@odvi/create-dtt-framework 0.1.5 → 0.1.7

package/template/docs/framework/snowflake-integration.md

@@ -36,24 +36,27 @@ Add the following to your [`.env`](./environment-variables.md) file:
 
 ```bash
 # Snowflake
-SNOWFLAKE_ACCOUNT=xxx.us-east-1
-SNOWFLAKE_USERNAME=xxx
-SNOWFLAKE_PASSWORD=xxx
+SNOWFLAKE_ACCOUNT=ef19411.ap-southeast-1
+SNOWFLAKE_AUTHENTICATOR=SNOWFLAKE_JWT
+SNOWFLAKE_USERNAME=APP_USER_WITH_KEY_AUTH
+SNOWFLAKE_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----
+        -----END PRIVATE KEY-----"
+SNOWFLAKE_PRIVATE_KEY_PASSPHRASE="<password>"
 SNOWFLAKE_WAREHOUSE=COMPUTE_WH
-SNOWFLAKE_DATABASE=ANALYTICS
-SNOWFLAKE_SCHEMA=PUBLIC
-SNOWFLAKE_ROLE=ANALYST
+SNOWFLAKE_ROLE=ACCOUNTADMIN
+SNOWFLAKE_LOGGING=true
 ```
 
 **Where to find these values:**
 
-- **Account**: Snowflake URL (e.g., `xy12345.us-east-1` from `https://xy12345.us-east-1.snowflakecomputing.com`)
-- **Username**: Your Snowflake username
-- **Password**: Your Snowflake password
-- **Warehouse**: Compute warehouse name (create one if needed)
-- **Database**: Database name (create one if needed)
-- **Schema**: Schema name (usually `PUBLIC`)
-- **Role**: Role with appropriate permissions
+- **Account**: Snowflake URL (e.g., `ef19411.ap-southeast-1` from `https://ef19411.ap-southeast-1.snowflakecomputing.com`)
+- **Authenticator**: `SNOWFLAKE_JWT` for Key Pair Authentication
+- **Username**: Your Snowflake username (must be configured with public key)
+- **Private Key**: Your private key in PEM format
+- **Passphrase**: Password for your private key (if encrypted)
+- **Warehouse**: Compute warehouse name
+- **Role**: Role with appropriate permissions (e.g., `ACCOUNTADMIN` or custom role)
+- **Logging**: Enable verbose logging (optional)
 
 ### 4. Create Snowflake Client
 
@@ -67,10 +70,10 @@ import { env } from '@/config/env'
 const config = {
   account: env.SNOWFLAKE_ACCOUNT,
   username: env.SNOWFLAKE_USERNAME,
-  password: env.SNOWFLAKE_PASSWORD,
+  authenticator: env.SNOWFLAKE_AUTHENTICATOR,
+  privateKey: env.SNOWFLAKE_PRIVATE_KEY,
+  privateKeyPass: env.SNOWFLAKE_PRIVATE_KEY_PASSPHRASE,
   warehouse: env.SNOWFLAKE_WAREHOUSE,
-  database: env.SNOWFLAKE_DATABASE,
-  schema: env.SNOWFLAKE_SCHEMA,
   role: env.SNOWFLAKE_ROLE,
 }
 

package/template/docs/framework/supabase-integration.md

@@ -146,6 +146,7 @@ export * from './health-checks'
 pnpm db:generate
 
 # Push schema to database (development)
+# This is required for health checks to pass (creates health_check_tests table)
 pnpm db:push
 
 # Or run migrations (production)

package/template/drizzle.config.ts

@@ -8,5 +8,4 @@ export default {
   dbCredentials: {
     url: env.DATABASE_URL,
   },
-  tablesFilter: ["dtt-framework_*"],
 } satisfies Config;

package/template/src/config/__tests__/env.test.ts

@@ -33,10 +33,9 @@ describe('env configuration', () => {
       SNOWFLAKE_DATABASE: z.string().default('ANALYTICS'),
       SNOWFLAKE_SCHEMA: z.string().default('PUBLIC'),
       SNOWFLAKE_ROLE: z.string().default('ANALYST'),
-      NEXTBANK_API_URL: z.string().url().optional(),
-      NEXTBANK_API_KEY: z.string().optional(),
-      NEXTBANK_CLIENT_ID: z.string().optional(),
-      NEXTBANK_CLIENT_SECRET: z.string().optional(),
+      NEXTBANK_API: z.string().url().optional(),
+      NEXTBANK_API_USERNAME: z.string().optional(),
+      NEXTBANK_API_PASSWORD: z.string().optional(),
     });
 
     const result = envSchema.safeParse({});
@@ -104,10 +103,9 @@ describe('env configuration', () => {
 
   it('should allow optional NextBank fields', () => {
     const nextbankSchema = z.object({
-      NEXTBANK_API_URL: z.string().url().optional(),
-      NEXTBANK_API_KEY: z.string().optional(),
-      NEXTBANK_CLIENT_ID: z.string().optional(),
-      NEXTBANK_CLIENT_SECRET: z.string().optional(),
+      NEXTBANK_API: z.string().url().optional(),
+      NEXTBANK_API_USERNAME: z.string().optional(),
+      NEXTBANK_API_PASSWORD: z.string().optional(),
     });
 
     const result = nextbankSchema.safeParse({});

package/template/src/config/env.ts

@@ -19,17 +19,17 @@ const envSchema = z.object({
   // Snowflake
   SNOWFLAKE_ACCOUNT: z.string().default('placeholder'),
   SNOWFLAKE_USERNAME: z.string().default('placeholder'),
-  SNOWFLAKE_PASSWORD: z.string().default('placeholder'),
+  SNOWFLAKE_AUTHENTICATOR: z.literal('SNOWFLAKE_JWT').default('SNOWFLAKE_JWT'),
+  SNOWFLAKE_PRIVATE_KEY: z.string().default('placeholder'),
+  SNOWFLAKE_PRIVATE_KEY_PASSPHRASE: z.string().optional(),
   SNOWFLAKE_WAREHOUSE: z.string().default('COMPUTE_WH'),
-  SNOWFLAKE_DATABASE: z.string().default('ANALYTICS'),
-  SNOWFLAKE_SCHEMA: z.string().default('PUBLIC'),
-  SNOWFLAKE_ROLE: z.string().default('ANALYST'),
+  SNOWFLAKE_ROLE: z.string().default('ACCOUNTADMIN'),
+  SNOWFLAKE_LOGGING: z.string().transform((val) => val === 'true').optional(),
 
   // NextBank (optional)
-  NEXTBANK_API_URL: z.string().url().optional(),
-  NEXTBANK_API_KEY: z.string().optional(),
-  NEXTBANK_CLIENT_ID: z.string().optional(),
-  NEXTBANK_CLIENT_SECRET: z.string().optional(),
+  NEXTBANK_API: z.string().url().optional(),
+  NEXTBANK_API_USERNAME: z.string().optional(),
+  NEXTBANK_API_PASSWORD: z.string().optional(),
 })
 
 export const env = envSchema.parse(process.env)

package/template/src/features/health-check/components/health-dashboard.tsx

@@ -11,6 +11,7 @@ import { useState } from 'react'
 import type { HealthStatus } from '@/features/health-check/types'
 import { useHealthStore } from '../stores/health-store'
 import { useQueryClient } from '@tanstack/react-query'
+import { useAuth } from '@clerk/nextjs'
 
 const statusIcons: Record<HealthStatus, React.ReactNode> = {
   healthy: <CheckCircle className="h-5 w-5 text-green-500" />,
@@ -43,6 +44,7 @@ export function HealthDashboard() {
   const [loadingChecks, setLoadingChecks] = useState<Set<string>>(new Set())
   const healthStore = useHealthStore()
   const queryClient = useQueryClient()
+  const { getToken } = useAuth()
 
   const totalHealthChecks = SERVICES.reduce((total, service) => total + service.checks.length, 0)
 
@@ -85,8 +87,17 @@ export function HealthDashboard() {
           throw new Error(`Unknown client endpoint: ${endpoint}`)
         }
       } else {
+        // Get auth token if available
+        const token = await getToken()
+        
         // Handle server-side checks
-        const response = await fetch(`/api/health${endpoint}`)
+        const response = await fetch(`/api/health${endpoint}`, {
+          method: ['/database/write', '/database/delete', '/storage/upload', '/storage/delete'].includes(endpoint) ? 'POST' : 'GET',
+          headers: {
+            ...(token ? { Authorization: `Bearer ${token}` } : {}),
+          },
+          ...(endpoint === '/database/delete' || endpoint === '/storage/delete' ? { method: 'DELETE' } : {})
+        })
         // Check content type to ensure JSON
         const contentType = response.headers.get('content-type')
         if (!contentType || !contentType.includes('application/json')) {

package/template/src/features/health-check/config.ts

@@ -50,7 +50,6 @@ export const SERVICES = [
     icon: 'building',
     checks: [
       { name: 'Ping API', endpoint: '/nextbank/ping' },
-      { name: 'Test Authentication', endpoint: '/nextbank/auth' },
     ],
   },
   {

package/template/src/lib/nextbank/client.ts

@@ -2,35 +2,65 @@ import { env } from '@/config/env'
 
 class NextBankClient {
   private apiUrl: string
-  private apiKey: string
-  private accessToken: string | null = null
+  private username: string
+  private password: string
 
   constructor() {
-    this.apiUrl = env.NEXTBANK_API_URL ?? ''
-    this.apiKey = env.NEXTBANK_API_KEY ?? ''
+    this.apiUrl = env.NEXTBANK_API ?? ''
+    this.username = env.NEXTBANK_API_USERNAME ?? ''
+    this.password = env.NEXTBANK_API_PASSWORD ?? ''
   }
 
-  async ping(): Promise<{ status: string; timestamp: string }> {
-    const response = await fetch(`${this.apiUrl}/health`, {
-      headers: { 'X-API-Key': this.apiKey },
-    })
-    if (!response.ok) throw new Error(`NextBank API error: ${response.status}`)
-    return response.json()
+  private getAuthHeader(): Record<string, string> {
+    if (!this.username || !this.password) return {}
+    const token = btoa(`${this.username}:${this.password}`)
+    return { Authorization: `Basic ${token}` }
   }
 
-  async authenticate(): Promise<{ success: boolean; expiresAt: string }> {
-    const response = await fetch(`${this.apiUrl}/auth/token`, {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({
-        clientId: env.NEXTBANK_CLIENT_ID,
-        clientSecret: env.NEXTBANK_CLIENT_SECRET,
-      }),
-    })
-    if (!response.ok) throw new Error(`NextBank auth error: ${response.status}`)
-    const data = await response.json()
-    this.accessToken = data.accessToken
-    return { success: true, expiresAt: data.expiresAt }
+  async ping(fingerprint: string): Promise<{ status: string; timestamp: string }> {
+    const url = `${this.apiUrl}/management/status`
+    console.log(`[NextBank] Pinging ${url}`)
+    
+    try {
+      const response = await fetch(url, {
+        method: 'POST',
+        headers: {
+          ...this.getAuthHeader(),
+          'Content-Type': 'application/json',
+          'Accept': 'application/json',
+          'User-Agent': 'dtt-framework-health-check',
+        },
+        body: JSON.stringify({
+          fingerprint: fingerprint,
+        }),
+      })
+
+      const contentType = response.headers.get('content-type')
+      
+      if (!response.ok) {
+        if (contentType && contentType.includes('text/html')) {
+           const text = await response.text()
+           console.error('[NextBank] Received HTML error response. Possible causes:')
+           console.error('1. NEXTBANK_API is pointing to the wrong server (e.g. Next.js app instead of NextBank API)')
+           console.error('2. The endpoint /management/status does not exist or does not support POST')
+           console.error(`[NextBank] Response preview: ${text.substring(0, 150)}...`)
+           throw new Error(`NextBank API error: ${response.status} (HTML response)`)
+        }
+        throw new Error(`NextBank API error: ${response.status} ${response.statusText}`)
+      }
+
+      if (contentType && contentType.includes('application/json')) {
+        return await response.json()
+      } else {
+        const text = await response.text()
+        console.error('[NextBank] Invalid response content type:', contentType)
+        console.error('[NextBank] Response preview:', text.substring(0, 200))
+        throw new Error(`Invalid response format. Expected JSON, got ${contentType}`)
+      }
+    } catch (error) {
+      console.error('[NextBank] Ping failed:', error)
+      throw error
+    }
   }
 }
 

package/template/src/lib/snowflake/client.ts

@@ -1,33 +1,82 @@
-import snowflake from 'snowflake-sdk'
-import type { Bind } from 'snowflake-sdk'
+import type { Connection, Bind } from 'snowflake-sdk'
 import { env } from '@/config/env'
 
+// Helper to format private key correctly
+function formatPrivateKey(key: string | undefined): string | undefined {
+  if (!key || key === 'placeholder') return undefined
+
+  let cleanKey = key
+
+  // 1. Remove surrounding quotes if they exist
+  if ((cleanKey.startsWith('"') && cleanKey.endsWith('"')) ||
+      (cleanKey.startsWith("'") && cleanKey.endsWith("'"))) {
+    cleanKey = cleanKey.slice(1, -1)
+  }
+
+  // 2. Handle literal escaped newlines (common in one-line env vars)
+  if (cleanKey.includes('\\n')) {
+    cleanKey = cleanKey.replace(/\\n/g, '\n')
+  }
+
+  // 3. Split by newline to handle potential indentation/whitespace issues
+  const lines = cleanKey.split('\n')
+    .map(line => line.trim()) // Remove indentation/whitespace from each line
+    .filter(line => line.length > 0) // Remove empty lines
+
+  // 4. Reconstruct the key
+  const formattedKey = lines.join('\n')
+
+  // Debug log (safe)
+  if (!formattedKey.includes('BEGIN PRIVATE KEY')) {
+    console.warn('Snowflake Private Key may be invalid or missing PKCS#8 header (expected "-----BEGIN PRIVATE KEY-----")')
+  }
+  
+  if (formattedKey.includes('BEGIN RSA PRIVATE KEY')) {
+    console.warn('Snowflake Private Key appears to be PKCS#1 (RSA). Snowflake requires PKCS#8. Use "openssl pkcs8 -topk8..." to convert.')
+  }
+
+  return formattedKey
+}
+
 const config = {
   account: env.SNOWFLAKE_ACCOUNT,
   username: env.SNOWFLAKE_USERNAME,
-  password: env.SNOWFLAKE_PASSWORD,
+  authenticator: env.SNOWFLAKE_AUTHENTICATOR,
+  privateKey: formatPrivateKey(env.SNOWFLAKE_PRIVATE_KEY),
+  privateKeyPass: env.SNOWFLAKE_PRIVATE_KEY_PASSPHRASE,
   warehouse: env.SNOWFLAKE_WAREHOUSE,
-  database: env.SNOWFLAKE_DATABASE,
-  schema: env.SNOWFLAKE_SCHEMA,
   role: env.SNOWFLAKE_ROLE,
 }
 
-export function createSnowflakeConnection() {
+async function getSnowflake() {
+  if (process.env.NEXT_RUNTIME === 'edge') {
+    throw new Error('Snowflake SDK is not supported in Edge Runtime')
+  }
+  // Dynamically import snowflake-sdk to avoid build errors in Edge Runtime
+  return (await import('snowflake-sdk')).default
+}
+
+export async function createSnowflakeConnection(): Promise<Connection> {
+  const snowflake = await getSnowflake()
   return snowflake.createConnection(config)
 }
 
-export async function connectSnowflake(): Promise<snowflake.Connection> {
-  return new Promise((resolve, reject) => {
-    const connection = createSnowflakeConnection()
-    connection.connect((err, conn) => {
-      if (err) reject(err)
-      else resolve(conn)
-    })
+export async function connectSnowflake(): Promise<Connection> {
+  return new Promise(async (resolve, reject) => {
+    try {
+      const connection = await createSnowflakeConnection()
+      connection.connect((err, conn) => {
+        if (err) reject(err)
+        else resolve(conn)
+      })
+    } catch (error) {
+      reject(error)
+    }
   })
 }
 
 export async function executeQuery<T = unknown>(
-  connection: snowflake.Connection,
+  connection: Connection,
   sqlText: string,
   binds?: Bind[]
 ): Promise<T[]> {
@@ -43,7 +92,7 @@ export async function executeQuery<T = unknown>(
   })
 }
 
-export async function destroyConnection(connection: snowflake.Connection): Promise<void> {
+export async function destroyConnection(connection: Connection): Promise<void> {
   return new Promise((resolve, reject) => {
     connection.destroy((err) => {
       if (err) reject(err)

package/template/src/server/api/routes/health/database.ts

@@ -1,7 +1,5 @@
 import { Hono } from 'hono'
-import { db } from '@/server/db'
-import { healthCheckTests } from '@/server/db/schema/health-checks'
-import { eq } from 'drizzle-orm'
+import { supabaseAdmin } from '@/lib/supabase/admin'
 
 export const databaseHealthRoutes = new Hono()
 
@@ -12,24 +10,26 @@ databaseHealthRoutes.post('/write', async (c) => {
 
   try {
     // Delete any existing test row first
-    await db.delete(healthCheckTests).where(eq(healthCheckTests.testKey, TEST_KEY))
+    await supabaseAdmin.from('health_check_tests').delete().eq('test_key', TEST_KEY)
 
     // Insert a new test row
-    const result = await db
-      .insert(healthCheckTests)
-      .values({
-        testKey: TEST_KEY,
-        testValue: `test-${Date.now()}`,
+    const { data: result, error } = await supabaseAdmin
+      .from('health_check_tests')
+      .insert({
+        test_key: TEST_KEY,
+        test_value: `test-${Date.now()}`,
       })
-      .returning()
+      .select()
+
+    if (error) throw error
 
     return c.json({
       status: 'healthy',
       responseTimeMs: Math.round(performance.now() - start),
       message: 'Successfully wrote test row to database',
       data: {
-        id: result[0]?.id,
-        testKey: result[0]?.testKey,
+        id: result?.[0]?.id,
+        testKey: result?.[0]?.test_key,
       },
     })
   } catch (error) {
@@ -48,13 +48,15 @@ databaseHealthRoutes.get('/read', async (c) => {
   const start = performance.now()
 
   try {
-    const result = await db
-      .select()
-      .from(healthCheckTests)
-      .where(eq(healthCheckTests.testKey, TEST_KEY))
+    const { data: result, error } = await supabaseAdmin
+      .from('health_check_tests')
+      .select('*')
+      .eq('test_key', TEST_KEY)
       .limit(1)
 
-    if (result.length === 0) {
+    if (error) throw error
+
+    if (!result || result.length === 0) {
       return c.json({
         status: 'healthy',
         responseTimeMs: Math.round(performance.now() - start),
@@ -70,8 +72,8 @@ databaseHealthRoutes.get('/read', async (c) => {
       data: {
         found: true,
         id: result[0]?.id,
-        testKey: result[0]?.testKey,
-        createdAt: result[0]?.createdAt,
+        testKey: result[0]?.test_key,
+        createdAt: result[0]?.created_at,
       },
     })
   } catch (error) {
@@ -90,18 +92,39 @@ databaseHealthRoutes.delete('/delete', async (c) => {
   const start = performance.now()
 
   try {
-    const result = await db
-      .delete(healthCheckTests)
-      .where(eq(healthCheckTests.testKey, TEST_KEY))
-      .returning()
+    // Check if row exists first
+    const { data: result, error: readError } = await supabaseAdmin
+      .from('health_check_tests')
+      .select('*')
+      .eq('test_key', TEST_KEY)
+      .limit(1)
+
+    if (readError) throw readError
+
+    if (!result || result.length === 0) {
+      return c.json({
+        status: 'healthy',
+        responseTimeMs: Math.round(performance.now() - start),
+        message: 'Database connection successful, but no test row to delete',
+        data: { deleted: false },
+      })
+    }
+
+    // Delete the row
+    const { error: deleteError } = await supabaseAdmin
+      .from('health_check_tests')
+      .delete()
+      .eq('test_key', TEST_KEY)
+
+    if (deleteError) throw deleteError
 
     return c.json({
       status: 'healthy',
       responseTimeMs: Math.round(performance.now() - start),
       message: 'Successfully deleted test row from database',
       data: {
-        deleted: result.length > 0,
-        count: result.length,
+        deleted: true,
+        id: result[0]?.id,
       },
     })
   } catch (error) {
@@ -115,3 +138,4 @@ databaseHealthRoutes.delete('/delete', async (c) => {
     )
   }
 })
+

package/template/src/server/api/routes/health/edge-functions.ts

@@ -8,27 +8,31 @@ edgeFunctionsHealthRoutes.get('/ping', async (c) => {
   const start = performance.now()
 
   try {
-    // Note: This is a placeholder implementation
-    // In a real setup, you would have an actual edge function deployed
-    // and would invoke it using Supabase's invoke function
-
-    // For now, we'll simulate a successful ping by checking the Supabase connection
-    const { data, error } = await supabaseAdmin
-      .from('_test_connection_')
-      .select('*')
-      .limit(1)
+    // Invoke the 'health-check' edge function
+    const { data, error } = await supabaseAdmin.functions.invoke('health-check', {
+      body: { message: 'ping' },
+    })
 
-    // Even if the table doesn't exist, if we get a connection error, we know Supabase is reachable
-    // If we get a different error, it means the connection worked
+    if (error) {
+      // Return detailed error information
+      const errorDetails = error as any
+      return c.json({
+        status: 'error',
+        responseTimeMs: Math.round(performance.now() - start),
+        message: 'Edge Function invocation failed',
+        data: {
+          error: error.message,
+          context: errorDetails.context || 'No context available',
+          hint: 'Ensure the function is deployed: "supabase functions deploy health-check"'
+        }
+      })
+    }
 
     return c.json({
       status: 'healthy',
       responseTimeMs: Math.round(performance.now() - start),
-      message: 'Successfully pinged Supabase (edge functions placeholder)',
-      data: {
-        note: 'This is a placeholder - deploy an actual edge function to test real functionality',
-        supabaseUrl: env.NEXT_PUBLIC_SUPABASE_URL,
-      },
+      message: 'Successfully invoked edge function',
+      data,
     })
   } catch (error) {
     return c.json(
@@ -46,28 +50,56 @@ edgeFunctionsHealthRoutes.get('/auth', async (c) => {
   const start = performance.now()
 
   try {
-    // Note: This is a placeholder implementation
-    // In a real setup, you would invoke an edge function with an auth header
-    // and verify that the function can access and validate the auth token
-
-    // For now, we'll verify that we can create a valid auth header
+    // Verify that we can create a valid auth header and invoke the function
     const authHeader = c.req.header('authorization')
 
+    // If no auth header is provided to the health check endpoint, we can't test the downstream auth
+    if (!authHeader) {
+      return c.json({
+        status: 'warning', // Changed from error to warning/skipped if user isn't logged in
+        responseTimeMs: Math.round(performance.now() - start),
+        message: 'No auth header provided - skipping auth propagation check',
+        data: {
+          skipped: true,
+          reason: 'Client request did not include Authorization header',
+        },
+      })
+    }
+
+    const { data, error } = await supabaseAdmin.functions.invoke('health-check', {
+      body: { message: 'auth-check' },
+      headers: {
+        // We send the auth header in a custom header to verify it can be passed through
+        // We avoid overriding 'Authorization' to prevent Supabase Gateway from rejecting
+        // the request if the Clerk token hasn't been configured in Supabase yet.
+        'x-test-auth': authHeader,
+      },
+    })
+
+    if (error) {
+      // If we get an error from the function, it might be due to auth validation failure
+      // or the function crashing. We want to expose the error message.
+      const errorDetails = error as any
+      throw new Error(`Edge function invocation failed: ${error.message || 'Unknown error'}`)
+    }
+
     return c.json({
       status: 'healthy',
       responseTimeMs: Math.round(performance.now() - start),
-      message: 'Successfully verified auth header capability (edge functions placeholder)',
-      data: {
-        hasAuthHeader: !!authHeader,
-        note: 'This is a placeholder - deploy an actual edge function to test real functionality',
-      },
+      message: 'Successfully verified auth header with edge function',
+      data,
     })
   } catch (error) {
+    // Check if the error is due to a 401/403 from the function itself (which would come as an error response data if handled,
+    // or thrown if using invoke with certain options, but here likely a re-throw)
     return c.json(
       {
         status: 'error',
         responseTimeMs: Math.round(performance.now() - start),
         error: error instanceof Error ? error.message : 'Failed to test auth header',
+        data: {
+           details: error instanceof Error ? error.stack : undefined
+        }
       },
       500
     )

package/template/src/server/api/routes/health/framework.ts

@@ -1,6 +1,5 @@
 import { Hono } from 'hono'
-import { db } from '@/server/db'
-import { sql } from 'drizzle-orm'
+import { supabaseAdmin } from '@/lib/supabase/admin'
 
 export const frameworkHealthRoutes = new Hono()
 
@@ -20,15 +19,19 @@ frameworkHealthRoutes.get('/hono', (c) => {
 frameworkHealthRoutes.get('/drizzle', async (c) => {
   const start = performance.now()
   try {
-    // Simple SELECT 1 to verify ORM connection
-    await db.execute(sql`SELECT 1`)
+    // Note: Edge Runtime doesn't support direct Drizzle + postgres.js connection
+    // We check Supabase connection instead as a proxy for DB health
+    const { error } = await supabaseAdmin.from('health_check_tests').select('count').limit(1)
+    
+    if (error) throw error
     
     return c.json({
       status: 'healthy',
       responseTimeMs: Math.round(performance.now() - start),
-      message: 'Drizzle ORM is connected and executing queries',
+      message: 'Database access via Supabase Client is working (Edge compatible)',
       data: {
-        dialect: 'postgres',
+        mode: 'http-client',
+        platform: 'supabase',
       },
     })
   } catch (error) {
@@ -36,7 +39,7 @@ frameworkHealthRoutes.get('/drizzle', async (c) => {
       {
         status: 'error',
         responseTimeMs: Math.round(performance.now() - start),
-        error: error instanceof Error ? error.message : 'Drizzle ORM check failed',
+        error: error instanceof Error ? error.message : 'Database check failed',
       },
       500
     )