@camstack/server 0.1.3

package/src/__tests__/capability-e2e.test.ts

@@ -0,0 +1,386 @@
+/* eslint-disable @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-argument, @typescript-eslint/no-unsafe-return, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access -- test file, mock typing */
+// server/backend/src/__tests__/capability-e2e.test.ts
+//
+// Server-level E2E tests: exercises the CapabilityRegistry through patterns
+// matching the real AddonRegistryService boot flow, using mock addons.
+//
+import { describe, it, expect, vi, beforeEach } from 'vitest'
+import { CapabilityRegistry, INFRA_CAPABILITIES } from '@camstack/kernel'
+import type { IScopedLogger, CapabilityDeclaration } from '@camstack/types'
+import { MockAnalysisAddonA } from './fixtures/mock-analysis-addon-a'
+import { MockAnalysisAddonB } from './fixtures/mock-analysis-addon-b'
+import { MockLogAddon } from './fixtures/mock-log-addon'
+import { MockStorageAddon } from './fixtures/mock-storage-addon'
+import type { ICamstackAddon } from '@camstack/types'
+
+// --- Helpers ----------------------------------------------------------------
+
+function createMockLogger(): IScopedLogger {
+  return {
+    error: vi.fn(),
+    warn: vi.fn(),
+    info: vi.fn(),
+    debug: vi.fn(),
+    child: vi.fn().mockReturnThis(),
+  }
+}
+
+interface AddonEntry {
+  readonly addon: ICamstackAddon
+  initialized: boolean
+}
+
+/**
+ * Lightweight harness that mirrors AddonRegistryService boot sequence
+ * without requiring NestJS DI.
+ */
+class TestAddonHarness {
+  readonly registry: CapabilityRegistry
+  private readonly addonEntries = new Map<string, AddonEntry>()
+
+  constructor(configPrefs: Record<string, string> = {}) {
+    this.registry = new CapabilityRegistry(createMockLogger())
+    this.registry.setConfigReader((cap) => configPrefs[cap])
+    this.registry.ready()
+  }
+
+  /** Register an addon (mimics AddonRegistryService.registerAddon) */
+  registerAddon(addon: ICamstackAddon): void {
+     
+    this.addonEntries.set(addon.manifest.id, { addon, initialized: false })
+  }
+
+  /** Declare capabilities from an addon manifest.
+   *  Post-session-5-A5: `declareFromManifest` no longer synthesizes a
+   *  minimal CapabilityState — it only attaches metadata (dependsOn,
+   *  autoActivate). We must first call `declareCapability` with a full
+   *  definition for each cap so the state exists in the registry. */
+  declareCapabilities(addon: ICamstackAddon): void {
+    const caps = this.getAddonCapabilities(addon)
+    for (const cap of caps) {
+      // Create a full definition so the registry has a CapabilityState.
+      // Mode is inferred from the cap name for test convenience.
+      const mode = cap.name === 'log-destination' ? 'collection' as const : 'singleton' as const
+      this.registry.declareCapability({ name: cap.name, scope: 'system', mode, methods: {} })
+      this.registry.declareFromManifest(cap)
+    }
+  }
+
+  /** Initialize an addon and wire its capabilities */
+  async initializeAddon(id: string): Promise<void> {
+    const entry = this.addonEntries.get(id)
+    if (!entry) throw new Error(`Addon "${id}" not registered`)
+    if (entry.initialized) return
+
+    // Simulate minimal context with registerProvider that wires into the registry
+    const self = this
+
+    const context = {
+      registerProvider(capName: string, provider: unknown) {
+        self.registry.registerProvider(capName, id, provider)
+      },
+    } as any
+    const result = await entry.addon.initialize(context)
+    // Mirror the real addon-registry.service behaviour: process the return
+    // value which may be ProviderRegistration[] or AddonInitResult.
+    if (result) {
+      const regs = Array.isArray(result) ? result : (result as any).providers ?? []
+      for (const reg of regs) {
+        const capName: string = typeof reg.capability === 'string'
+          ? reg.capability
+          : (reg.capability as any)?.name ?? String(reg.capability)
+        self.registry.registerProvider(capName, id, reg.provider)
+      }
+    }
+    entry.initialized = true
+  }
+
+  /** Shutdown an addon and unregister its capabilities */
+  async shutdownAddon(id: string): Promise<void> {
+    const entry = this.addonEntries.get(id)
+    if (!entry) throw new Error(`Addon "${id}" not registered`)
+
+    const caps = this.getAddonCapabilities(entry.addon)
+    for (const cap of caps) {
+      this.registry.unregisterProvider(cap.name, id)
+    }
+
+     
+    await entry.addon.shutdown()
+    entry.initialized = false
+  }
+
+  /** Full boot sequence mimicking AddonRegistryService.onModuleInit */
+  async boot(enabledIds: string[]): Promise<void> {
+    // 1. Declare capabilities from all registered addons
+    for (const [, entry] of this.addonEntries) {
+      this.declareCapabilities(entry.addon)
+    }
+
+    // 2. Phase 1: infra addons
+    for (const infra of INFRA_CAPABILITIES) {
+      const addonId = this.findAddonForCapability(infra.name, enabledIds)
+      if (addonId) {
+        await this.initializeAddon(addonId)
+      } else if (infra.required) {
+        throw new Error(`No addon provides required infrastructure capability "${infra.name}"`)
+      }
+    }
+
+    // 3. Phase 2: remaining addons (dependency-ordered)
+    const bootOrder = this.registry.getBootOrder()
+    const infraNames = new Set(INFRA_CAPABILITIES.map((c) => c.name))
+
+    for (const capName of bootOrder) {
+      if (infraNames.has(capName)) continue
+      for (const id of enabledIds) {
+        const entry = this.addonEntries.get(id)
+        if (!entry || entry.initialized) continue
+        const provides = this.getAddonCapabilities(entry.addon)
+        if (provides.some((c) => c.name === capName)) {
+          await this.initializeAddon(id)
+        }
+      }
+    }
+
+    // 4. Enable remaining addons
+    for (const id of enabledIds) {
+      const entry = this.addonEntries.get(id)
+      if (entry && !entry.initialized) {
+        await this.initializeAddon(id)
+      }
+    }
+  }
+
+  private getAddonCapabilities(addon: ICamstackAddon): CapabilityDeclaration[] {
+     
+    const manifest = addon.manifest as any
+     
+    if (!manifest.capabilities) return []
+     
+    return manifest.capabilities.map((cap: string | CapabilityDeclaration) => {
+      if (typeof cap === 'string') {
+        const decl: CapabilityDeclaration = { name: cap }
+        return decl
+      }
+      return cap
+    })
+  }
+
+  private findAddonForCapability(capName: string, enabledIds: string[]): string | null {
+    for (const id of enabledIds) {
+      const entry = this.addonEntries.get(id)
+      if (!entry) continue
+      const caps = this.getAddonCapabilities(entry.addon)
+      if (caps.some((c) => c.name === capName)) return id
+    }
+    return null
+  }
+}
+
+// ---------------------------------------------------------------------------
+// 1. Full boot lifecycle
+// ---------------------------------------------------------------------------
+describe('Server E2E: Full boot lifecycle', () => {
+  it('boots infra addons first, then non-infra, all capabilities listed', async () => {
+    const harness = new TestAddonHarness()
+
+    const storageAddon = new MockStorageAddon()
+    const logAddon = new MockLogAddon()
+    const analysisAddonA = new MockAnalysisAddonA()
+
+    harness.registerAddon(storageAddon)
+    harness.registerAddon(logAddon)
+    harness.registerAddon(analysisAddonA)
+
+    await harness.boot(['mock-storage', 'mock-log-addon', 'mock-analysis-a'])
+
+    // Verify infra addons enabled
+    expect(storageAddon.isInitialized()).toBe(true)
+    expect(logAddon.isInitialized()).toBe(true)
+    expect(analysisAddonA.isInitialized()).toBe(true)
+
+    // Verify providers accessible via registry
+    expect(harness.registry.getSingleton('storage')).toBe(storageAddon.provider)
+    expect(harness.registry.getCollection('log-destination')).toContain(logAddon.provider)
+    expect(harness.registry.getSingleton('object-detector')).toBe(analysisAddonA.provider)
+
+    // Verify listCapabilities
+    const list = harness.registry.listCapabilities()
+    expect(list.length).toBeGreaterThanOrEqual(3)
+    expect(list.find((c) => c.name === 'storage')?.activeProvider).toBe('mock-storage')
+    expect(list.find((c) => c.name === 'log-destination')?.providers).toContain('mock-log-addon')
+    expect(list.find((c) => c.name === 'object-detector')?.activeProvider).toBe('mock-analysis-a')
+  })
+
+  it('throws when required infra capability is missing', async () => {
+    const harness = new TestAddonHarness()
+
+    const logAddon = new MockLogAddon()
+    harness.registerAddon(logAddon)
+
+    await expect(harness.boot(['mock-log-addon'])).rejects.toThrow(/required.*storage/i)
+  })
+})
+
+// ---------------------------------------------------------------------------
+// 2. Singleton swap via harness
+// ---------------------------------------------------------------------------
+describe('Server E2E: Singleton swap', () => {
+  it('swaps analysis provider via setActiveSingleton', async () => {
+    const harness = new TestAddonHarness()
+
+    const storageAddon = new MockStorageAddon()
+    const analysisA = new MockAnalysisAddonA()
+    const analysisB = new MockAnalysisAddonB()
+
+    harness.registerAddon(storageAddon)
+    harness.registerAddon(analysisA)
+    harness.registerAddon(analysisB)
+
+    await harness.boot(['mock-storage', 'mock-analysis-a', 'mock-analysis-b'])
+
+    // A is default (first registered)
+    expect(harness.registry.getSingleton('object-detector')).toBe(analysisA.provider)
+
+    // Swap to B
+    await harness.registry.setActiveSingleton('object-detector', 'mock-analysis-b', true)
+    expect(harness.registry.getSingleton('object-detector')).toBe(analysisB.provider)
+  })
+})
+
+// ---------------------------------------------------------------------------
+// 3. Collection addon add/remove
+// ---------------------------------------------------------------------------
+describe('Server E2E: Collection addon add/remove', () => {
+  it('adds and removes log destinations dynamically', async () => {
+    const harness = new TestAddonHarness()
+
+    const storageAddon = new MockStorageAddon()
+    const logAddon = new MockLogAddon()
+
+    harness.registerAddon(storageAddon)
+    harness.registerAddon(logAddon)
+
+    await harness.boot(['mock-storage', 'mock-log-addon'])
+
+    expect(harness.registry.getCollection('log-destination')).toHaveLength(1)
+
+    // Dynamically add a second log destination
+    const logAddon2 = new MockLogAddon()
+     
+    ;(logAddon2 as any).manifest = {
+      ...logAddon2.manifest,
+      id: 'mock-log-addon-2',
+      name: 'Mock Log Destination 2',
+    }
+    harness.registerAddon(logAddon2)
+    harness.declareCapabilities(logAddon2)
+    await harness.initializeAddon('mock-log-addon-2')
+
+    expect(harness.registry.getCollection('log-destination')).toHaveLength(2)
+
+    // Disable the second
+    await harness.shutdownAddon('mock-log-addon-2')
+    expect(harness.registry.getCollection('log-destination')).toHaveLength(1)
+  })
+})
+
+// ---------------------------------------------------------------------------
+// 4. Addon disable/re-enable
+// ---------------------------------------------------------------------------
+describe('Server E2E: Addon disable/re-enable', () => {
+  it('disabling an addon removes its provider, re-enabling restores it', async () => {
+    const harness = new TestAddonHarness()
+
+    const storageAddon = new MockStorageAddon()
+    const analysisA = new MockAnalysisAddonA()
+
+    harness.registerAddon(storageAddon)
+    harness.registerAddon(analysisA)
+
+    await harness.boot(['mock-storage', 'mock-analysis-a'])
+
+    expect(harness.registry.getSingleton('object-detector')).toBe(analysisA.provider)
+
+    // Disable analysis addon
+    await harness.shutdownAddon('mock-analysis-a')
+    expect(harness.registry.getSingleton('object-detector')).toBeNull()
+
+    // Re-enable
+    await harness.initializeAddon('mock-analysis-a')
+    expect(harness.registry.getSingleton('object-detector')).toBe(analysisA.provider)
+  })
+})
+
+// ---------------------------------------------------------------------------
+// 5. tRPC capabilities endpoints (logic-level, no HTTP)
+// ---------------------------------------------------------------------------
+describe('Server E2E: tRPC capabilities endpoints (logic-level)', () => {
+  let harness: TestAddonHarness
+
+  beforeEach(async () => {
+    harness = new TestAddonHarness()
+
+    const storageAddon = new MockStorageAddon()
+    const analysisA = new MockAnalysisAddonA()
+    const analysisB = new MockAnalysisAddonB()
+    const logAddon = new MockLogAddon()
+
+    harness.registerAddon(storageAddon)
+    harness.registerAddon(analysisA)
+    harness.registerAddon(analysisB)
+    harness.registerAddon(logAddon)
+
+    await harness.boot(['mock-storage', 'mock-analysis-a', 'mock-analysis-b', 'mock-log-addon'])
+  })
+
+  it('listCapabilities returns all declared capabilities', () => {
+    const list = harness.registry.listCapabilities()
+    const names = list.map((c) => c.name)
+
+    expect(names).toContain('storage')
+    expect(names).toContain('object-detector')
+    expect(names).toContain('log-destination')
+  })
+
+  it('getCapability for storage returns CapabilityInfo with provider', () => {
+    const list = harness.registry.listCapabilities()
+    const storage = list.find((c) => c.name === 'storage')
+
+    expect(storage).toBeDefined()
+    expect(storage!.mode).toBe('singleton')
+    expect(storage!.providers).toContain('mock-storage')
+    expect(storage!.activeProvider).toBe('mock-storage')
+  })
+
+  it('setActiveSingleton swaps the active analysis provider', async () => {
+    const listBefore = harness.registry.listCapabilities()
+    const analysisBefore = listBefore.find((c) => c.name === 'object-detector')!
+    expect(analysisBefore.activeProvider).toBe('mock-analysis-a')
+
+    await harness.registry.setActiveSingleton('object-detector', 'mock-analysis-b', true)
+
+    const listAfter = harness.registry.listCapabilities()
+    const analysisAfter = listAfter.find((c) => c.name === 'object-detector')!
+    expect(analysisAfter.activeProvider).toBe('mock-analysis-b')
+  })
+
+  it('setActiveSingleton throws for unknown capability', async () => {
+    await expect(
+      harness.registry.setActiveSingleton('nonexistent', 'some-addon', true),
+    ).rejects.toThrow(/[Uu]nknown/)
+  })
+
+  it('setActiveSingleton throws for collection capability', async () => {
+    await expect(
+      harness.registry.setActiveSingleton('log-destination', 'mock-log-addon', true),
+    ).rejects.toThrow(/singleton/)
+  })
+
+  it('setActiveSingleton throws for unregistered provider', async () => {
+    await expect(
+      harness.registry.setActiveSingleton('storage', 'nonexistent-addon', true),
+    ).rejects.toThrow(/[Nn]o provider/)
+  })
+})

package/src/__tests__/cli-e2e.test.ts

@@ -0,0 +1,129 @@
+/**
+ * CLI E2E tests — verify `camstack serve` and `camstack agent` boot correctly.
+ *
+ * These tests spawn real processes using the CLI entry point and verify:
+ * - Server starts and responds on the configured port
+ * - Agent starts and attempts hub connection
+ * - Info command prints version and platform
+ *
+ * Uses random ports to avoid conflicts with running servers.
+ *
+ * The serve/agent tests require the full server build (@camstack/server/main.js)
+ * and are gated behind CAMSTACK_TEST_CLI_FULL=true.
+ */
+import { describe, it, expect, afterEach } from 'vitest'
+import { fork, type ChildProcess } from 'node:child_process'
+import { resolve } from 'node:path'
+import * as https from 'node:https'
+import * as fs from 'node:fs'
+
+const CLI_PATH = resolve(__dirname, '../../../../packages/cli/dist/cli.js')
+const TEST_DATA_DIR = resolve(__dirname, '../../../../.test-data-cli-e2e')
+
+const CLI_EXISTS = fs.existsSync(CLI_PATH)
+
+// Random port in 10000-60000 range
+function randomPort(): number {
+  return 10000 + Math.floor(Math.random() * 50000)
+}
+
+function waitForPort(port: number, timeoutMs: number = 15000): Promise<void> {
+  return new Promise((resolve, reject) => {
+    const deadline = Date.now() + timeoutMs
+    const check = () => {
+      const req = https.request(
+        { hostname: '127.0.0.1', port, path: '/', method: 'GET', rejectUnauthorized: false },
+        (res) => { res.resume(); resolve() },
+      )
+      req.on('error', () => {
+        if (Date.now() > deadline) {
+          reject(new Error(`Port ${port} not responding after ${timeoutMs}ms`))
+        } else {
+          setTimeout(check, 500)
+        }
+      })
+      req.end()
+    }
+    check()
+  })
+}
+
+describe('CLI E2E', () => {
+  const processes: ChildProcess[] = []
+
+  afterEach(async () => {
+    for (const proc of processes) {
+      proc.kill('SIGTERM')
+    }
+    processes.length = 0
+    // Small delay for cleanup
+    await new Promise((r) => setTimeout(r, 500))
+  })
+
+  // Full server boot tests require the entire build chain
+  const fullTest = process.env.CAMSTACK_TEST_CLI_FULL === 'true' && CLI_EXISTS ? it : it.skip
+
+  fullTest('camstack serve boots and responds on HTTPS', async () => {
+    const port = randomPort()
+    const proc = fork(CLI_PATH, ['serve', '--port', String(port), '--data', TEST_DATA_DIR], {
+      stdio: 'pipe',
+      env: { ...process.env, CAMSTACK_TLS_ENABLED: 'true' },
+    })
+    processes.push(proc)
+
+    await waitForPort(port)
+
+    // Verify HTTPS response
+    const body = await new Promise<string>((resolve, reject) => {
+      const req = https.request(
+        { hostname: '127.0.0.1', port, path: '/', method: 'GET', rejectUnauthorized: false },
+        (res) => {
+          let data = ''
+          res.on('data', (chunk) => { data += chunk })
+          res.on('end', () => resolve(data))
+        },
+      )
+      req.on('error', reject)
+      req.end()
+    })
+
+    // Should return something (admin UI or health endpoint)
+    expect(body.length).toBeGreaterThan(0)
+  }, 30000)
+
+  fullTest('camstack agent boots and stays alive', async () => {
+    const proc = fork(CLI_PATH, [
+      'agent', '--hub', '127.0.0.1', '--token', 'test_token', '--port', String(randomPort()),
+    ], {
+      stdio: 'pipe',
+      env: {
+        ...process.env,
+        CAMSTACK_AGENT_NAME: 'test-agent',
+        CAMSTACK_DATA: TEST_DATA_DIR,
+      },
+    })
+    processes.push(proc)
+
+    // Agent should start even if hub is unreachable (retries in background)
+    await new Promise((r) => setTimeout(r, 5000))
+
+    // Process should still be alive (not crashed)
+    expect(proc.exitCode).toBeNull()
+  }, 15000)
+
+  it.skipIf(!CLI_EXISTS)('camstack info prints version and platform', async () => {
+    const output = await new Promise<string>((resolve, reject) => {
+      let stdout = ''
+      const proc = fork(CLI_PATH, ['info'], { stdio: 'pipe' })
+      proc.stdout?.on('data', (chunk) => { stdout += chunk })
+      proc.on('exit', (code) => {
+        if (code === 0) resolve(stdout)
+        else reject(new Error(`Exit code ${code}`))
+      })
+    })
+
+    expect(output).toContain('camstack v')
+    expect(output).toContain('Platform:')
+    expect(output).toContain('Node.js:')
+  }, 10000)
+})

package/src/__tests__/core-cap-bridge.spec.ts

@@ -0,0 +1,89 @@
+import { describe, it, expect, afterEach } from 'vitest'
+import { ServiceBroker } from 'moleculer'
+import { z } from 'zod'
+import { CORE_CAP_SERVICE_NAME } from '@camstack/kernel'
+import { trpcRouter, publicProcedure, protectedProcedure } from '../api/trpc/trpc.middleware.js'
+import { buildCoreCapService } from '../api/trpc/core-cap-bridge.js'
+import type { AppRouter } from '../api/trpc/trpc.router.js'
+
+/**
+ * Synthetic router covering every branch of `buildCoreCapService`:
+ *  - a core namespace with a query + a mutation
+ *  - a camelCase core namespace (kebab-case action name)
+ *  - a core namespace with a subscription (must be skipped)
+ *  - a non-core namespace (must be excluded)
+ *  - the deliberately-excluded `auth` namespace
+ *  - a `protectedProcedure` (must pass under the trusted mesh ctx)
+ */
+function makeRouter() {
+  return trpcRouter({
+    system: trpcRouter({
+      info: publicProcedure.query(() => ({ version: '9.9.9' })),
+      setRetentionConfig: protectedProcedure
+        .input(z.object({ days: z.number() }))
+        .mutation(({ input }) => ({ days: input.days })),
+    }),
+    streamProbe: trpcRouter({
+      probe: publicProcedure.query(() => ({ ok: true })),
+    }),
+    toast: trpcRouter({
+      onToast: publicProcedure.subscription(async function* () {
+        yield 1
+      }),
+    }),
+    deviceManager: trpcRouter({
+      listAll: publicProcedure.query(() => []),
+    }),
+    auth: trpcRouter({
+      login: publicProcedure.query(() => 'token'),
+    }),
+  })
+}
+
+function asAppRouter(router: ReturnType<typeof makeRouter>): AppRouter {
+  // The synthetic router is structurally a tRPC router; the cast lets
+  // the test exercise `buildCoreCapService` without booting every
+  // backend service the real appRouter depends on.
+  return router as unknown as AppRouter
+}
+
+describe('buildCoreCapService', () => {
+  let broker: ServiceBroker
+
+  afterEach(async () => {
+    if (broker) await broker.stop()
+  })
+
+  it('exposes core query + mutation procedures as kebab-cased actions', () => {
+    const schema = buildCoreCapService(asAppRouter(makeRouter()))
+    expect(schema.name).toBe(CORE_CAP_SERVICE_NAME)
+    expect(schema.actions?.['system.info']).toBeDefined()
+    expect(schema.actions?.['system.setRetentionConfig']).toBeDefined()
+    expect(schema.actions?.['stream-probe.probe']).toBeDefined()
+  })
+
+  it('excludes non-core namespaces, the auth router, and subscriptions', () => {
+    const schema = buildCoreCapService(asAppRouter(makeRouter()))
+    expect(schema.actions?.['device-manager.listAll']).toBeUndefined()
+    expect(schema.actions?.['auth.login']).toBeUndefined()
+    expect(schema.actions?.['toast.onToast']).toBeUndefined()
+  })
+
+  it('routes a bridged query through the trusted mesh caller', async () => {
+    broker = new ServiceBroker({ nodeID: 'test', transporter: 'Fake', logger: false })
+    broker.createService(buildCoreCapService(asAppRouter(makeRouter())))
+    await broker.start()
+
+    const result = await broker.call(`${CORE_CAP_SERVICE_NAME}.system.info`)
+    expect(result).toEqual({ version: '9.9.9' })
+  })
+
+  it('passes protectedProcedure under the synthetic admin mesh identity', async () => {
+    broker = new ServiceBroker({ nodeID: 'test', transporter: 'Fake', logger: false })
+    broker.createService(buildCoreCapService(asAppRouter(makeRouter())))
+    await broker.start()
+
+    const result = await broker.call(`${CORE_CAP_SERVICE_NAME}.system.setRetentionConfig`, { days: 30 })
+    expect(result).toEqual({ days: 30 })
+  })
+})