@griffin-app/griffin-plan-executor 0.1.13 → 0.1.15

package/src/secrets/secrets.test.ts

@@ -3,18 +3,15 @@ import { isSecretRef, isStringLiteral } from "./types.js";
 import { SecretProviderRegistry } from "./registry.js";
 import { EnvSecretProvider } from "./providers/env.js";
 import {
-  resolveSecretsInPlan,
-  collectSecretsFromPlan,
+  resolveSecretsInMonitor,
+  collectSecretsFromMonitor,
   planHasSecrets,
 } from "./resolver.js";
-import { PlanV1 } from "@griffin-app/griffin-hub-sdk";
+import { MonitorV1 } from "@griffin-app/griffin-hub-sdk";
 
 // Helper to create a secret ref (mirrors the DSL's secret function)
-function createSecretRef(path: string) {
-  const colonIndex = path.indexOf(":");
-  const provider = path.slice(0, colonIndex);
-  const ref = path.slice(colonIndex + 1);
-  return { $secret: { provider, ref } };
+function createSecretRef(ref: string) {
+  return { $secret: { ref } };
 }
 
 // Helper to create a string literal (mirrors the schema's StringLiteral)
@@ -25,12 +22,10 @@ function createStringLiteral(value: string) {
 describe("Secret Types", () => {
   describe("isSecretRef", () => {
     it("should return true for valid secret refs", () => {
-      expect(
-        isSecretRef({ $secret: { provider: "env", ref: "API_KEY" } }),
-      ).toBe(true);
+      expect(isSecretRef({ $secret: { ref: "API_KEY" } })).toBe(true);
       expect(
         isSecretRef({
-          $secret: { provider: "aws", ref: "my-secret", version: "1" },
+          $secret: { ref: "my-secret", version: "1" },
         }),
       ).toBe(true);
     });
@@ -41,9 +36,7 @@ describe("Secret Types", () => {
       expect(isSecretRef(null)).toBe(false);
       expect(isSecretRef(undefined)).toBe(false);
       expect(isSecretRef({})).toBe(false);
-      expect(isSecretRef({ secret: { provider: "env", ref: "KEY" } })).toBe(
-        false,
-      ); // wrong key
+      expect(isSecretRef({ secret: { ref: "KEY" } })).toBe(false); // wrong key
       expect(isSecretRef({ $literal: "value" })).toBe(false); // string literal
     });
   });
@@ -62,9 +55,7 @@ describe("Secret Types", () => {
       expect(isStringLiteral(undefined)).toBe(false);
       expect(isStringLiteral({})).toBe(false);
       expect(isStringLiteral({ literal: "value" })).toBe(false); // wrong key
-      expect(
-        isStringLiteral({ $secret: { provider: "env", ref: "KEY" } }),
-      ).toBe(false); // secret ref
+      expect(isStringLiteral({ $secret: { ref: "KEY" } })).toBe(false); // secret ref
     });
   });
 });
@@ -76,33 +67,23 @@ describe("SecretProviderRegistry", () => {
     registry = new SecretProviderRegistry();
   });
 
-  it("should register and retrieve providers", () => {
-    const envProvider = new EnvSecretProvider();
-    registry.register(envProvider);
-
-    expect(registry.has("env")).toBe(true);
-    expect(registry.get("env")).toBe(envProvider);
-    expect(registry.getProviderNames()).toEqual(["env"]);
-  });
-
-  it("should throw when getting unregistered provider", () => {
-    expect(() => registry.get("unknown")).toThrow(/not configured/);
-  });
+  it("should set and use provider", async () => {
+    const envProvider = new EnvSecretProvider({
+      env: { TEST_SECRET: "resolved-value" },
+    });
+    registry.setProvider(envProvider);
 
-  it("should throw when registering duplicate provider", () => {
-    const envProvider = new EnvSecretProvider();
-    registry.register(envProvider);
-    expect(() => registry.register(envProvider)).toThrow(/already registered/);
+    const value = await registry.resolve({ ref: "TEST_SECRET" });
+    expect(value).toBe("resolved-value");
   });
 
-  it("should resolve secrets using the correct provider", async () => {
+  it("should resolve secrets using the configured provider", async () => {
     const envProvider = new EnvSecretProvider({
       env: { TEST_SECRET: "secret-value" },
     });
-    registry.register(envProvider);
+    registry.setProvider(envProvider);
 
     const result = await registry.resolve({
-      provider: "env",
       ref: "TEST_SECRET",
     });
 
@@ -137,127 +118,119 @@ describe("EnvSecretProvider", () => {
   });
 });
 
-describe("Plan Secret Resolution", () => {
-  const createTestPlan = (
-    headers?: Record<string, any>,
-    body?: any,
-  ): PlanV1 => ({
-    id: "test-plan-1",
-    name: "Test Plan",
-    version: "1.0",
-    environment: "default",
-    project: "test-project",
-    frequency: { every: 1, unit: "MINUTE" },
-    nodes: [
-      {
-        id: "endpoint-1",
-        type: "HTTP_REQUEST",
-        method: "GET",
-        path: "/api/test",
-        base: "https://api.example.com",
-        response_format: "JSON",
-        headers,
-        body,
-      },
-    ],
-    edges: [
-      { from: "__START__", to: "endpoint-1" },
-      { from: "endpoint-1", to: "__END__" },
-    ],
-  });
+describe("Monitor Secret Resolution", () => {
+  const createTestMonitor = (
+    headers?: Record<string, unknown>,
+    body?: unknown,
+  ): MonitorV1 =>
+    ({
+      id: "test-monitor-1",
+      name: "Test Monitor",
+      version: "1.0",
+      environment: "default",
+      project: "test-project",
+      frequency: { every: 1, unit: "MINUTE" },
+      nodes: [
+        {
+          id: "endpoint-1",
+          type: "HTTP_REQUEST",
+          method: "GET",
+          path: "/api/test",
+          base: "https://api.example.com",
+          response_format: "JSON",
+          headers,
+          body,
+        },
+      ],
+      edges: [
+        { from: "__START__", to: "endpoint-1" },
+        { from: "endpoint-1", to: "__END__" },
+      ],
+    }) as MonitorV1;
 
   describe("planHasSecrets", () => {
-    it("should return false for plans without secrets or literals", () => {
-      const plan = createTestPlan({ "Content-Type": "application/json" });
-      expect(planHasSecrets(plan)).toBe(false);
+    it("should return false for monitors without secrets or literals", () => {
+      const monitor = createTestMonitor({ "Content-Type": "application/json" });
+      expect(planHasSecrets(monitor)).toBe(false);
     });
 
-    it("should return true for plans with secret refs in headers", () => {
-      const plan = createTestPlan({
-        Authorization: createSecretRef("env:API_KEY"),
+    it("should return true for monitors with secret refs in headers", () => {
+      const monitor = createTestMonitor({
+        Authorization: createSecretRef("API_KEY"),
       });
-      expect(planHasSecrets(plan)).toBe(true);
+      expect(planHasSecrets(monitor)).toBe(true);
     });
 
-    it("should return true for plans with secret refs in body", () => {
-      const plan = createTestPlan(undefined, {
-        token: createSecretRef("env:TOKEN"),
+    it("should return true for monitors with secret refs in body", () => {
+      const monitor = createTestMonitor(undefined, {
+        token: createSecretRef("TOKEN"),
       });
-      expect(planHasSecrets(plan)).toBe(true);
+      expect(planHasSecrets(monitor)).toBe(true);
     });
 
-    it("should return true for plans with string literals in headers", () => {
-      const plan = createTestPlan({
+    it("should return true for monitors with string literals in headers", () => {
+      const monitor = createTestMonitor({
         "Content-Type": createStringLiteral("application/json"),
       });
-      expect(planHasSecrets(plan)).toBe(true);
+      expect(planHasSecrets(monitor)).toBe(true);
     });
 
-    it("should return true for plans with string literals in body", () => {
-      const plan = createTestPlan(undefined, {
+    it("should return true for monitors with string literals in body", () => {
+      const monitor = createTestMonitor(undefined, {
         type: createStringLiteral("test"),
       });
-      expect(planHasSecrets(plan)).toBe(true);
+      expect(planHasSecrets(monitor)).toBe(true);
     });
   });
 
-  describe("collectSecretsFromPlan", () => {
+  describe("collectSecretsFromMonitor", () => {
     it("should collect secrets from headers", () => {
-      const plan = createTestPlan({
-        Authorization: createSecretRef("env:API_KEY"),
-        "X-Custom": createSecretRef("aws:custom-secret"),
+      const monitor = createTestMonitor({
+        Authorization: createSecretRef("API_KEY"),
+        "X-Custom": createSecretRef("custom-secret"),
       });
 
-      const collected = collectSecretsFromPlan(plan);
+      const collected = collectSecretsFromMonitor(monitor);
 
       expect(collected.refs).toHaveLength(2);
-      expect(collected.refs).toContainEqual({
-        provider: "env",
-        ref: "API_KEY",
-      });
-      expect(collected.refs).toContainEqual({
-        provider: "aws",
-        ref: "custom-secret",
-      });
+      expect(collected.refs).toContainEqual({ ref: "API_KEY" });
+      expect(collected.refs).toContainEqual({ ref: "custom-secret" });
     });
 
     it("should collect secrets from nested body", () => {
-      const plan = createTestPlan(undefined, {
+      const monitor = createTestMonitor(undefined, {
         auth: {
-          token: createSecretRef("env:TOKEN"),
+          token: createSecretRef("TOKEN"),
         },
-        items: [{ key: createSecretRef("env:ITEM_KEY") }],
+        items: [{ key: createSecretRef("ITEM_KEY") }],
       });
 
-      const collected = collectSecretsFromPlan(plan);
+      const collected = collectSecretsFromMonitor(monitor);
 
       expect(collected.refs).toHaveLength(2);
-      expect(collected.refs).toContainEqual({ provider: "env", ref: "TOKEN" });
-      expect(collected.refs).toContainEqual({
-        provider: "env",
-        ref: "ITEM_KEY",
-      });
+      expect(collected.refs).toContainEqual({ ref: "TOKEN" });
+      expect(collected.refs).toContainEqual({ ref: "ITEM_KEY" });
     });
 
     it("should deduplicate secret refs", () => {
-      const plan = createTestPlan({
-        Authorization: createSecretRef("env:API_KEY"),
-        "X-Backup-Auth": createSecretRef("env:API_KEY"),
+      const monitor = createTestMonitor({
+        Authorization: createSecretRef("API_KEY"),
+        "X-Backup-Auth": createSecretRef("API_KEY"),
       });
 
-      const collected = collectSecretsFromPlan(plan);
+      const collected = collectSecretsFromMonitor(monitor);
 
       expect(collected.refs).toHaveLength(1);
       expect(collected.paths).toHaveLength(2);
     });
 
     it("should collect string literals from headers", () => {
-      const plan = createTestPlan({
+      const monitor = createTestMonitor({
         "Content-Type": createStringLiteral("application/json"),
         Accept: createStringLiteral("application/xml"),
       });
 
-      const collected = collectSecretsFromPlan(plan);
+      const collected = collectSecretsFromMonitor(monitor);
 
       expect(collected.refs).toHaveLength(0);
       expect(collected.literalPaths).toHaveLength(2);
@@ -272,18 +245,15 @@ describe("Plan Secret Resolution", () => {
     });
 
     it("should collect both secrets and literals", () => {
-      const plan = createTestPlan({
-        Authorization: createSecretRef("env:API_KEY"),
+      const monitor = createTestMonitor({
+        Authorization: createSecretRef("API_KEY"),
         "Content-Type": createStringLiteral("application/json"),
       });
 
-      const collected = collectSecretsFromPlan(plan);
+      const collected = collectSecretsFromMonitor(monitor);
 
       expect(collected.refs).toHaveLength(1);
-      expect(collected.refs).toContainEqual({
-        provider: "env",
-        ref: "API_KEY",
-      });
+      expect(collected.refs).toContainEqual({ ref: "API_KEY" });
       expect(collected.literalPaths).toHaveLength(1);
       expect(collected.literalPaths).toContainEqual({
         path: ["nodes", 0, "headers", "Content-Type"],
@@ -292,21 +262,21 @@ describe("Plan Secret Resolution", () => {
     });
   });
 
-  describe("resolveSecretsInPlan", () => {
+  describe("resolveSecretsInMonitor", () => {
     it("should resolve secrets in headers", async () => {
-      const plan = createTestPlan({
-        Authorization: createSecretRef("env:API_KEY"),
+      const monitor = createTestMonitor({
+        Authorization: createSecretRef("API_KEY"),
         "Content-Type": "application/json",
       });
 
       const registry = new SecretProviderRegistry();
-      registry.register(
+      registry.setProvider(
         new EnvSecretProvider({
           env: { API_KEY: "Bearer secret-token" },
         }),
       );
 
-      const resolved = await resolveSecretsInPlan(plan, registry);
+      const resolved = await resolveSecretsInMonitor(monitor, registry);
 
       const endpoint = resolved.nodes[0];
       if (endpoint.type !== "HTTP_REQUEST") {
@@ -317,19 +287,19 @@ describe("Plan Secret Resolution", () => {
     });
 
     it("should resolve secrets in body", async () => {
-      const plan = createTestPlan(undefined, {
-        token: createSecretRef("env:TOKEN"),
+      const monitor = createTestMonitor(undefined, {
+        token: createSecretRef("TOKEN"),
         data: "plain-value",
       });
 
       const registry = new SecretProviderRegistry();
-      registry.register(
+      registry.setProvider(
         new EnvSecretProvider({
           env: { TOKEN: "resolved-token" },
         }),
       );
 
-      const resolved = await resolveSecretsInPlan(plan, registry);
+      const resolved = await resolveSecretsInMonitor(monitor, registry);
 
       const endpoint = resolved.nodes[0];
       if (endpoint.type !== "HTTP_REQUEST") {
@@ -339,27 +309,27 @@ describe("Plan Secret Resolution", () => {
       expect((endpoint.body as { data: string }).data).toBe("plain-value");
     });
 
-    it("should not modify original plan", async () => {
-      const plan = createTestPlan({
-        Authorization: createSecretRef("env:API_KEY"),
+    it("should not modify original monitor", async () => {
+      const monitor = createTestMonitor({
+        Authorization: createSecretRef("API_KEY"),
       });
 
       const registry = new SecretProviderRegistry();
-      registry.register(
+      registry.setProvider(
         new EnvSecretProvider({
           env: { API_KEY: "secret" },
         }),
       );
 
-      const resolved = await resolveSecretsInPlan(plan, registry);
+      const resolved = await resolveSecretsInMonitor(monitor, registry);
 
       // Original should still have secret ref
-      const originalEndpoint = plan.nodes[0];
+      const originalEndpoint = monitor.nodes[0];
       if (originalEndpoint.type !== "HTTP_REQUEST") {
         throw new Error("HttpRequest not found");
       }
       expect(originalEndpoint.headers?.Authorization).toEqual(
-        createSecretRef("env:API_KEY"),
+        createSecretRef("API_KEY"),
       );
 
       // Resolved should have string
@@ -370,41 +340,40 @@ describe("Plan Secret Resolution", () => {
       expect(resolvedEndpoint.headers?.Authorization).toBe("secret");
     });
 
-    it("should throw for unregistered provider", async () => {
-      const plan = createTestPlan({
-        Authorization: createSecretRef("unknown:API_KEY"),
+    it("should throw when no provider configured", async () => {
+      const monitor = createTestMonitor({
+        Authorization: createSecretRef("API_KEY"),
       });
 
       const registry = new SecretProviderRegistry();
-      registry.register(new EnvSecretProvider({ env: {} }));
 
-      await expect(resolveSecretsInPlan(plan, registry)).rejects.toThrow(
-        /not configured/,
+      await expect(resolveSecretsInMonitor(monitor, registry)).rejects.toThrow(
+        /No secret provider configured/,
       );
     });
 
     it("should throw for missing secret", async () => {
-      const plan = createTestPlan({
-        Authorization: createSecretRef("env:MISSING_KEY"),
+      const monitor = createTestMonitor({
+        Authorization: createSecretRef("MISSING_KEY"),
       });
 
       const registry = new SecretProviderRegistry();
-      registry.register(new EnvSecretProvider({ env: {} }));
+      registry.setProvider(new EnvSecretProvider({ env: {} }));
 
-      await expect(resolveSecretsInPlan(plan, registry)).rejects.toThrow(
+      await expect(resolveSecretsInMonitor(monitor, registry)).rejects.toThrow(
         /not set/,
       );
     });
 
     it("should unwrap string literals in headers", async () => {
-      const plan = createTestPlan({
+      const monitor = createTestMonitor({
         "Content-Type": createStringLiteral("application/json"),
         Accept: createStringLiteral("application/xml"),
       });
 
       const registry = new SecretProviderRegistry();
 
-      const resolved = await resolveSecretsInPlan(plan, registry);
+      const resolved = await resolveSecretsInMonitor(monitor, registry);
 
       const endpoint = resolved.nodes[0];
       if (endpoint.type !== "HTTP_REQUEST") {
@@ -415,14 +384,14 @@ describe("Plan Secret Resolution", () => {
     });
 
     it("should unwrap string literals in body", async () => {
-      const plan = createTestPlan(undefined, {
+      const monitor = createTestMonitor(undefined, {
         type: createStringLiteral("test-type"),
         data: "plain-value",
       });
 
       const registry = new SecretProviderRegistry();
 
-      const resolved = await resolveSecretsInPlan(plan, registry);
+      const resolved = await resolveSecretsInMonitor(monitor, registry);
 
       const endpoint = resolved.nodes[0];
       if (endpoint.type !== "HTTP_REQUEST") {
@@ -433,19 +402,19 @@ describe("Plan Secret Resolution", () => {
     });
 
     it("should resolve both secrets and literals", async () => {
-      const plan = createTestPlan({
-        Authorization: createSecretRef("env:API_KEY"),
+      const monitor = createTestMonitor({
+        Authorization: createSecretRef("API_KEY"),
         "Content-Type": createStringLiteral("application/json"),
       });
 
       const registry = new SecretProviderRegistry();
-      registry.register(
+      registry.setProvider(
         new EnvSecretProvider({
           env: { API_KEY: "Bearer secret-token" },
         }),
       );
 
-      const resolved = await resolveSecretsInPlan(plan, registry);
+      const resolved = await resolveSecretsInMonitor(monitor, registry);
 
       const endpoint = resolved.nodes[0];
       if (endpoint.type !== "HTTP_REQUEST") {
@@ -455,17 +424,17 @@ describe("Plan Secret Resolution", () => {
       expect(endpoint.headers?.["Content-Type"]).toBe("application/json");
     });
 
-    it("should not modify original plan with literals", async () => {
-      const plan = createTestPlan({
+    it("should not modify original monitor with literals", async () => {
+      const monitor = createTestMonitor({
         "Content-Type": createStringLiteral("application/json"),
       });
 
       const registry = new SecretProviderRegistry();
 
-      const resolved = await resolveSecretsInPlan(plan, registry);
+      const resolved = await resolveSecretsInMonitor(monitor, registry);
 
       // Original should still have literal wrapper
-      const originalEndpoint = plan.nodes[0];
+      const originalEndpoint = monitor.nodes[0];
       if (originalEndpoint.type !== "HTTP_REQUEST") {
         throw new Error("HttpRequest not found");
       }

package/src/secrets/types.ts

@@ -1,17 +1,16 @@
 import { StringLiteral } from "@griffin-app/griffin-hub-sdk";
 
 /**
- * Data structure for a secret reference as it appears in a plan.
+ * Data structure for a secret reference as it appears in a monitor.
  */
 export interface SecretRefData {
-  provider: string;
   ref: string;
   version?: string;
   field?: string;
 }
 
 /**
- * Secret reference marker in plan JSON.
+ * Secret reference marker in monitor JSON.
  */
 export interface SecretRef {
   $secret: SecretRefData;
@@ -60,17 +59,12 @@ export interface SecretProvider {
  * Error thrown when secret resolution fails.
  */
 export class SecretResolutionError extends Error {
-  public readonly provider: string;
   public readonly ref: string;
   public readonly cause?: Error;
 
-  constructor(
-    message: string,
-    details: { provider: string; ref: string; cause?: unknown },
-  ) {
+  constructor(message: string, details: { ref: string; cause?: unknown }) {
     super(message);
     this.name = "SecretResolutionError";
-    this.provider = details.provider;
     this.ref = details.ref;
     if (details.cause instanceof Error) {
       this.cause = details.cause;
@@ -96,10 +90,7 @@ export function isSecretRef(value: unknown): value is SecretRef {
   }
 
   const secretData = obj.$secret as Record<string, unknown>;
-  return (
-    typeof secretData.provider === "string" &&
-    typeof secretData.ref === "string"
-  );
+  return typeof secretData.ref === "string";
 }
 
 /**

package/src/{test-plan-types.ts → test-monitor-types.ts}

@@ -40,7 +40,7 @@ export interface Frequency {
   unit: "minute" | "hour" | "day";
 }
 
-export interface TestPlan {
+export interface TestMonitor {
   name: string;
   endpoint_host: string;
   frequency?: Frequency;

package/src/types.ts

@@ -57,12 +57,12 @@ export interface RunStatusUpdate {
  */
 export interface StatusCallbacks {
   /**
-   * Called when plan execution starts (after secret resolution, before graph execution).
+   * Called when monitor execution starts (after secret resolution, before graph execution).
    */
   onStart?: () => Promise<void>;
 
   /**
-   * Called when plan execution completes (success or failure).
+   * Called when monitor execution completes (success or failure).
    */
   onComplete?: (update: RunStatusUpdate) => Promise<void>;
 }