@checkstack/gitops-backend 0.2.8 → 0.3.1

package/CHANGELOG.md

@@ -1,5 +1,52 @@
 # @checkstack/gitops-backend
 
+## 0.3.1
+
+### Patch Changes
+
+- Updated dependencies [9016526]
+  - @checkstack/common@0.10.0
+  - @checkstack/gitops-common@0.4.0
+  - @checkstack/backend-api@0.15.2
+  - @checkstack/command-backend@0.1.26
+  - @checkstack/queue-api@0.3.1
+
+## 0.3.0
+
+### Minor Changes
+
+- f6f9a5c: Surface the source repository for GitOps-managed entities and gate the
+  system→group remove button on the system's lock state.
+
+  - `provenanceSchema` now carries a `sourceUrl` field, derived on the
+    backend from the provider type, baseUrl, repository and filePath. URLs
+    are constructed for github.com / gitlab.com and self-hosted
+    GitHub/GitLab where the API base ends in `/api/v3` or `/api/v4`. Other
+    baseUrls fall back to `null` so the UI keeps showing the raw path.
+  - New `useProvenanceLocks` hook (bulk variant of `useProvenanceLock`)
+    for views that render many entities and need to look up locks
+    client-side.
+  - New `<GitOpsSourceBadge>` popover component that replaces the bare
+    GitBranch icon on system and group catalog cards. The popover
+    surfaces the repository, file path, and a "View in source provider"
+    deep link.
+  - `<GitOpsLockBanner>` repo line is now a real link when a sourceUrl is
+    available.
+  - The system→group remove button in the catalog now disables itself
+    when the system is GitOps-managed, matching the backend lock that was
+    already in place.
+
+### Patch Changes
+
+- Updated dependencies [42abfff]
+- Updated dependencies [f6f9a5c]
+- Updated dependencies [aa89bc5]
+  - @checkstack/common@0.9.0
+  - @checkstack/gitops-common@0.3.0
+  - @checkstack/queue-api@0.3.0
+  - @checkstack/backend-api@0.15.1
+  - @checkstack/command-backend@0.1.25
+
 ## 0.2.8
 
 ### Patch Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@checkstack/gitops-backend",
-  "version": "0.2.8",
+  "version": "0.3.1",
   "license": "Elastic-2.0",
   "type": "module",
   "main": "src/index.ts",
@@ -14,11 +14,11 @@
     "lint:code": "eslint . --max-warnings 0"
   },
   "dependencies": {
-    "@checkstack/backend-api": "0.14.1",
-    "@checkstack/gitops-common": "0.2.1",
-    "@checkstack/common": "0.7.0",
-    "@checkstack/command-backend": "0.1.23",
-    "@checkstack/queue-api": "0.2.17",
+    "@checkstack/backend-api": "0.15.1",
+    "@checkstack/gitops-common": "0.3.0",
+    "@checkstack/common": "0.9.0",
+    "@checkstack/command-backend": "0.1.25",
+    "@checkstack/queue-api": "0.3.0",
     "@orpc/server": "^1.13.2",
     "drizzle-orm": "^0.45.0",
     "minimatch": "^10.0.0",
@@ -27,9 +27,9 @@
     "yaml": "^2.7.0"
   },
   "devDependencies": {
-    "@checkstack/drizzle-helper": "0.0.4",
-    "@checkstack/scripts": "0.1.2",
-    "@checkstack/tsconfig": "0.0.6",
+    "@checkstack/drizzle-helper": "0.0.5",
+    "@checkstack/scripts": "0.3.1",
+    "@checkstack/tsconfig": "0.0.7",
     "@types/bun": "^1.3.5",
     "@types/node": "^20.0.0",
     "@types/uuid": "^11.0.0",

package/src/router.ts

@@ -2,7 +2,7 @@ import { implement, ORPCError } from "@orpc/server";
 import { z } from "zod";
 import { autoAuthMiddleware, type RpcContext } from "@checkstack/backend-api";
 import { encrypt, decrypt } from "@checkstack/backend-api";
-import { gitopsContract } from "@checkstack/gitops-common";
+import { gitopsContract, deriveSourceUrl } from "@checkstack/gitops-common";
 import type { SafeDatabase } from "@checkstack/backend-api";
 import type { QueueManager } from "@checkstack/queue-api";
 import type { InternalEntityKindRegistry } from "./kind-registry";
@@ -34,6 +34,36 @@ export const createGitOpsRouter = ({
 }: GitOpsRouterDeps) => {
   // ─── Provenance ──────────────────────────────────────────────────────
 
+  type ProviderMeta = {
+    type: "github" | "gitlab";
+    baseUrl: string | null;
+  };
+
+  const buildProviderLookup = async (): Promise<Map<string, ProviderMeta>> => {
+    const providers = await db.select().from(schema.providers);
+    const map = new Map<string, ProviderMeta>();
+    for (const p of providers) {
+      map.set(p.id, { type: p.type, baseUrl: p.baseUrl });
+    }
+    return map;
+  };
+
+  const decorateProvenance = (
+    row: typeof schema.provenance.$inferSelect,
+    providers: Map<string, ProviderMeta>,
+  ) => {
+    const provider = providers.get(row.providerId);
+    const sourceUrl = provider
+      ? deriveSourceUrl({
+          providerType: provider.type,
+          baseUrl: provider.baseUrl,
+          repository: row.repository,
+          filePath: row.filePath,
+        })
+      : null;
+    return { ...row, warnings: row.warnings ?? [], sourceUrl };
+  };
+
   const getProvenance = os.getProvenance.handler(async ({ input }) => {
     const conditions = [eq(schema.provenance.kind, input.kind)];
 
@@ -49,14 +79,15 @@ export const createGitOpsRouter = ({
       .from(schema.provenance)
       .where(and(...conditions));
     const row = result[0];
-     
-    return row ? { ...row, warnings: row.warnings ?? [] } : null;
+    if (!row) return null;
+    const providers = await buildProviderLookup();
+    return decorateProvenance(row, providers);
   });
 
   const listProvenance = os.listProvenance.handler(async ({ input }) => {
     const rawRows = await db.select().from(schema.provenance);
-    // Normalize: ensure warnings is always a string[] (Drizzle may return null for pre-migration rows)
-    const rows = rawRows.map((row) => ({ ...row, warnings: row.warnings ?? [] }));
+    const providers = await buildProviderLookup();
+    const rows = rawRows.map((row) => decorateProvenance(row, providers));
     if (!input) return rows;
 
     return rows.filter((row) => {