@checkstack/backend 0.4.7 → 0.4.8

package/CHANGELOG.md

@@ -1,5 +1,15 @@
 # @checkstack/backend
 
+## 0.4.8
+
+### Patch Changes
+
+- dd16be7: Fix plugin schema isolation: create schema before migrations run
+
+  Previously, schemas were only created when `coreServices.database` was resolved (after migrations), causing tables to be created in the `public` schema instead of plugin-specific schemas. Now schemas are created immediately before migrations run.
+
+  Also removed the `public` fallback from migration search_path to make errors more visible if schema creation fails.
+
 ## 0.4.7
 
 ### Patch Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@checkstack/backend",
-  "version": "0.4.7",
+  "version": "0.4.8",
   "type": "module",
   "scripts": {
     "dev": "bun --env-file=../../.env --watch src/index.ts",

package/src/health-check-plugin-integration.test.ts

@@ -8,6 +8,7 @@ import {
 import {
   createMockQueueManager,
   createMockLogger,
+  createMockDb,
 } from "@checkstack/test-utils-backend";
 import { z } from "zod";
 
@@ -75,10 +76,13 @@ describe("HealthCheck Plugin Integration", () => {
     // Register mock services since core-services is mocked as no-op
     pluginManager.registerService(
       coreServices.queueManager,
-      createMockQueueManager()
+      createMockQueueManager(),
     );
     pluginManager.registerService(coreServices.logger, createMockLogger());
-    pluginManager.registerService(coreServices.database, {} as never); // Mock database
+    pluginManager.registerService(
+      coreServices.database,
+      createMockDb() as never,
+    );
 
     // 4. Load plugins using the PluginManager with manual injection
     await pluginManager.loadPlugins(mockRouter, [testPlugin], {
@@ -87,7 +91,7 @@ describe("HealthCheck Plugin Integration", () => {
 
     // 5. Verify the strategy is registered in the registry managed by PluginManager
     const registry = await pluginManager.getService(
-      coreServices.healthCheckRegistry
+      coreServices.healthCheckRegistry,
     );
     expect(registry).toBeDefined();
 

package/src/plugin-manager/core-services.ts

@@ -33,7 +33,7 @@ import { createScopedDb } from "../utils/scoped-db.js";
 async function schemaExists(pool: Pool, schemaName: string): Promise<boolean> {
   const result = await pool.query(
     "SELECT 1 FROM information_schema.schemata WHERE schema_name = $1",
-    [schemaName]
+    [schemaName],
   );
   return result.rows.length > 0;
 }
@@ -70,19 +70,17 @@ export function registerCoreServices({
 
         if (oldExists && !newExists) {
           rootLogger.info(
-            `🔄 Renaming schema ${oldSchema} → ${assignedSchema} for plugin ${pluginId}`
+            `🔄 Renaming schema ${oldSchema} → ${assignedSchema} for plugin ${pluginId}`,
           );
           await adminPool.query(
-            `ALTER SCHEMA "${oldSchema}" RENAME TO "${assignedSchema}"`
+            `ALTER SCHEMA "${oldSchema}" RENAME TO "${assignedSchema}"`,
           );
           break; // Only one rename needed
         }
       }
     }
 
-    // Ensure Schema Exists (creates if not already renamed/created)
-    await adminPool.query(`CREATE SCHEMA IF NOT EXISTS "${assignedSchema}"`);
-
+    // Schema is created in plugin-loader.ts before migrations run.
     // Create scoped proxy on shared pool (no new connections)
     return createScopedDb(db, assignedSchema);
   });
@@ -121,12 +119,12 @@ export function registerCoreServices({
         try {
           const authStrategy = await registry.get(
             authenticationStrategyServiceRef,
-            metadata
+            metadata,
           );
           if (authStrategy) {
             // AuthenticationStrategy.validate() returns RealUser | undefined
             return await (authStrategy as AuthenticationStrategy).validate(
-              request
+              request,
             );
           }
         } catch {
@@ -165,7 +163,7 @@ export function registerCoreServices({
         } catch (error) {
           // RPC client not available yet (during startup), return empty
           rootLogger.warn(
-            `[auth] getAnonymousAccessRules: RPC failed, returning empty array. Error: ${error}`
+            `[auth] getAnonymousAccessRules: RPC failed, returning empty array. Error: ${error}`,
           );
           return [];
         }
@@ -207,7 +205,7 @@ export function registerCoreServices({
 
     const fetchWithAuth = async (
       input: RequestInfo | URL,
-      init?: RequestInit
+      init?: RequestInit,
     ) => {
       const { headers: authHeaders } = await auth.getCredentials();
       const mergedHeaders = new Headers(init?.headers);
@@ -288,13 +286,13 @@ export function registerCoreServices({
   // 6. Health Check Registry (Scoped Factory - auto-prefixes strategy IDs with pluginId)
   const globalHealthCheckRegistry = new CoreHealthCheckRegistry();
   registry.registerFactory(coreServices.healthCheckRegistry, (metadata) =>
-    createScopedHealthCheckRegistry(globalHealthCheckRegistry, metadata)
+    createScopedHealthCheckRegistry(globalHealthCheckRegistry, metadata),
   );
 
   // 6b. Collector Registry (Scoped Factory - injects ownerPlugin automatically)
   const globalCollectorRegistry = new CoreCollectorRegistry();
   registry.registerFactory(coreServices.collectorRegistry, (metadata) =>
-    createScopedCollectorRegistry(globalCollectorRegistry, metadata)
+    createScopedCollectorRegistry(globalCollectorRegistry, metadata),
   );
 
   // 7. RPC Service (Scoped Factory - uses pluginId for path derivation)
@@ -305,17 +303,17 @@ export function registerCoreServices({
         pluginRpcRouters.set(pluginId, router);
         pluginContractRegistry.set(pluginId, contract);
         rootLogger.debug(
-          `   -> Registered oRPC router and contract for '${pluginId}' at '/api/${pluginId}'`
+          `   -> Registered oRPC router and contract for '${pluginId}' at '/api/${pluginId}'`,
         );
       },
       registerHttpHandler: (
         handler: (req: Request) => Promise<Response>,
-        path = "/"
+        path = "/",
       ): void => {
         const fullPath = `/api/${pluginId}${path === "/" ? "" : path}`;
         pluginHttpHandlers.set(fullPath, handler);
         rootLogger.debug(
-          `   -> Registered HTTP handler for '${pluginId}' at '${fullPath}'`
+          `   -> Registered HTTP handler for '${pluginId}' at '${fullPath}'`,
         );
       },
     } satisfies RpcService;

package/src/plugin-manager/plugin-loader.ts

@@ -333,9 +333,12 @@ export async function loadPlugins({
        */
 
       // Run Migrations
-      const migrationsFolder = path.join(p.pluginPath, "drizzle");
+      // Skip migrations for manual test plugins (no plugin path) - see comment above
+      const migrationsFolder = p.pluginPath
+        ? path.join(p.pluginPath, "drizzle")
+        : undefined;
       const migrationsSchema = getPluginSchemaName(p.metadata.pluginId);
-      if (fs.existsSync(migrationsFolder)) {
+      if (migrationsFolder && fs.existsSync(migrationsFolder)) {
         try {
           // Strip "public". schema references from migration SQL at runtime
           stripPublicSchemaFromMigrations(migrationsFolder);
@@ -343,11 +346,19 @@ export async function loadPlugins({
             `   -> Running migrations for ${p.metadata.pluginId} from ${migrationsFolder}`,
           );
 
+          // Create schema if it doesn't exist BEFORE running migrations.
+          // Without this, SET search_path to a non-existent schema causes
+          // PostgreSQL to fall back to 'public', creating tables in the wrong schema.
+          await deps.db.execute(
+            sql.raw(`CREATE SCHEMA IF NOT EXISTS "${migrationsSchema}"`),
+          );
+
           // Set search_path to plugin schema before running migrations.
           // Uses session-level SET (not SET LOCAL) because migrate() may run
           // multiple statements across transaction boundaries.
+          // No 'public' fallback: schema is guaranteed to exist from CREATE above.
           await deps.db.execute(
-            sql.raw(`SET search_path = "${migrationsSchema}", public`),
+            sql.raw(`SET search_path = "${migrationsSchema}"`),
           );
           // Drizzle migrate() requires NodePgDatabase, cast from SafeDatabase
           await migrate(deps.db as NodePgDatabase<Record<string, unknown>>, {

package/src/plugin-manager.test.ts

@@ -9,6 +9,7 @@ import {
 import {
   createMockLogger,
   createMockQueueManager,
+  createMockDb,
 } from "@checkstack/test-utils-backend";
 import { sortPlugins } from "./plugin-manager/dependency-sorter";
 
@@ -120,13 +121,13 @@ describe("PluginManager", () => {
       // provider-1 must come before consumer and provider-2
       // provider-2 must come before consumer
       expect(sorted.indexOf("provider-1")).toBeLessThan(
-        sorted.indexOf("consumer")
+        sorted.indexOf("consumer"),
       );
       expect(sorted.indexOf("provider-1")).toBeLessThan(
-        sorted.indexOf("provider-2")
+        sorted.indexOf("provider-2"),
       );
       expect(sorted.indexOf("provider-2")).toBeLessThan(
-        sorted.indexOf("consumer")
+        sorted.indexOf("consumer"),
       );
     });
 
@@ -145,17 +146,17 @@ describe("PluginManager", () => {
       ]);
 
       expect(() =>
-        sortPlugins({ pendingInits, providedBy, logger: createMockLogger() })
+        sortPlugins({ pendingInits, providedBy, logger: createMockLogger() }),
       ).toThrow("Circular dependency detected");
     });
 
     describe("Queue Plugin Ordering", () => {
       it("should initialize queue plugin providers before queue consumers", () => {
         const queueManagerRef = createServiceRef<unknown>(
-          coreServices.queueManager.id
+          coreServices.queueManager.id,
         );
         const queueRegistryRef = createServiceRef<unknown>(
-          coreServices.queuePluginRegistry.id
+          coreServices.queuePluginRegistry.id,
         );
 
         const pendingInits = [
@@ -184,16 +185,16 @@ describe("PluginManager", () => {
 
         // Queue provider should come before queue consumer
         expect(sorted.indexOf("queue-provider")).toBeLessThan(
-          sorted.indexOf("queue-consumer")
+          sorted.indexOf("queue-consumer"),
         );
       });
 
       it("should handle multiple queue providers and consumers", () => {
         const queueManagerRef = createServiceRef<unknown>(
-          coreServices.queueManager.id
+          coreServices.queueManager.id,
         );
         const queueRegistryRef = createServiceRef<unknown>(
-          coreServices.queuePluginRegistry.id
+          coreServices.queuePluginRegistry.id,
         );
         const loggerRef = createServiceRef<unknown>("core.logger");
 
@@ -253,10 +254,10 @@ describe("PluginManager", () => {
 
       it("should respect existing service dependencies while prioritizing queue plugins", () => {
         const queueManagerRef = createServiceRef<unknown>(
-          coreServices.queueManager.id
+          coreServices.queueManager.id,
         );
         const queueRegistryRef = createServiceRef<unknown>(
-          coreServices.queuePluginRegistry.id
+          coreServices.queuePluginRegistry.id,
         );
         const customServiceRef = createServiceRef<unknown>("custom.service");
         const loggerRef = createServiceRef<unknown>("core.logger");
@@ -304,10 +305,10 @@ describe("PluginManager", () => {
 
       it("should handle plugins that both provide and consume queues", () => {
         const queueManagerRef = createServiceRef<unknown>(
-          coreServices.queueManager.id
+          coreServices.queueManager.id,
         );
         const queueRegistryRef = createServiceRef<unknown>(
-          coreServices.queuePluginRegistry.id
+          coreServices.queuePluginRegistry.id,
         );
 
         const pendingInits = [
@@ -342,10 +343,10 @@ describe("PluginManager", () => {
 
       it("should not create circular dependencies with queue ordering", () => {
         const queueManagerRef = createServiceRef<unknown>(
-          coreServices.queueManager.id
+          coreServices.queueManager.id,
         );
         const queueRegistryRef = createServiceRef<unknown>(
-          coreServices.queuePluginRegistry.id
+          coreServices.queuePluginRegistry.id,
         );
 
         const pendingInits = [
@@ -441,7 +442,7 @@ describe("PluginManager", () => {
           resource: "perm",
           level: "read",
           description: "Access Rule 3",
-        }
+        },
       );
 
       const all = pluginManager.getAllAccessRules();
@@ -470,10 +471,13 @@ describe("PluginManager", () => {
       // Register mock services since core-services is mocked as no-op
       pluginManager.registerService(
         coreServices.queueManager,
-        createMockQueueManager()
+        createMockQueueManager(),
       );
       pluginManager.registerService(coreServices.logger, createMockLogger());
-      pluginManager.registerService(coreServices.database, {} as never); // Mock database
+      pluginManager.registerService(
+        coreServices.database,
+        createMockDb() as never,
+      );
 
       // Use manual plugin injection with skipDiscovery to avoid loading real plugins
       await pluginManager.loadPlugins(mockRouter, [testPlugin], {