-
Notifications
You must be signed in to change notification settings - Fork 0
Getting Started with Development
Eric Fitzgerald edited this page Nov 12, 2025
·
1 revision
This guide helps you set up your local development environment for both the TMI server (Go) and TMI web application (Angular/TypeScript).
TMI consists of two main components:
- TMI Server - Go-based RESTful API server with WebSocket support
- TMI-UX - Angular-based web application for threat modeling
- Go 1.24+ - Download
- Docker Desktop - For PostgreSQL and Redis containers
- Make - Build automation (pre-installed on macOS/Linux)
- Node.js - Latest LTS version (20.19.2 recommended) - Download
- pnpm - Fast, disk space efficient package manager - Install
-
Newman - For API testing -
npm install -g newman - Docker Scout - Container vulnerability scanning
- golangci-lint - Go code linting
# Clone the repository
git clone https://github.com/ericfitz/tmi.git
cd tmi
# Start development environment (database + Redis + server)
make start-dev
# Server will be running on http://localhost:8080The make start-dev command automatically:
- Starts PostgreSQL container on port 5432
- Starts Redis container on port 6379
- Waits for database to be ready
- Runs database migrations
- Starts the TMI server on port 8080
Terminal 1 - Start Server:
cd tmi
make start-devTerminal 2 - Start Web Application:
cd tmi-ux
pnpm install
pnpm run devThe web application will be available at http://localhost:4200
TMI uses YAML configuration files. The development config is auto-generated:
# Generated automatically on first run
config-development.ymlConfiguration includes:
- Database connection (PostgreSQL)
- Redis connection (caching/sessions)
- OAuth provider credentials
- Server settings (ports, timeouts, TLS)
Development uses Docker containers for PostgreSQL:
# Start PostgreSQL only
make start-database
# Wait for database to be ready
make wait-database
# Run migrations
make migrate-database
# Check migration status
make check-databaseConnection details:
- Host:
localhost:5432 - User:
tmi_dev - Password:
dev123 - Database:
tmi_dev
For authentication, configure OAuth providers in config-development.yml:
- Go to Google Cloud Console
- Create OAuth 2.0 credentials
- Add redirect URI:
http://localhost:8080/oauth2/callback - Update
config-development.yml:
oauth:
providers:
- name: google
client_id: YOUR_CLIENT_ID.apps.googleusercontent.com
client_secret: YOUR_CLIENT_SECRET
authorize_url: https://accounts.google.com/o/oauth2/v2/auth
token_url: https://oauth2.googleapis.com/token
userinfo_url: https://www.googleapis.com/oauth2/v2/userinfoFor development, you can use the built-in test provider (no configuration needed):
# Access test OAuth
curl "http://localhost:8080/oauth2/authorize?idp=test"The test provider creates random users: [email protected]
For predictable test users, use login hints:
# Create specific test user '[email protected]'
curl "http://localhost:8080/oauth2/authorize?idp=test&login_hint=alice"# Development
make start-dev # Start complete dev environment
make start-dev-0 # Start on 0.0.0.0 (accessible from network)
make clean-dev # Clean up everything
# Building
make build-server # Build server binary
make build-migrate # Build migration tool
make clean-build # Clean build artifacts
# Database
make start-database # Start PostgreSQL container
make stop-database # Stop PostgreSQL container
make clean-database # Remove container and data
make reset-database # Drop and recreate database (DESTRUCTIVE)
make migrate-database # Run migrations
# Testing
make test-unit # Run Go unit tests
make test-integration # Run integration tests with full setup
make test-api # Run Postman/Newman API tests
make test-coverage # Generate coverage reports
# Services
make start-redis # Start Redis container
make stop-redis # Stop Redis container
make status # Check status of all services
# Server control
make start-server # Start server
make stop-server # Stop server# Check server status
curl http://localhost:8080/
# Expected response
{
"api": {
"version": "1.0",
"build": "0.9.0"
},
"service": {
"name": "TMI API Server",
"build": "0.9.0-abc123"
}
}cd tmi-ux
pnpm installTMI-UX supports multiple environment configurations:
# Default development (uses environment.ts)
pnpm run dev
# Staging environment
pnpm run dev:staging
# Test environment
pnpm run dev:test
# Local environment (custom)
pnpm run dev:local- Copy example:
cp src/environments/environment.example.ts src/environments/environment.local.ts - Configure
environment.local.ts:
export const environment = {
production: false,
logLevel: 'DEBUG',
apiUrl: 'http://localhost:8080',
authTokenExpiryMinutes: 1440, // 24 hours for dev
operatorName: 'TMI Development',
operatorContact: '[email protected]'
};- Update
angular.jsonto add configuration:
"configurations": {
"local": {
"fileReplacements": [
{
"replace": "src/environments/environment.ts",
"with": "src/environments/environment.local.ts"
}
]
}
}# Development
pnpm run dev # Start dev server on localhost:4200
pnpm run dev:0 # Start on 0.0.0.0 (accessible from network)
pnpm run dev:staging # Start with staging config
pnpm run dev:test # Start with test config
# Building
pnpm run build # Development build
pnpm run build:prod # Production build
pnpm run build:staging # Staging build
# Testing
pnpm run test # Run Vitest unit tests
pnpm run test:watch # Run tests in watch mode
pnpm run test:coverage # Generate coverage report
pnpm run test:e2e # Run Cypress E2E tests
pnpm run test:e2e:open # Open Cypress GUI
# Code Quality
pnpm run lint # Lint TypeScript/HTML files
pnpm run lint:scss # Lint SCSS files
pnpm run lint:all # Lint everything
pnpm run format # Format code with Prettier
pnpm run format:check # Check formatting
# Validation
pnpm run validate-json # Validate JSON files
pnpm run validate-json:i18n # Validate i18n files
pnpm run validate-jsonc # Validate JSONC files# Start dev server
pnpm run dev
# Open browser to http://localhost:4200
# You should see the TMI login page# Terminal 1: Start services
cd tmi
make start-dev
# Terminal 2: Run tests on code changes
make test-unit
# Terminal 3: Watch logs
tail -f logs/server.log# Terminal 1: Start server
cd tmi
make start-dev
# Terminal 2: Start web app
cd tmi-ux
pnpm run dev
# Hot reload is enabled - changes reflect immediately# Terminal 1: Start server
cd tmi
make start-dev
# Terminal 2: Start web app
cd tmi-ux
pnpm run dev
# Terminal 3: Run E2E tests
cd tmi-ux
pnpm run test:e2etmi/
├── api/ # API handlers and types
├── auth/ # Authentication services
├── cmd/
│ ├── server/ # Server entry point
│ └── migrate/ # Database migration tool
├── internal/ # Internal packages
├── docs/
│ ├── developer/ # Developer documentation
│ ├── operator/ # Operations documentation
│ └── reference/ # API specs, architecture
├── postman/ # API test collections
├── scripts/ # Build and utility scripts
├── config-development.yml # Dev configuration
└── Makefile # Build automation
tmi-ux/
├── src/
│ ├── app/
│ │ ├── core/ # Core services, guards
│ │ ├── pages/ # Page components
│ │ ├── shared/ # Shared components
│ │ └── models/ # TypeScript models
│ ├── assets/ # Static assets, i18n
│ └── environments/ # Environment configs
├── cypress/ # E2E tests
├── docs/
│ ├── developer/ # Developer docs
│ └── reference/ # Architecture docs
├── scripts/ # Build scripts
└── package.json # Dependencies and scripts
- Define endpoint in OpenAPI spec:
docs/reference/apis/tmi-openapi.json - Generate API code:
make generate-api - Implement handler in
api/ - Add database operations if needed
- Write unit tests
- Write integration tests in
api/*_integration_test.go - Add Postman tests in
postman/
- Generate component:
pnpm exec ng generate component pages/my-feature - Add to routing:
src/app/app.routes.ts - Create service if needed:
pnpm exec ng generate service core/services/my-service - Add i18n keys:
src/assets/i18n/en-US.json - Write unit tests:
*.spec.ts - Write E2E tests:
cypress/e2e/*.cy.ts
# Check if port 8080 is in use
lsof -ti :8080
# Kill process on port
make clean-dev
# Check database connection
make start-database
make wait-database
docker exec tmi-postgresql pg_isready -U tmi_dev# Check migration status
make check-database
# Reset database (DESTRUCTIVE - deletes all data)
make reset-database
# Manual migration
cd cmd/migrate
go run main.go --env ../../.env.dev up- Check server is running:
curl http://localhost:8080/ - Verify
apiUrlin environment file - Check browser console for CORS errors
- Ensure you're authenticated (valid JWT token)
- Check OAuth config in
config-development.yml - Verify redirect URI matches OAuth provider
- Use test provider for development:
?idp=test - Check server logs:
tail -f logs/server.log
- Architecture and Design - Understand system architecture
- API Integration - Learn to integrate with TMI APIs
- Testing - Testing strategies and tools
- Contributing - Contribution guidelines
-
Documentation: See
/docsin both repositories - Issues: https://github.com/ericfitz/tmi/issues
- API Reference: http://localhost:8080/ (when server is running)
-
OpenAPI Spec:
docs/reference/apis/tmi-openapi.json
- Using TMI for Threat Modeling
- Accessing TMI
- Creating Your First Threat Model
- Understanding the User Interface
- Working with Data Flow Diagrams
- Managing Threats
- Collaborative Threat Modeling
- Using Notes and Documentation
- Metadata and Extensions
- Planning Your Deployment
- Deploying TMI Server
- Deploying TMI Web Application
- Setting Up Authentication
- Database Setup
- Component Integration
- Post-Deployment
- Monitoring and Health
- Database Operations
- Security Operations
- Performance and Scaling
- Maintenance Tasks