0.0"
+edition = "2021"
+
+[dependencies]
+serde = { version = "1.0.13", features = ["derive"] }
+serde_json = "1.0"
+shopify_function = { version = "0.2.4" }
+graphql_client = { version = "0.12.0" }
+
+[profile.release]
+lto = true
+opt-level = 'z'
+strip = true

sample-apps/discounts/extensions/product-discount/README.md

@@ -0,0 +1,18 @@
+# Shopify Function development with Rust
+
+## Dependencies
+
+- [Install Rust](https://www.rust-lang.org/tools/install)
+  - On Windows, Rust requires the [Microsoft C++ Build Tools](https://docs.microsoft.com/en-us/windows/dev-environment/rust/setup). Be sure to select the _Desktop development with C++_ workload when installing them.
+- Install [`cargo-wasi`](https://bytecodealliance.github.io/cargo-wasi/)
+  - `cargo install cargo-wasi`
+
+## Building the function
+
+You can build this individual function using `cargo wasi`.
+
+```shell
+cargo wasi build --release
+```
+
+The Shopify CLI `build` command will also execute this, based on the configuration in `shopify.function.extension.toml`.