npm - @odvi/create-dtt-framework - Versions diffs - 0.1.8 → 0.1.9 - Mend

@odvi/create-dtt-framework 0.1.8 → 0.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/package.json +1 -1
package/template/.env.example +117 -106
package/template/docs/framework/environment-variables.md +52 -0
package/template/src/config/env.ts +5 -0
package/template/src/features/health-check/config.ts +7 -0
package/template/src/server/api/routes/health/aws-s3.ts +59 -0
package/template/src/server/api/routes/health/index.ts +7 -3

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@odvi/create-dtt-framework",
-  "version": "0.1.8",
+  "version": "0.1.9",
   "description": "CLI tool to scaffold new projects with DTT Framework",
   "type": "module",
   "bin": {

package/template/.env.example CHANGED Viewed

@@ -1,106 +1,117 @@
-# Since the ".env" file is gitignored, you can use the ".env.example" file to
-# build a new ".env" file when you clone the repo. Keep this file up-to-date
-# when you add new variables to `.env`.
-# This file will be committed to version control, so make sure not to have any
-# secrets in it. If you are cloning this repo, create a copy of this file named
-# ".env" and populate it with your secrets.
-# When adding additional environment variables, the schema in "/src/env.js"
-# should be updated accordingly.
-# ========================================
-# App Configuration
-# ========================================
-# The base URL of your application. Used for redirects, webhooks, and callbacks.
-# In development: http://localhost:3000
-# In production: https://your-domain.com
-NEXT_PUBLIC_APP_URL=http://localhost:3000
-# ========================================
-# Clerk Authentication
-# ========================================
-# Clerk publishable key - used on the client side for authentication
-# Get this from your Clerk Dashboard > API Keys > Publishable Key
-NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=pk_test_xxx
-# Clerk secret key - used on the server side for authentication
-# Get this from your Clerk Dashboard > API Keys > Secret Key
-CLERK_SECRET_KEY=sk_test_xxx
-# Clerk webhook secret - used to verify webhook events from Clerk
-# Get this from your Clerk Dashboard > Webhooks > Add Endpoint > Signing Secret
-CLERK_WEBHOOK_SECRET=whsec_xxx
-# URL path for the sign-in page
-NEXT_PUBLIC_CLERK_SIGN_IN_URL=/sign-in
-# URL path for the sign-up page
-NEXT_PUBLIC_CLERK_SIGN_UP_URL=/sign-up
-# Where to redirect users after successful sign-in
-NEXT_PUBLIC_CLERK_AFTER_SIGN_IN_URL=/health
-# Where to redirect users after successful sign-up
-NEXT_PUBLIC_CLERK_AFTER_SIGN_UP_URL=/health
-# ========================================
-# Supabase
-# ========================================
-# Supabase project URL - found in your Supabase project settings
-NEXT_PUBLIC_SUPABASE_URL=https://xxx.supabase.co
-# Supabase anonymous/public key - safe to expose on client side
-# Found in your Supabase project settings under API keys
-NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJxxx
-# Supabase service role key - full admin access, keep secret!
-# Found in your Supabase project settings under API keys
-SUPABASE_SERVICE_ROLE_KEY=eyJxxx
-# PostgreSQL connection string for Drizzle ORM
-# Use Supabase's Transaction mode pooler for better performance
-# Format: postgresql://postgres.[ref]:[password]@aws-0-[region].pooler.supabase.com:6543/postgres
-DATABASE_URL=postgresql://postgres.[ref]:[password]@aws-0-[region].pooler.supabase.com:6543/postgres
-# ========================================
-# Snowflake Data Warehouse
-# ========================================
-# Snowflake account identifier (e.g., ef19411.ap-southeast-1)
-SNOWFLAKE_ACCOUNT=ef19411.ap-southeast-1
-# Snowflake warehouse to use
-SNOWFLAKE_WAREHOUSE=COMPUTE_WH
-# Snowflake role
-SNOWFLAKE_ROLE=ACCOUNTADMIN
-# Authentication method (SNOWFLAKE_JWT for Key Pair Auth)
-SNOWFLAKE_AUTHENTICATOR=SNOWFLAKE_JWT
-# Snowflake username
-SNOWFLAKE_USERNAME=APP_USER_WITH_KEY_AUTH
-# Private Key for Authentication (PEM format)
-SNOWFLAKE_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----
-...
------END PRIVATE KEY-----"
-# Passphrase for the Private Key (if encrypted)
-SNOWFLAKE_PRIVATE_KEY_PASSPHRASE="<password>"
-# Enable logging (optional)
-SNOWFLAKE_LOGGING=true
-# ========================================
-# NextBank API (Placeholder)
-# ========================================
-# Base URL for the NextBank API endpoint
-NEXTBANK_API=https://api.nextbank.com
-# Username for NextBank Basic Authentication
-NEXTBANK_API_USERNAME=user
-# Password for NextBank Basic Authentication
-NEXTBANK_API_PASSWORD=pass
+# Since the ".env" file is gitignored, you can use the ".env.example" file to
+# build a new ".env" file when you clone the repo. Keep this file up-to-date
+# when you add new variables to `.env`.
+# This file will be committed to version control, so make sure not to have any
+# secrets in it. If you are cloning this repo, create a copy of this file named
+# ".env" and populate it with your secrets.
+# When adding additional environment variables, the schema in "/src/env.js"
+# should be updated accordingly.
+# ========================================
+# App Configuration
+# ========================================
+# The base URL of your application. Used for redirects, webhooks, and callbacks.
+# In development: http://localhost:3000
+# In production: https://your-domain.com
+NEXT_PUBLIC_APP_URL=http://localhost:3000
+# ========================================
+# Clerk Authentication
+# ========================================
+# Clerk publishable key - used on the client side for authentication
+# Get this from your Clerk Dashboard > API Keys > Publishable Key
+NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=pk_test_xxx
+# Clerk secret key - used on the server side for authentication
+# Get this from your Clerk Dashboard > API Keys > Secret Key
+CLERK_SECRET_KEY=sk_test_xxx
+# Clerk webhook secret - used to verify webhook events from Clerk
+# Get this from your Clerk Dashboard > Webhooks > Add Endpoint > Signing Secret
+CLERK_WEBHOOK_SECRET=whsec_xxx
+# URL path for the sign-in page
+NEXT_PUBLIC_CLERK_SIGN_IN_URL=/sign-in
+# URL path for the sign-up page
+NEXT_PUBLIC_CLERK_SIGN_UP_URL=/sign-up
+# Where to redirect users after successful sign-in
+NEXT_PUBLIC_CLERK_AFTER_SIGN_IN_URL=/health
+# Where to redirect users after successful sign-up
+NEXT_PUBLIC_CLERK_AFTER_SIGN_UP_URL=/health
+# ========================================
+# Supabase
+# ========================================
+# Supabase project URL - found in your Supabase project settings
+NEXT_PUBLIC_SUPABASE_URL=https://xxx.supabase.co
+# Supabase anonymous/public key - safe to expose on client side
+# Found in your Supabase project settings under API keys
+NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJxxx
+# Supabase service role key - full admin access, keep secret!
+# Found in your Supabase project settings under API keys
+SUPABASE_SERVICE_ROLE_KEY=eyJxxx
+# PostgreSQL connection string for Drizzle ORM
+# Use Supabase's Transaction mode pooler for better performance
+# Format: postgresql://postgres.[ref]:[password]@aws-0-[region].pooler.supabase.com:6543/postgres
+DATABASE_URL=postgresql://postgres.[ref]:[password]@aws-0-[region].pooler.supabase.com:6543/postgres
+# ========================================
+# Snowflake Data Warehouse
+# ========================================
+# Snowflake account identifier (e.g., ef19411.ap-southeast-1)
+SNOWFLAKE_ACCOUNT=ef19411.ap-southeast-1
+# Snowflake warehouse to use
+SNOWFLAKE_WAREHOUSE=COMPUTE_WH
+# Snowflake role
+SNOWFLAKE_ROLE=ACCOUNTADMIN
+# Authentication method (SNOWFLAKE_JWT for Key Pair Auth)
+SNOWFLAKE_AUTHENTICATOR=SNOWFLAKE_JWT
+# Snowflake username
+SNOWFLAKE_USERNAME=APP_USER_WITH_KEY_AUTH
+# Private Key for Authentication (PEM format)
+SNOWFLAKE_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----
+...
+-----END PRIVATE KEY-----"
+# Passphrase for the Private Key (if encrypted)
+SNOWFLAKE_PRIVATE_KEY_PASSPHRASE="<password>"
+# Enable logging (optional)
+SNOWFLAKE_LOGGING=true
+# ========================================
+# AWS S3 (Optional)
+# ========================================
+# AWS Access Key ID for S3 access
+AWS_ACCESS_KEY_ID=AKIA...
+# AWS Secret Access Key for S3 access
+AWS_ACCESS_SECRET_KEY=wJalr...
+# AWS Region where your S3 buckets are located (e.g., us-east-1)
+AWS_REGION=us-east-1
+# ========================================
+# NextBank API (Placeholder)
+# ========================================
+# Base URL for the NextBank API endpoint
+NEXTBANK_API=https://api.nextbank.com
+# Username for NextBank Basic Authentication
+NEXTBANK_API_USERNAME=user
+# Password for NextBank Basic Authentication
+NEXTBANK_API_PASSWORD=pass

package/template/docs/framework/environment-variables.md CHANGED Viewed

@@ -97,6 +97,19 @@ SNOWFLAKE_SCHEMA=PUBLIC
 # Snowflake role name
 SNOWFLAKE_ROLE=ANALYST
+# ============================================
+# AWS S3 (Optional)
+# ============================================
+# AWS Access Key ID
+AWS_ACCESS_KEY_ID=AKIA...
+# AWS Secret Access Key
+AWS_ACCESS_SECRET_KEY=wJalr...
+# AWS Region (e.g., us-east-1, ap-southeast-1)
+AWS_REGION=us-east-1
 # ============================================
 # NextBank (Placeholder - Optional)
 # ============================================
@@ -418,6 +431,45 @@ SNOWFLAKE_ROLE=ANALYST
 ---
+### AWS S3 Variables (Optional)
+#### AWS_ACCESS_KEY_ID
+**Purpose:** AWS Access Key ID for S3 access
+**Where to find:** AWS IAM Console → Users → Security credentials
+**Example:**
+```bash
+AWS_ACCESS_KEY_ID=AKIA...
+```
+#### AWS_ACCESS_SECRET_KEY
+**Purpose:** AWS Secret Access Key for S3 access
+**Where to find:** AWS IAM Console → Users → Security credentials (only visible when created)
+**Example:**
+```bash
+AWS_ACCESS_SECRET_KEY=wJalr...
+```
+**Notes:**
+- Never commit to version control
+- Ensure the user has appropriate S3 permissions (e.g., `AmazonS3ReadOnlyAccess` or custom policy)
+#### AWS_REGION
+**Purpose:** AWS Region where your S3 buckets are located
+**Example:**
+```bash
+AWS_REGION=us-east-1
+```
+---
 ### NextBank Variables (Placeholder)
 **Note:** NextBank is a placeholder integration. These variables are optional and not currently used.

package/template/src/config/env.ts CHANGED Viewed

@@ -30,6 +30,11 @@ const envSchema = z.object({
   NEXTBANK_API: z.string().url().optional(),
   NEXTBANK_API_USERNAME: z.string().optional(),
   NEXTBANK_API_PASSWORD: z.string().optional(),
+  // AWS S3 (optional)
+  AWS_ACCESS_KEY_ID: z.string().optional(),
+  AWS_ACCESS_SECRET_KEY: z.string().optional(),
+  AWS_REGION: z.string().optional(),
 })
 export const env = envSchema.parse(process.env)

package/template/src/features/health-check/config.ts CHANGED Viewed

@@ -52,6 +52,13 @@ export const SERVICES = [
       { name: 'Ping API', endpoint: '/nextbank/ping' },
     ],
   },
+  {
+    name: 'AWS S3',
+    icon: 'cloud',
+    checks: [
+      { name: 'Connect', endpoint: '/aws-s3/connect' },
+    ],
+  },
   {
     name: 'Framework',
     icon: 'code',

package/template/src/server/api/routes/health/aws-s3.ts ADDED Viewed

@@ -0,0 +1,59 @@
+import { Hono } from 'hono'
+import { S3Client, ListBucketsCommand } from '@aws-sdk/client-s3'
+import { env } from '@/config/env'
+export const awsS3HealthRoutes = new Hono()
+awsS3HealthRoutes.get('/connect', async (c) => {
+  const start = performance.now()
+  try {
+    // Check if credentials are configured
+    if (!env.AWS_ACCESS_KEY_ID || !env.AWS_ACCESS_SECRET_KEY || !env.AWS_REGION) {
+      return c.json({
+        status: 'warning',
+        responseTimeMs: Math.round(performance.now() - start),
+        message: 'AWS S3 credentials not configured - skipping connection check',
+        data: {
+          skipped: true,
+          reason: 'Missing AWS_ACCESS_KEY_ID, AWS_ACCESS_SECRET_KEY, or AWS_REGION',
+        },
+      })
+    }
+    const s3Client = new S3Client({
+      region: env.AWS_REGION,
+      credentials: {
+        accessKeyId: env.AWS_ACCESS_KEY_ID,
+        secretAccessKey: env.AWS_ACCESS_SECRET_KEY,
+      },
+    })
+    // Try to list buckets to verify connectivity and credentials
+    const command = new ListBucketsCommand({})
+    const response = await s3Client.send(command)
+    return c.json({
+      status: 'healthy',
+      responseTimeMs: Math.round(performance.now() - start),
+      message: 'Successfully connected to AWS S3',
+      data: {
+        region: env.AWS_REGION,
+        bucketCount: response.Buckets?.length ?? 0,
+      },
+    })
+  } catch (error) {
+    return c.json(
+      {
+        status: 'error',
+        responseTimeMs: Math.round(performance.now() - start),
+        error: error instanceof Error ? error.message : 'Failed to connect to AWS S3',
+        data: {
+          details: error instanceof Error ? error.stack : undefined,
+        },
+      },
+      500
+    )
+  }
+})

package/template/src/server/api/routes/health/index.ts CHANGED Viewed

@@ -6,6 +6,7 @@ import { edgeFunctionsHealthRoutes } from './edge-functions'
 import { snowflakeHealthRoutes } from './snowflake'
 import { nextbankHealthRoutes } from './nextbank'
 import { frameworkHealthRoutes } from './framework'
+import { awsS3HealthRoutes } from './aws-s3'
 export const healthRoutes = new Hono()
@@ -16,6 +17,7 @@ healthRoutes.route('/edge', edgeFunctionsHealthRoutes)
 healthRoutes.route('/snowflake', snowflakeHealthRoutes)
 healthRoutes.route('/nextbank', nextbankHealthRoutes)
 healthRoutes.route('/framework', frameworkHealthRoutes)
+healthRoutes.route('/aws-s3', awsS3HealthRoutes)
 healthRoutes.get('/all', async (c) => {
   const start = performance.now()
@@ -38,6 +40,7 @@ healthRoutes.get('/all', async (c) => {
     { name: 'Snowflake Query', url: `${baseUrl}/api/health/snowflake/query` },
     { name: 'NextBank Ping', url: `${baseUrl}/api/health/nextbank/ping` },
     { name: 'NextBank Auth', url: `${baseUrl}/api/health/nextbank/auth` },
+    { name: 'AWS S3 Connect', url: `${baseUrl}/api/health/aws-s3/connect` },
   ]
   // Run all checks in parallel
@@ -46,7 +49,7 @@ healthRoutes.get('/all', async (c) => {
       const checkStart = performance.now()
       try {
         const response = await fetch(check.url, {
-          method: check.method || 'GET',
+          method: check.method ?? 'GET',
           headers: {
             'Content-Type': 'application/json',
             // Forward auth header if present
@@ -60,7 +63,7 @@ healthRoutes.get('/all', async (c) => {
         return {
           name: check.name,
-          status: response.ok ? data.status || 'healthy' : 'error',
+          status: response.ok ? data.status ?? 'healthy' : 'error',
           responseTimeMs: Math.round(performance.now() - checkStart),
           httpStatus: response.status,
           data,
@@ -85,12 +88,13 @@ healthRoutes.get('/all', async (c) => {
     edge: results.filter((r) => r.status === 'fulfilled' && r.value.name.includes('Edge')),
     snowflake: results.filter((r) => r.status === 'fulfilled' && r.value.name.includes('Snowflake')),
     nextbank: results.filter((r) => r.status === 'fulfilled' && r.value.name.includes('NextBank')),
+    awsS3: results.filter((r) => r.status === 'fulfilled' && r.value.name.includes('AWS S3')),
   }
   // Determine overall status
   const allResults = results.map((r) => (r.status === 'fulfilled' ? r.value : null))
   const hasErrors = allResults.some((r) => r && (r.status === 'error' || r.httpStatus >= 400))
-  const allHealthy = allResults.every((r) => r && r.status === 'healthy')
+  const allHealthy = allResults.every((r) => r?.status === 'healthy')
   return c.json({
     status: hasErrors ? 'unhealthy' : allHealthy ? 'healthy' : 'partial',