@friggframework/core 2.0.0-next.45 → 2.0.0-next.47

package/handlers/routers/db-migration.js

@@ -0,0 +1,256 @@
+/**
+ * Database Migration Router
+ *
+ * HTTP API for triggering and monitoring database migrations.
+ *
+ * Endpoints:
+ * - GET /db-migrate/status - Check if migrations are pending
+ * - POST /db-migrate - Trigger async migration (queues job)
+ * - GET /db-migrate/:processId - Check migration status
+ *
+ * Security:
+ * - Requires ADMIN_API_KEY header for all requests
+ *
+ * Architecture:
+ * - Router (Adapter Layer) → Use Cases (Domain) → Repositories (Infrastructure)
+ * - Follows DDD/Hexagonal architecture
+ */
+
+const { Router } = require('express');
+const catchAsyncError = require('express-async-handler');
+const { MigrationStatusRepositoryS3 } = require('../../database/repositories/migration-status-repository-s3');
+const {
+    TriggerDatabaseMigrationUseCase,
+    ValidationError: TriggerValidationError,
+} = require('../../database/use-cases/trigger-database-migration-use-case');
+const {
+    GetMigrationStatusUseCase,
+    ValidationError: GetValidationError,
+    NotFoundError,
+} = require('../../database/use-cases/get-migration-status-use-case');
+const { LambdaInvoker } = require('../../database/adapters/lambda-invoker');
+const {
+    GetDatabaseStateViaWorkerUseCase,
+} = require('../../database/use-cases/get-database-state-via-worker-use-case');
+
+const router = Router();
+
+// Dependency injection
+// Use S3 repository to avoid User table dependency (chicken-and-egg problem)
+const bucketName = process.env.S3_BUCKET_NAME || process.env.MIGRATION_STATUS_BUCKET;
+const migrationStatusRepository = new MigrationStatusRepositoryS3(bucketName);
+
+const triggerMigrationUseCase = new TriggerDatabaseMigrationUseCase({
+    migrationStatusRepository,
+    // Note: QueuerUtil is used directly in the use case (static utility)
+});
+const getStatusUseCase = new GetMigrationStatusUseCase({ migrationStatusRepository });
+
+// Lambda invocation for database state check (keeps router lightweight)
+const lambdaInvoker = new LambdaInvoker();
+const workerFunctionName = process.env.WORKER_FUNCTION_NAME ||
+    `${process.env.SERVICE || 'unknown'}-${process.env.STAGE || 'production'}-dbMigrationWorker`;
+
+const getDatabaseStateUseCase = new GetDatabaseStateViaWorkerUseCase({
+    lambdaInvoker,
+    workerFunctionName,
+});
+
+/**
+ * Admin API key validation middleware
+ * Matches pattern from health.js:72-88
+ */
+const validateApiKey = (req, res, next) => {
+    const apiKey = req.headers['x-frigg-admin-api-key'];
+
+    if (!apiKey || apiKey !== process.env.ADMIN_API_KEY) {
+        console.error('Unauthorized access attempt to db-migrate endpoint');
+        return res.status(401).json({
+            status: 'error',
+            message: 'Unauthorized - x-frigg-admin-api-key header required',
+        });
+    }
+
+    next();
+};
+
+// Apply API key validation to all routes
+router.use(validateApiKey);
+
+/**
+ * POST /db-migrate
+ *
+ * Trigger database migration (async via SQS queue)
+ *
+ * Request body:
+ * {
+ *   userId: string (optional, defaults to 'admin'),
+ *   dbType: 'postgresql' | 'mongodb',
+ *   stage: string (e.g., 'production', 'dev')
+ * }
+ *
+ * Response (202 Accepted):
+ * {
+ *   success: true,
+ *   processId: string,
+ *   state: 'INITIALIZING',
+ *   statusUrl: string,
+ *   message: string
+ * }
+ */
+router.post(
+    '/db-migrate',
+    catchAsyncError(async (req, res) => {
+        // Migration infrastructure is PostgreSQL-only, so hardcode dbType
+        const dbType = 'postgresql';
+        const { stage } = req.body;
+        // TODO: Extract userId from JWT token when auth is implemented
+        const userId = req.body.userId || 'admin';
+
+        console.log(`Migration trigger request: dbType=${dbType}, stage=${stage || 'auto-detect'}, userId=${userId}`);
+
+        try {
+            const result = await triggerMigrationUseCase.execute({
+                userId,
+                dbType,
+                stage,
+            });
+
+            // 202 Accepted - request accepted but not completed
+            res.status(202).json(result);
+        } catch (error) {
+            // Handle validation errors (400 Bad Request)
+            if (error instanceof TriggerValidationError) {
+                return res.status(400).json({
+                    success: false,
+                    error: error.message,
+                });
+            }
+
+            // Re-throw other errors for global error handler
+            throw error;
+        }
+    })
+);
+
+/**
+ * GET /db-migrate/status
+ *
+ * Check if database has pending migrations
+ * 
+ * Query params:
+ * - stage: string (optional, defaults to STAGE env var or 'production')
+ *
+ * Response (200 OK):
+ * {
+ *   upToDate: boolean,
+ *   pendingMigrations: number,
+ *   dbType: 'postgresql',
+ *   stage: string,
+ *   recommendation?: string (if migrations pending),
+ *   error?: string (if database check failed)
+ * }
+ */
+router.get(
+    '/db-migrate/status',
+    catchAsyncError(async (req, res) => {
+        const stage = req.query.stage || process.env.STAGE || 'production';
+
+        console.log(`Checking database state: stage=${stage}, worker=${workerFunctionName}`);
+
+        try {
+            // Invoke worker Lambda to check database state
+            const status = await getDatabaseStateUseCase.execute(stage);
+
+            res.status(200).json(status);
+        } catch (error) {
+            // Log full error for debugging
+            console.error('Database state check failed:', error);
+
+            // Return sanitized error to client
+            return res.status(500).json({
+                success: false,
+                error: 'Failed to check database state',
+                details: error.message,
+            });
+        }
+    })
+);
+
+/**
+ * GET /db-migrate/:migrationId
+ *
+ * Get migration status by migration ID
+ *
+ * Response (200 OK):
+ * {
+ *   processId: string,
+ *   type: 'DATABASE_MIGRATION',
+ *   state: 'INITIALIZING' | 'RUNNING' | 'COMPLETED' | 'FAILED',
+ *   context: {
+ *     dbType: string,
+ *     stage: string,
+ *     migrationCommand: string (if started)
+ *   },
+ *   results: {
+ *     success: boolean (if completed),
+ *     duration: string (if completed),
+ *     error: string (if failed)
+ *   },
+ *   createdAt: string,
+ *   updatedAt: string
+ * }
+ */
+router.get(
+    '/db-migrate/:migrationId',
+    catchAsyncError(async (req, res) => {
+        const { migrationId } = req.params;
+        const stage = req.query.stage || process.env.STAGE || 'production';
+
+        console.log(`Migration status request: migrationId=${migrationId}, stage=${stage}`);
+
+        try {
+            const status = await getStatusUseCase.execute(migrationId, stage);
+
+            res.status(200).json(status);
+        } catch (error) {
+            // Handle not found errors (404 Not Found)
+            if (error instanceof NotFoundError) {
+                return res.status(404).json({
+                    success: false,
+                    error: error.message,
+                });
+            }
+
+            // Handle validation errors (400 Bad Request)
+            if (error instanceof GetValidationError) {
+                return res.status(400).json({
+                    success: false,
+                    error: error.message,
+                });
+            }
+
+            // Re-throw other errors for global error handler
+            throw error;
+        }
+    })
+);
+
+// Minimal Lambda handler (avoids app-handler-helpers which loads core/index.js → user/**)
+const serverlessHttp = require('serverless-http');
+const express = require('express');
+const cors = require('cors');
+
+const app = express();
+app.use(cors());
+app.use(express.json());
+app.use(router);
+app.use((err, req, res, next) => {
+    console.error('Migration Router Error:', err);
+    res.status(500).json({ message: 'Internal Server Error' });
+});
+
+const handler = serverlessHttp(app);
+
+module.exports = { handler, router };
+

package/handlers/routers/health.js

@@ -1,6 +1,16 @@
 const { Router } = require('express');
-const { moduleFactory, integrationFactory } = require('./../backend-utils');
 const { createAppHandler } = require('./../app-handler-helpers');
+const { loadAppDefinition } = require('./../app-definition-loader');
+const { ModuleFactory } = require('../../modules/module-factory');
+const {
+    getModulesDefinitionFromIntegrationClasses,
+} = require('../../integrations/utils/map-integration-dto');
+const {
+    createModuleRepository,
+} = require('../../modules/repositories/module-repository-factory');
+const {
+    createIntegrationRepository,
+} = require('../../integrations/repositories/integration-repository-factory');
 const {
     createHealthCheckRepository,
 } = require('../../database/repositories/health-check-repository-factory');
@@ -22,6 +32,28 @@ const {
 
 const router = Router();
 const healthCheckRepository = createHealthCheckRepository();
+
+// Load integrations and create factories just like auth router does
+// This verifies the system can properly load integrations
+let moduleFactory, integrationClasses;
+try {
+    const appDef = loadAppDefinition();
+    integrationClasses = appDef.integrations || [];
+
+    const moduleRepository = createModuleRepository();
+    const moduleDefinitions = getModulesDefinitionFromIntegrationClasses(integrationClasses);
+
+    moduleFactory = new ModuleFactory({
+        moduleRepository,
+        moduleDefinitions,
+    });
+} catch (error) {
+    console.error('Failed to load integrations for health check:', error.message);
+    // Factories will be undefined, health check will report unhealthy
+    moduleFactory = undefined;
+    integrationClasses = [];
+}
+
 const testEncryptionUseCase = new TestEncryptionUseCase({
     healthCheckRepository,
 });
@@ -34,11 +66,11 @@ const checkEncryptionHealthUseCase = new CheckEncryptionHealthUseCase({
 const checkExternalApisHealthUseCase = new CheckExternalApisHealthUseCase();
 const checkIntegrationsHealthUseCase = new CheckIntegrationsHealthUseCase({
     moduleFactory,
-    integrationFactory,
+    integrationClasses,
 });
 
 const validateApiKey = (req, res, next) => {
-    const apiKey = req.headers['x-api-key'];
+    const apiKey = req.headers['x-frigg-health-api-key'];
 
     if (req.path === '/health') {
         return next();
@@ -48,7 +80,7 @@ const validateApiKey = (req, res, next) => {
         console.error('Unauthorized access attempt to health endpoint');
         return res.status(401).json({
             status: 'error',
-            message: 'Unauthorized',
+            message: 'Unauthorized - x-frigg-health-api-key header required',
         });
     }
 
@@ -141,8 +173,11 @@ const detectVpcConfiguration = async () => {
             }
         }
 
-        results.isInVpc =
-            !results.hasInternetAccess || results.vpcEndpoints.length > 0;
+        // Check if Lambda is in VPC using VPC_ENABLED env var set by infrastructure
+        results.isInVpc = process.env.VPC_ENABLED === 'true' ||
+            (!results.hasInternetAccess && results.canResolvePublicDns) ||
+            results.vpcEndpoints.length > 0;
+
         results.canConnectToAws =
             results.hasInternetAccess || results.vpcEndpoints.length > 0;
     } catch (error) {

package/handlers/routers/integration-webhook-routers.js

@@ -20,7 +20,7 @@ for (const IntegrationClass of integrationClasses) {
     console.log(`\n│ Configuring webhook routes for ${IntegrationClass.Definition.name}:`);
 
     // General webhook route (no integration ID)
-    router.post('/', async (req, res, next) => {
+    router.post(basePath, async (req, res, next) => {
         try {
             const integrationInstance = new IntegrationClass();
             const dispatcher = new IntegrationEventDispatcher(integrationInstance);
@@ -37,7 +37,7 @@ for (const IntegrationClass of integrationClasses) {
     console.log(`│ POST ${basePath}`);
 
     // Integration-specific webhook route (with integration ID)
-    router.post('/:integrationId', async (req, res, next) => {
+    router.post(`${basePath}/:integrationId`, async (req, res, next) => {
         try {
             const integrationInstance = new IntegrationClass();
             const dispatcher = new IntegrationEventDispatcher(integrationInstance);

package/handlers/use-cases/check-integrations-health-use-case.js

@@ -1,20 +1,32 @@
 class CheckIntegrationsHealthUseCase {
-    constructor({ moduleFactory, integrationFactory }) {
+    constructor({ moduleFactory, integrationClasses }) {
         this.moduleFactory = moduleFactory;
-        this.integrationFactory = integrationFactory;
+        this.integrationClasses = integrationClasses;
     }
 
     execute() {
-        const moduleTypes = Array.isArray(this.moduleFactory.moduleTypes)
-            ? this.moduleFactory.moduleTypes
+        const moduleDefinitions = (this.moduleFactory && this.moduleFactory.moduleDefinitions)
+            ? this.moduleFactory.moduleDefinitions
             : [];
 
-        const integrationTypes = Array.isArray(
-            this.integrationFactory.integrationTypes
-        )
-            ? this.integrationFactory.integrationTypes
+        const integrationClasses = Array.isArray(this.integrationClasses)
+            ? this.integrationClasses
             : [];
 
+        // Extract module names from definitions
+        const moduleTypes = Array.isArray(moduleDefinitions)
+            ? moduleDefinitions.map(def => def.moduleName || def.name || def.label || 'Unknown')
+            : [];
+
+        // Extract integration names from classes
+        const integrationNames = integrationClasses.map(IntegrationClass => {
+            try {
+                return IntegrationClass.Definition?.name || IntegrationClass.name || 'Unknown';
+            } catch {
+                return 'Unknown';
+            }
+        });
+
         return {
             status: 'healthy',
             modules: {
@@ -22,8 +34,8 @@ class CheckIntegrationsHealthUseCase {
                 available: moduleTypes,
             },
             integrations: {
-                count: integrationTypes.length,
-                available: integrationTypes,
+                count: integrationNames.length,
+                available: integrationNames,
             },
         };
     }