docs(kcd): document how Stripe works for KCD prods

with epic-web as the intermediary for stripe webhook handling across the
other products, we need to update the docs for how that is set up
locally

apps/epic-react/README.md

@@ -48,7 +48,11 @@ Copy the template `.env.local.template` file to `.env.local` and `.env.template`
 - `CONVERTKIT_API_SECRET`: not required for local development unless actively working on ConvertKit integration. Can be found in 1password.
 - `POSTMARK_KEY`: not required to run in dev, but enables email sending from local environment. Can be found in 1password.
 - `STRIPE_SECRET_TOKEN`: Not required unless you need to make an end to end purchase. Can be found in 1password.
-- `STRIPE_WEBHOOK_SECRET`: Not required unless you need to make a purchase. This value can be acquired by running `pnpm dev:stripe` and observing it there. The value is stable for your local `stripe` cli installation.
+- `SKILL_SECRET`: Required for interaction with any access-protected API
+  skill-api endpoint, such as `webhook/stripe-internal` used for any Stripe
+  interaction like making purchases. Add to `.env.local` using whatever secret
+  value (recommended: generate a value with this command `echo "sks_$(uuidgen |
+  tr '[:upper:]' '[:lower:]')"`).
 
 👋 `.env` is **required by Prisma** and **only** contains `DATABASE_URL`. The full contents
 of this file by default are are:
@@ -167,27 +171,20 @@ A Postmark API key is required to send email from your local environment. It is
 
 ### Stripe CLI
 
-#### Installation
+This app works in coordination with `epic-web`'s stripe webhook handling API.
+In order to go through a full purchase flow, process refunds, etc., the
+`epic-web` app will also need to be running (`cd ../epic-web; pnpm dev`). The
+`epic-web` `pnpm dev` command will run both the Next.js dev server (running its
+API) and a local Stripe webhook listener. Any Epic React Stripe events will hit
+the `epic-web` webhook endpoint and will be forwarded to `epic-react`'s
+`api/skill/webhook/stripe-internal` endpoint.
 
-You'll need to install the [Stripe CLI](https://stripe.com/docs/stripe-cli) to capture web hooks locally and make test purchases.
+Prerequisites:
 
-#### Login
-
-If you've just installed the Stripe CLI (or just been granted access to this Stripe account), you'll need to login via the commandline. Run `stripe login` and follow the prompts to connect your `stripe` CLI to the epic-react Stripe account. To confirm your connection, you should see a _Restricted Keys_ entry for your machine in the _Developers_ > _API Keys_ section of the Stripe Dashboard.
-
-#### Listening to Webhook Events
-
-Listen to webhook:
-
-```shell
-pnpm dev:stripe
-```
-
-The `dev:stripe` node script is a shorthand for `stripe listen --forward-to localhost:3024/api/skill/webhook/stripe`.
-
-`pnpm dev:stripe` starts listening for Stripe Webhook events. When it first starts, it will output a _webhook signing secret_ (`whsec_....`). You'll need to copy and paste this value into `.env.local` as the `STRIPE_WEBHOOK_SECRET`. It is required to make test purchases
-
-👋 If you aren't listening to webhooks you can still make a purchase but your local environment will not be notified!
+- Have `epic-web` fully setup and running locally
+- Set the `SKILL_SECRET` value for this app in `.env.local`
+- Use that same `SKILL_SECRET` value in `epic-web`'s `.env.development.local`
+  with the key `ER_SKILL_SECRET`
 
 ### Connect to the Planetscale database
 

apps/epic-web/.env.development

@@ -48,3 +48,4 @@ SENTRY_IGNORE_API_RESOLUTION_ERROR=1
 NEXT_PUBLIC_DEFAULT_PRODUCT_ID=kcd_product_dbf94bf0-66b0-11ee-8c99-0242ac120002
 
 TESTING_JAVASCRIPT_INTERNAL_STRIPE_URL='http://localhost:3018/api/skill/webhook/stripe-internal'
+EPIC_REACT_INTERNAL_STRIPE_URL='http://localhost:3024/api/skill/webhook/stripe-internal'

apps/epic-web/.env.production

@@ -50,3 +50,4 @@ NEXT_PUBLIC_AXIOM_DATASET=epic-web
 NEXT_PUBLIC_AXIOM_TOKEN=xaat-db4f77ec-21b0-42e8-b6c5-fd91ce7ce479
 
 TESTING_JAVASCRIPT_INTERNAL_STRIPE_URL='https://testingjavascript.com/api/skill/webhook/stripe-internal'
+EPIC_REACT_INTERNAL_STRIPE_URL='https://epicreact.dev/api/skill/webhook/stripe-internal'

apps/epic-web/README.md

@@ -7,6 +7,7 @@ It was generated using `create-skill-app` and is meant as a starting point for a
 Both `.env.development` and `.env.production` files are used to store environment variables. They have some basic default values that need to be updated for the product and client. This would be a lot better if they were generated with the answers to questions when you run `create-skill-app`, but that isn't the case today.  Feel free to add it!
 
 - [ ] Update `.env.development` and `.env.production` with real values
+- [ ] Copy `.env.development.local.example` to `env.development.local` and populate any needed real values
 
 ## Database
 

apps/testing-javascript/README.md

@@ -45,9 +45,12 @@ to `.env`
   local environment. Can be found in 1password.
 * `STRIPE_SECRET_TOKEN`: Not required unless you need to make an end to end
   purchase. Can be found in 1password.
-* `STRIPE_WEBHOOK_SECRET`: Not required unless you need to make a purchase. This
-  value can be acquired by running `pnpm dev:stripe` and observing it there. The
-  value is stable for your local `stripe` cli installation.
+* `SKILL_SECRET`: Required for interaction with any access-protected API
+  skill-api endpoint, such as `webhook/stripe-internal` used for any Stripe
+  interaction like making purchases. Add to `.env.local` using whatever secret
+  value (recommended: generate a value with this command `echo "sks_$(uuidgen |
+  tr '[:upper:]' '[:lower:]')"`). See _Stripe_ section for the rest of the
+  setup instructions.
 
 👋 `.env` is **required by Prisma** and **only** contains `DATABASE_URL`. The
 full contents
@@ -190,38 +193,20 @@ located in 1password or via Postmark and can be added to `.env.local`.
 
 ### Stripe CLI
 
-#### Installation
+This app works in coordination with `epic-web`'s stripe webhook handling API.
+In order to go through a full purchase flow, process refunds, etc., the
+`epic-web` app will also need to be running (`cd ../epic-web; pnpm dev`). The
+`epic-web` `pnpm dev` command will run both the Next.js dev server (running its
+API) and a local Stripe webhook listener. Any Testing JavaScript Stripe events
+will hit the `epic-web` webhook endpoint and will be forwarded to
+`testing-javascript`'s `api/skill/webhook/stripe-internal` endpoint.
 
-You'll need to install the [Stripe CLI](https://stripe.com/docs/stripe-cli) to
-capture web hooks locally and make test purchases.
+Prerequisites:
 
-#### Login
-
-If you've just installed the Stripe CLI (or just been granted access to this
-Stripe account), you'll need to login via the commandline. Run `stripe login`
-and follow the prompts to connect your `stripe` CLI to the Testing JavaScript
-Stripe account. To confirm your connection, you should see a _Restricted Keys_
-entry for your machine in the _Developers_ > _API Keys_ section of the Stripe
-Dashboard.
-
-#### Listening to Webhook Events
-
-Listen to webhook:
-
-```shell
-pnpm dev:stripe
-```
-
-The `dev:stripe` node script is a shorthand
-for `stripe listen --forward-to localhost:3018/api/skill/webhook/stripe`.
-
-`pnpm dev:stripe` starts listening for Stripe Webhook events. When it first
-starts, it will output a _webhook signing secret_ (`whsec_....`). You'll need to
-copy and paste this value into `.env.local` as the `STRIPE_WEBHOOK_SECRET`. It
-is required to make test purchases
-
-👋 If you aren't listening to webhooks you can still make a purchase but your
-local environment will not be notified!
+- Have `epic-web` fully setup and running locally
+- Set the `SKILL_SECRET` value for this app in `.env.local`
+- Use that same `SKILL_SECRET` value in `epic-web`'s `.env.development.local`
+  with the key `TJS_SKILL_SECRET`
 
 ### Connect to the Planetscale database