npm - @idevconn/create-icore - Versions diffs - 0.5.0 → 0.5.1 - Mend

@idevconn/create-icore 0.5.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/templates/apps/microservices/payment/src/main.ts CHANGED Viewed

@@ -1,28 +1,11 @@
 import { Logger } from '@nestjs/common';
 import { NestFactory } from '@nestjs/core';
 import { MicroserviceOptions } from '@nestjs/microservices';
-import { buildTransportMS } from '@icore/shared';
+import { bootstrapMicroservice, buildTransportMS } from '@icore/shared';
 import { AppModule } from './app/app.module';
-async function bootstrap() {
-  const app = await NestFactory.createMicroservice<MicroserviceOptions>(
-    AppModule,
-    buildTransportMS('PAYMENT'),
-  );
-  await app.listen();
-}
-bootstrap()
-  .then(() => {
-    const logger = new Logger('Payment-Bootstrap');
-    logger.log(
-      `Payment MS Bootstrap completed: transport=${process.env.PAYMENT_TRANSPORT ?? 'tcp'} host=${process.env.PAYMENT_HOST ?? '127.0.0.1'} port=${process.env.PAYMENT_PORT ?? '4003'}`,
-    );
-  })
-  .catch((err) => {
-    new Logger('Payment-Bootstrap').error(
-      'Payment MS bootstrap failed',
-      err instanceof Error ? err.stack : err,
-    );
-    process.exit(1);
-  });
+void bootstrapMicroservice(
+  'PAYMENT',
+  () => NestFactory.createMicroservice<MicroserviceOptions>(AppModule, buildTransportMS('PAYMENT')),
+  new Logger('Payment-Bootstrap'),
+);

package/templates/apps/microservices/upload/package.json CHANGED Viewed

@@ -3,12 +3,12 @@
   "version": "0.0.1",
   "private": true,
   "dependencies": {
+    "@icore/firebase-admin": "*",
     "@icore/shared": "*",
     "@icore/storage-cloudinary": "*",
     "@icore/storage-firebase": "*",
     "@icore/storage-supabase": "*",
     "cloudinary": "^2.0.0",
-    "firebase-admin": "^13.0.0",
     "@nestjs/common": "^11.1.24",
     "@nestjs/config": "^4.0.4",
     "@nestjs/core": "^11.1.24",

package/templates/apps/microservices/upload/src/app/app.module.ts CHANGED Viewed

@@ -1,27 +1,21 @@
 import { join } from 'node:path';
-import { Module } from '@nestjs/common';
+import { Module, Logger } from '@nestjs/common';
 import { ConfigModule, ConfigService } from '@nestjs/config';
 import { createClient } from '@supabase/supabase-js';
-import * as admin from 'firebase-admin';
 import { v2 as cloudinary } from 'cloudinary';
 import { SupabaseStorageStrategy } from '@icore/storage-supabase';
 import { FirebaseStorageStrategy } from '@icore/storage-firebase';
 import { CloudinaryStorageStrategy, type CloudinaryApiLike } from '@icore/storage-cloudinary';
+import { getFirebaseAdmin, FIREBASE_ADMIN_REQUIRED_ENV } from '@icore/firebase-admin';
 import { FakeStorageStrategy, missingEnv, formatEnvBanner } from '@icore/shared';
 import type { StorageStrategy } from '@icore/shared';
-import { Logger } from '@nestjs/common';
 import { StorageController } from './storage.controller';
 const ENV_PATH = 'apps/microservices/upload/.env';
 const REQUIRED_ENV: Record<string, string[]> = {
   supabase: ['SUPABASE_URL', 'SUPABASE_SERVICE_ROLE_KEY', 'SUPABASE_STORAGE_BUCKET'],
-  firebase: [
-    'FIREBASE_STORAGE_BUCKET',
-    'FB_ADMIN_PROJECT_ID',
-    'FB_ADMIN_CLIENT_EMAIL',
-    'FB_ADMIN_PRIVATE_KEY',
-  ],
+  firebase: [...FIREBASE_ADMIN_REQUIRED_ENV, 'FIREBASE_STORAGE_BUCKET'],
   cloudinary: ['CLOUDINARY_CLOUD_NAME', 'CLOUDINARY_API_KEY', 'CLOUDINARY_API_SECRET'],
 };
@@ -29,19 +23,23 @@ function requireEnv(cfg: ConfigService, key: string): string {
   return cfg.getOrThrow<string>(key);
 }
+function makeSupabaseStorage(cfg: ConfigService): StorageStrategy {
+  const client = createClient(
+    requireEnv(cfg, 'SUPABASE_URL'),
+    requireEnv(cfg, 'SUPABASE_SERVICE_ROLE_KEY'),
+    { auth: { autoRefreshToken: false, persistSession: false } },
+  );
+  return new SupabaseStorageStrategy({
+    client,
+    bucket: requireEnv(cfg, 'SUPABASE_STORAGE_BUCKET'),
+  });
+}
 function makeFirebaseStorage(cfg: ConfigService): StorageStrategy {
   const bucketName = requireEnv(cfg, 'FIREBASE_STORAGE_BUCKET');
-  if (admin.apps.length === 0) {
-    admin.initializeApp({
-      credential: admin.credential.cert({
-        projectId: requireEnv(cfg, 'FB_ADMIN_PROJECT_ID'),
-        clientEmail: requireEnv(cfg, 'FB_ADMIN_CLIENT_EMAIL'),
-        privateKey: requireEnv(cfg, 'FB_ADMIN_PRIVATE_KEY').replace(/\\n/g, '\n'),
-      }),
-    });
-  }
+  const app = getFirebaseAdmin(cfg);
   return new FirebaseStorageStrategy({
-    bucket: admin
+    bucket: app
       .storage()
       .bucket(bucketName) as unknown as import('@icore/storage-firebase').FirebaseStorageBucketLike,
   });
@@ -129,17 +127,7 @@ function makeCloudinaryStorage(cfg: ConfigService): StorageStrategy {
         if (!keys || missing.length > 0) return fallback();
         try {
-          if (provider === 'supabase') {
-            const client = createClient(
-              requireEnv(cfg, 'SUPABASE_URL'),
-              requireEnv(cfg, 'SUPABASE_SERVICE_ROLE_KEY'),
-              { auth: { autoRefreshToken: false, persistSession: false } },
-            );
-            return new SupabaseStorageStrategy({
-              client,
-              bucket: requireEnv(cfg, 'SUPABASE_STORAGE_BUCKET'),
-            });
-          }
+          if (provider === 'supabase') return makeSupabaseStorage(cfg);
           if (provider === 'firebase') return makeFirebaseStorage(cfg);
           return makeCloudinaryStorage(cfg);
         } catch (err) {

package/templates/apps/microservices/upload/src/main.ts CHANGED Viewed

@@ -1,28 +1,11 @@
 import { Logger } from '@nestjs/common';
 import { NestFactory } from '@nestjs/core';
 import { MicroserviceOptions } from '@nestjs/microservices';
-import { buildTransportMS } from '@icore/shared';
+import { bootstrapMicroservice, buildTransportMS } from '@icore/shared';
 import { AppModule } from './app/app.module';
-async function bootstrap() {
-  const app = await NestFactory.createMicroservice<MicroserviceOptions>(
-    AppModule,
-    buildTransportMS('UPLOAD'),
-  );
-  await app.listen();
-}
-bootstrap()
-  .then(() => {
-    const logger = new Logger('Upload-Bootstrap');
-    logger.log(
-      `Upload MS Bootstrap completed: transport=${process.env.UPLOAD_TRANSPORT ?? 'tcp'} host=${process.env.UPLOAD_HOST ?? '127.0.0.1'} port=${process.env.UPLOAD_PORT ?? '4002'}`,
-    );
-  })
-  .catch((err) => {
-    new Logger('Upload-Bootstrap').error(
-      'Upload MS bootstrap failed',
-      err instanceof Error ? err.stack : err,
-    );
-    process.exit(1);
-  });
+void bootstrapMicroservice(
+  'UPLOAD',
+  () => NestFactory.createMicroservice<MicroserviceOptions>(AppModule, buildTransportMS('UPLOAD')),
+  new Logger('Upload-Bootstrap'),
+);

package/templates/libs/firebase-admin/README.md ADDED Viewed

@@ -0,0 +1,11 @@
+# firebase-admin
+This library was generated with [Nx](https://nx.dev).
+## Building
+Run `nx build firebase-admin` to build the library.
+## Running unit tests
+Run `nx test firebase-admin` to execute the unit tests via [Vitest](https://vitest.dev/).

package/templates/libs/firebase-admin/eslint.config.mjs ADDED Viewed

@@ -0,0 +1,24 @@
+import baseConfig from '../../eslint.config.mjs';
+export default [
+  ...baseConfig,
+  {
+    files: ['**/*.json'],
+    rules: {
+      '@nx/dependency-checks': [
+        'error',
+        {
+          ignoredFiles: [
+            '{projectRoot}/eslint.config.{js,cjs,mjs,ts,cts,mts}',
+            '{projectRoot}/vitest.config.{js,ts,mjs,mts}',
+            '{projectRoot}/src/**/*.{spec,test}.{js,ts,jsx,tsx}',
+            '{projectRoot}/src/**/__tests__/**/*.{js,ts,jsx,tsx}',
+          ],
+        },
+      ],
+    },
+    languageOptions: {
+      parser: await import('jsonc-eslint-parser'),
+    },
+  },
+];

package/templates/libs/firebase-admin/package.json ADDED Viewed

@@ -0,0 +1,12 @@
+{
+  "name": "@icore/firebase-admin",
+  "version": "0.0.1",
+  "private": true,
+  "type": "commonjs",
+  "main": "./src/index.js",
+  "types": "./src/index.d.ts",
+  "dependencies": {
+    "firebase-admin": "^13.10.0",
+    "tslib": "^2.3.0"
+  }
+}

package/templates/libs/firebase-admin/project.json ADDED Viewed

@@ -0,0 +1,19 @@
+{
+  "name": "firebase-admin",
+  "$schema": "../../node_modules/nx/schemas/project-schema.json",
+  "sourceRoot": "libs/firebase-admin/src",
+  "projectType": "library",
+  "tags": [],
+  "targets": {
+    "build": {
+      "executor": "@nx/js:tsc",
+      "outputs": ["{options.outputPath}"],
+      "options": {
+        "outputPath": "dist/libs/firebase-admin",
+        "main": "libs/firebase-admin/src/index.ts",
+        "tsConfig": "libs/firebase-admin/tsconfig.lib.json",
+        "assets": ["libs/firebase-admin/*.md"]
+      }
+    }
+  }
+}

package/templates/libs/firebase-admin/src/index.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from './lib/firebase-admin';

package/templates/libs/firebase-admin/src/lib/__tests__/firebase-admin.unit.test.ts ADDED Viewed

@@ -0,0 +1,105 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+const { apps, cert, initializeApp, app } = vi.hoisted(() => {
+  const apps: unknown[] = [];
+  return {
+    apps,
+    cert: vi.fn((sa: unknown) => ({ __cert: sa })),
+    initializeApp: vi.fn((opts: unknown) => {
+      const created = { __app: opts };
+      apps.push(created);
+      return created;
+    }),
+    app: vi.fn(() => apps[0]),
+  };
+});
+vi.mock('firebase-admin', () => ({
+  get apps() {
+    return apps;
+  },
+  app,
+  initializeApp,
+  credential: { cert },
+}));
+import { FIREBASE_ADMIN_REQUIRED_ENV, getFirebaseAdmin } from '../firebase-admin';
+type Cfg = {
+  getOrThrow: (k: string) => string;
+  get: (k: string) => string | undefined;
+};
+function makeCfg(extra: Record<string, string> = {}): Cfg {
+  const env: Record<string, string> = {
+    FB_ADMIN_TYPE: 'service_account',
+    FB_ADMIN_PROJECT_ID: 'proj',
+    FB_ADMIN_PRIVATE_KEY_ID: 'kid',
+    FB_ADMIN_PRIVATE_KEY: '-----BEGIN-----\\nABC\\n-----END-----',
+    FB_ADMIN_CLIENT_EMAIL: 'svc@proj.iam.gserviceaccount.com',
+    FB_ADMIN_CLIENT_ID: 'cid',
+    FB_ADMIN_AUTH_URI: 'https://accounts.google.com/o/oauth2/auth',
+    FB_ADMIN_TOKEN_URI: 'https://oauth2.googleapis.com/token',
+    FB_ADMIN_AUTH_PROVIDER_X509_CERT_URL: 'https://www.googleapis.com/oauth2/v1/certs',
+    FB_ADMIN_CLIENT_X509_CERT_URL: 'https://www.googleapis.com/robot/v1/metadata/x509/svc',
+    FB_ADMIN_UNIVERSE_DOMAIN: 'googleapis.com',
+    ...extra,
+  };
+  return {
+    getOrThrow: (k) => {
+      if (!(k in env)) throw new Error(`missing ${k}`);
+      return env[k];
+    },
+    get: (k) => env[k],
+  };
+}
+describe('getFirebaseAdmin', () => {
+  beforeEach(() => {
+    apps.length = 0;
+    cert.mockClear();
+    initializeApp.mockClear();
+    app.mockClear();
+  });
+  afterEach(() => vi.restoreAllMocks());
+  it('requires the full Firebase service-account env contract (all 11 keys)', () => {
+    expect([...FIREBASE_ADMIN_REQUIRED_ENV]).toEqual([
+      'FB_ADMIN_TYPE',
+      'FB_ADMIN_PROJECT_ID',
+      'FB_ADMIN_PRIVATE_KEY_ID',
+      'FB_ADMIN_PRIVATE_KEY',
+      'FB_ADMIN_CLIENT_EMAIL',
+      'FB_ADMIN_CLIENT_ID',
+      'FB_ADMIN_AUTH_URI',
+      'FB_ADMIN_TOKEN_URI',
+      'FB_ADMIN_AUTH_PROVIDER_X509_CERT_URL',
+      'FB_ADMIN_CLIENT_X509_CERT_URL',
+      'FB_ADMIN_UNIVERSE_DOMAIN',
+    ]);
+  });
+  it('passes the complete service account to cert() with escaped newlines fixed', () => {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    getFirebaseAdmin(makeCfg() as any);
+    expect(initializeApp).toHaveBeenCalledTimes(1);
+    const sa = cert.mock.calls[0][0] as Record<string, string>;
+    expect(sa['project_id']).toBe('proj');
+    expect(sa['client_email']).toBe('svc@proj.iam.gserviceaccount.com');
+    expect(sa['private_key_id']).toBe('kid');
+    expect(sa['universe_domain']).toBe('googleapis.com');
+    // \n escapes in the env value are turned into real newlines
+    expect(sa['private_key']).toContain('\n');
+    expect(sa['private_key']).not.toContain('\\n');
+  });
+  it('initializes the default app only once (guards on admin.apps)', () => {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const cfg = makeCfg() as any;
+    getFirebaseAdmin(cfg);
+    getFirebaseAdmin(cfg);
+    expect(initializeApp).toHaveBeenCalledTimes(1);
+    expect(app).toHaveBeenCalledTimes(1); // second call returns the existing app
+  });
+});

package/templates/libs/firebase-admin/src/lib/firebase-admin.ts ADDED Viewed

@@ -0,0 +1,70 @@
+import * as admin from 'firebase-admin';
+/**
+ * Minimal structural view of NestJS's `ConfigService` — just the two readers
+ * this helper needs. Declaring it structurally keeps the lib free of a
+ * `@nestjs/config` dependency while still accepting a real `ConfigService` at
+ * every call site.
+ */
+export interface FirebaseConfigReader {
+  getOrThrow<T = string>(key: string): T;
+  get<T = string>(key: string): T | undefined;
+}
+/**
+ * The full Firebase service-account env contract.
+ *
+ * These are exactly the keys Firebase emits in the service-account JSON you
+ * download from Project Settings → Service accounts. Every microservice that
+ * talks to Firebase (auth, storage, Firestore) requires all of them, so each
+ * MS spreads this into its own REQUIRED_ENV map — keeping the contract in one
+ * place instead of three drifting copies.
+ */
+export const FIREBASE_ADMIN_REQUIRED_ENV = [
+  'FB_ADMIN_TYPE',
+  'FB_ADMIN_PROJECT_ID',
+  'FB_ADMIN_PRIVATE_KEY_ID',
+  'FB_ADMIN_PRIVATE_KEY',
+  'FB_ADMIN_CLIENT_EMAIL',
+  'FB_ADMIN_CLIENT_ID',
+  'FB_ADMIN_AUTH_URI',
+  'FB_ADMIN_TOKEN_URI',
+  'FB_ADMIN_AUTH_PROVIDER_X509_CERT_URL',
+  'FB_ADMIN_CLIENT_X509_CERT_URL',
+  'FB_ADMIN_UNIVERSE_DOMAIN',
+] as const;
+/**
+ * Initialises the default Firebase Admin app exactly once and returns it.
+ *
+ * The Admin SDK throws "default app already exists" if `initializeApp` runs
+ * twice in a process, so this guards on `admin.apps.length` and is safe to call
+ * from every Firebase consumer (auth / storage / notes). Callers then use the
+ * returned app: `getFirebaseAdmin(cfg).auth()`, `.firestore()`, `.storage()`.
+ *
+ * The full service-account object is passed to `cert()` — Firebase only mints
+ * tokens from project_id/client_email/private_key, but feeding the complete
+ * downloaded JSON keeps the code aligned with the documented FB_ADMIN_* env.
+ */
+export function getFirebaseAdmin(cfg: FirebaseConfigReader): admin.app.App {
+  if (admin.apps.length > 0) return admin.app();
+  return admin.initializeApp({
+    credential: admin.credential.cert({
+      type: cfg.getOrThrow<string>('FB_ADMIN_TYPE'),
+      project_id: cfg.getOrThrow<string>('FB_ADMIN_PROJECT_ID'),
+      private_key_id: cfg.getOrThrow<string>('FB_ADMIN_PRIVATE_KEY_ID'),
+      private_key: cfg.getOrThrow<string>('FB_ADMIN_PRIVATE_KEY').replace(/\\n/g, '\n'),
+      client_email: cfg.getOrThrow<string>('FB_ADMIN_CLIENT_EMAIL'),
+      client_id: cfg.getOrThrow<string>('FB_ADMIN_CLIENT_ID'),
+      auth_uri: cfg.getOrThrow<string>('FB_ADMIN_AUTH_URI'),
+      token_uri: cfg.getOrThrow<string>('FB_ADMIN_TOKEN_URI'),
+      auth_provider_x509_cert_url: cfg.getOrThrow<string>('FB_ADMIN_AUTH_PROVIDER_X509_CERT_URL'),
+      client_x509_cert_url: cfg.getOrThrow<string>('FB_ADMIN_CLIENT_X509_CERT_URL'),
+      universe_domain: cfg.getOrThrow<string>('FB_ADMIN_UNIVERSE_DOMAIN'),
+    } as unknown as admin.ServiceAccount),
+    // Optional: the storage MS also passes the bucket name explicitly to
+    // .bucket(); set here too so admin.storage().bucket() (no arg) works.
+    storageBucket: cfg.get<string>('FIREBASE_STORAGE_BUCKET'),
+  });
+}

package/templates/libs/firebase-admin/tsconfig.json ADDED Viewed

@@ -0,0 +1,23 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "compilerOptions": {
+    "module": "commonjs",
+    "forceConsistentCasingInFileNames": true,
+    "strict": true,
+    "importHelpers": true,
+    "noImplicitOverride": true,
+    "noImplicitReturns": true,
+    "noFallthroughCasesInSwitch": true,
+    "noPropertyAccessFromIndexSignature": true
+  },
+  "files": [],
+  "include": [],
+  "references": [
+    {
+      "path": "./tsconfig.lib.json"
+    },
+    {
+      "path": "./tsconfig.spec.json"
+    }
+  ]
+}

package/templates/libs/firebase-admin/tsconfig.lib.json ADDED Viewed

@@ -0,0 +1,23 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "outDir": "../../dist/out-tsc",
+    "declaration": true,
+    "types": ["node"]
+  },
+  "include": ["src/**/*.ts"],
+  "exclude": [
+    "vite.config.ts",
+    "vite.config.mts",
+    "vitest.config.ts",
+    "vitest.config.mts",
+    "src/**/*.test.ts",
+    "src/**/*.spec.ts",
+    "src/**/*.test.tsx",
+    "src/**/*.spec.tsx",
+    "src/**/*.test.js",
+    "src/**/*.spec.js",
+    "src/**/*.test.jsx",
+    "src/**/*.spec.jsx"
+  ]
+}

package/templates/libs/firebase-admin/tsconfig.spec.json ADDED Viewed

@@ -0,0 +1,22 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "outDir": "../../dist/out-tsc",
+    "types": ["vitest/globals", "vitest/importMeta", "vite/client", "node", "vitest"]
+  },
+  "include": [
+    "vite.config.ts",
+    "vite.config.mts",
+    "vitest.config.ts",
+    "vitest.config.mts",
+    "src/**/*.test.ts",
+    "src/**/*.spec.ts",
+    "src/**/*.test.tsx",
+    "src/**/*.spec.tsx",
+    "src/**/*.test.js",
+    "src/**/*.spec.js",
+    "src/**/*.test.jsx",
+    "src/**/*.spec.jsx",
+    "src/**/*.d.ts"
+  ]
+}

package/templates/libs/firebase-admin/vitest.config.mts ADDED Viewed

@@ -0,0 +1,21 @@
+import { defineConfig } from 'vitest/config';
+import { nxViteTsPaths } from '@nx/vite/plugins/nx-tsconfig-paths.plugin';
+import { nxCopyAssetsPlugin } from '@nx/vite/plugins/nx-copy-assets.plugin';
+export default defineConfig(() => ({
+  root: __dirname,
+  cacheDir: '../../node_modules/.vite/libs/firebase-admin',
+  plugins: [nxViteTsPaths(), nxCopyAssetsPlugin(['*.md'])],
+  test: {
+    name: 'firebase-admin',
+    watch: false,
+    globals: true,
+    environment: 'node',
+    include: ['{src,tests}/**/*.{test,spec}.{js,mjs,cjs,ts,mts,cts,jsx,tsx}'],
+    reporters: ['default'],
+    coverage: {
+      reportsDirectory: '../../coverage/libs/firebase-admin',
+      provider: 'v8' as const,
+    },
+  },
+}));

package/templates/libs/jobs-client/src/lib/jobs-client.service.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Inject, Injectable, OnModuleDestroy } from '@nestjs/common';
+import { Inject, Injectable, Logger, OnModuleDestroy } from '@nestjs/common';
 import { Queue, type JobsOptions } from 'bullmq';
 import IORedis from 'ioredis';
 import { ICORE_QUEUES, type JobsMap } from '@icore/shared';
@@ -6,11 +6,23 @@ import { JOBS_REDIS_URL } from './jobs-client.tokens';
 @Injectable()
 export class JobsClientService implements OnModuleDestroy {
+  private readonly logger = new Logger(JobsClientService.name);
   private readonly connection: IORedis;
   private readonly queues = new Map<string, Queue>();
   constructor(@Inject(JOBS_REDIS_URL) redisUrl: string) {
-    this.connection = new IORedis(redisUrl, { maxRetriesPerRequest: null });
+    this.connection = new IORedis(redisUrl, {
+      maxRetriesPerRequest: null,
+      retryStrategy: (times) => Math.min(times * 200, 5000),
+    });
+    // Without an 'error' handler ioredis throws an unhandled 'error' event and
+    // crashes the host process when Redis is down. Log once, keep retrying.
+    let warned = false;
+    this.connection.on('error', (err: Error) => {
+      if (warned) return;
+      warned = true;
+      this.logger.warn(`Redis unreachable at ${redisUrl}: ${err.message}. enqueue() will retry.`);
+    });
   }
   async enqueue<K extends keyof JobsMap>(

package/templates/libs/shared/src/__tests__/bootstrap.unit.test.ts ADDED Viewed

@@ -0,0 +1,92 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+import { bootstrapMicroservice } from '../bootstrap';
+interface FakeApp {
+  listen: () => Promise<void>;
+  close: () => Promise<void>;
+}
+function makeLogger() {
+  return { log: vi.fn(), warn: vi.fn(), error: vi.fn() };
+}
+const ORIG = { ...process.env };
+describe('bootstrapMicroservice', () => {
+  beforeEach(() => {
+    vi.useFakeTimers();
+    delete process.env['AUTH_TRANSPORT'];
+    delete process.env['NODE_ENV'];
+  });
+  afterEach(() => {
+    vi.useRealTimers();
+    vi.restoreAllMocks();
+    Object.assign(process.env, ORIG);
+  });
+  it('redis in dev: retries with a banner instead of exiting, then binds when the broker appears', async () => {
+    process.env['AUTH_TRANSPORT'] = 'redis';
+    const logger = makeLogger();
+    const close = vi.fn().mockResolvedValue(undefined);
+    let attempts = 0;
+    const createApp = vi.fn(async (): Promise<FakeApp> => {
+      attempts += 1;
+      return {
+        // first attempt fails (broker down), second succeeds
+        listen:
+          attempts < 2 ? () => Promise.reject(new Error('ECONNREFUSED')) : () => Promise.resolve(),
+        close,
+      };
+    });
+    const done = bootstrapMicroservice('AUTH', createApp, logger);
+    // let the first attempt fail + the retry delay elapse
+    await vi.advanceTimersByTimeAsync(3000);
+    await done;
+    expect(createApp).toHaveBeenCalledTimes(2);
+    expect(close).toHaveBeenCalledTimes(1); // failed app cleaned up before retry
+    expect(logger.warn).toHaveBeenCalledTimes(1);
+    expect(logger.warn.mock.calls[0][0]).toContain('broker unreachable');
+    expect(logger.log).toHaveBeenCalledTimes(1); // "listening" on success
+  });
+  it('tcp: fails fast (process.exit) rather than retrying', async () => {
+    process.env['AUTH_TRANSPORT'] = 'tcp';
+    const logger = makeLogger();
+    const exit = vi.spyOn(process, 'exit').mockImplementation(((): never => {
+      throw new Error('__exit__');
+    }) as never);
+    const createApp = vi.fn(
+      async (): Promise<FakeApp> => ({
+        listen: () => Promise.reject(new Error('EADDRINUSE')),
+        close: () => Promise.resolve(),
+      }),
+    );
+    await expect(bootstrapMicroservice('AUTH', createApp, logger)).rejects.toThrow('__exit__');
+    expect(exit).toHaveBeenCalledWith(1);
+    expect(logger.error).toHaveBeenCalledTimes(1);
+    expect(logger.warn).not.toHaveBeenCalled();
+  });
+  it('production: fails fast even on a broker transport', async () => {
+    process.env['AUTH_TRANSPORT'] = 'redis';
+    process.env['NODE_ENV'] = 'production';
+    const logger = makeLogger();
+    const exit = vi.spyOn(process, 'exit').mockImplementation(((): never => {
+      throw new Error('__exit__');
+    }) as never);
+    const createApp = vi.fn(
+      async (): Promise<FakeApp> => ({
+        listen: () => Promise.reject(new Error('ECONNREFUSED')),
+        close: () => Promise.resolve(),
+      }),
+    );
+    await expect(bootstrapMicroservice('AUTH', createApp, logger)).rejects.toThrow('__exit__');
+    expect(exit).toHaveBeenCalledWith(1);
+    expect(logger.warn).not.toHaveBeenCalled();
+  });
+});

package/templates/libs/shared/src/__tests__/transport.unit.test.ts CHANGED Viewed

@@ -33,8 +33,12 @@ describe('buildTransport', () => {
     process.env.AUTH_REDIS_URL = 'redis://localhost:6379';
     const opts = buildTransport('AUTH');
     expect(opts.transport).toBe(Transport.REDIS);
-    const redis = opts.options as { url: string };
+    const redis = opts.options as { url: string; retryAttempts: number; retryDelay: number };
     expect(redis.url).toBe('redis://localhost:6379');
+    // Resilience: NestJS gives up (and app.listen() rejects) when retryAttempts
+    // is unset — an effectively-infinite retry keeps reconnecting instead.
+    expect(redis.retryAttempts).toBe(Number.POSITIVE_INFINITY);
+    expect(redis.retryDelay).toBeGreaterThan(0);
   });
   it('selects NATS when ${PREFIX}_TRANSPORT=nats', () => {
@@ -42,8 +46,16 @@ describe('buildTransport', () => {
     process.env.AUTH_NATS_URL = 'nats://localhost:4222,nats://localhost:4223';
     const opts = buildTransport('AUTH');
     expect(opts.transport).toBe(Transport.NATS);
-    const nats = opts.options as { servers: string[] };
+    const nats = opts.options as {
+      servers: string[];
+      reconnect: boolean;
+      maxReconnectAttempts: number;
+    };
     expect(nats.servers).toEqual(['nats://localhost:4222', 'nats://localhost:4223']);
+    // Resilience: reconnect forever once connected (the initial connect is left
+    // to reject so bootstrapMicroservice() can banner + retry).
+    expect(nats.reconnect).toBe(true);
+    expect(nats.maxReconnectAttempts).toBe(-1);
   });
   it('throws on unknown transport', () => {