npm - @openhi/constructs - Versions diffs - 0.0.150 → 0.0.152 - Mend

@openhi/constructs 0.0.150 → 0.0.152

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/lib/{chunk-AWYZJFPL.mjs → chunk-CFJDATDK.mjs} +8 -1
package/lib/chunk-CFJDATDK.mjs.map +1 -0
package/lib/{chunk-I7IIPV5X.mjs → chunk-KR2Y2CVQ.mjs} +10 -4
package/lib/chunk-KR2Y2CVQ.mjs.map +1 -0
package/lib/{chunk-WGA43MMY.mjs → chunk-SXYY5WHG.mjs} +194 -71
package/lib/chunk-SXYY5WHG.mjs.map +1 -0
package/lib/{chunk-CEOAGPYY.mjs → chunk-ZXPA6W3G.mjs} +1 -3
package/lib/chunk-ZXPA6W3G.mjs.map +1 -0
package/lib/data-store-postgres-replication.handler.js +687 -0
package/lib/data-store-postgres-replication.handler.js.map +1 -1
package/lib/data-store-postgres-replication.handler.mjs +3 -2
package/lib/data-store-postgres-replication.handler.mjs.map +1 -1
package/lib/{events-CMG8xanm.d.ts → events-DTgo2dcW.d.mts} +2 -14
package/lib/{events-CMG8xanm.d.mts → events-DTgo2dcW.d.ts} +2 -14
package/lib/firehose-archive-transform.handler.js +688 -2
package/lib/firehose-archive-transform.handler.js.map +1 -1
package/lib/firehose-archive-transform.handler.mjs +3 -2
package/lib/index.d.mts +62 -8
package/lib/index.d.ts +62 -20
package/lib/index.js +53 -22
package/lib/index.js.map +1 -1
package/lib/index.mjs +36 -7
package/lib/index.mjs.map +1 -1
package/lib/provision-default-workspace.handler.js +6 -0
package/lib/provision-default-workspace.handler.js.map +1 -1
package/lib/provision-default-workspace.handler.mjs +1 -1
package/lib/rest-api-lambda.handler.js +6 -0
package/lib/rest-api-lambda.handler.js.map +1 -1
package/lib/rest-api-lambda.handler.mjs +1 -1
package/lib/seed-demo-data.handler.d.mts +14 -1
package/lib/seed-demo-data.handler.d.ts +14 -1
package/lib/seed-demo-data.handler.js +199 -68
package/lib/seed-demo-data.handler.js.map +1 -1
package/lib/seed-demo-data.handler.mjs +2 -2
package/package.json +5 -5
package/lib/chunk-AWYZJFPL.mjs.map +0 -1
package/lib/chunk-CEOAGPYY.mjs.map +0 -1
package/lib/chunk-I7IIPV5X.mjs.map +0 -1
package/lib/chunk-WGA43MMY.mjs.map +0 -1

package/lib/rest-api-lambda.handler.mjs CHANGED Viewed

@@ -23,7 +23,7 @@ import {
   createTenantOperation,
   createWorkspaceOperation,
   extractDenormalizedReferenceDisplay
-} from "./chunk-AWYZJFPL.mjs";
+} from "./chunk-CFJDATDK.mjs";
 import {
   buildMembershipUserProjectionItem,
   buildMembershipWorkspaceProjectionItem,

package/lib/seed-demo-data.handler.d.mts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { WorkflowDedupClient } from '@openhi/workflows';
 import { EventBridgeEvent } from 'aws-lambda';
-import { d as DemoDevUser } from './events-CMG8xanm.mjs';
+import { d as DemoDevUser } from './events-DTgo2dcW.mjs';
 import { O as OpenHiContext } from './openhi-context-CaBH8SFo.mjs';
 import '@openhi/types';
@@ -68,6 +68,19 @@ interface SeedDemoDataDependencies {
  * put is keyed by a deterministic stable id so re-runs after
  * dedup-TTL expiry upsert the same records.
  *
+ * Self-healing-on-every-deploy contract: every individual upsert
+ * across all three phases is wrapped via {@link tryRun}. A single
+ * item's failure (transient AWS error, write-time constraint
+ * violation, etc.) is collected into a per-call accumulator and
+ * does not skip the remaining items in its phase. After all phases
+ * run, collected failures are aggregate-thrown as a single error so
+ * EventBridge still routes the workflow into its failure-detection
+ * path (DLQ + CloudWatch alarm) and the outer `runSeedDemoData`
+ * records `markFailed` on the dedup row. Because every put is keyed
+ * by a deterministic stable id, the next deploy re-attempts every
+ * item — failed items eventually heal, successful items overwrite
+ * themselves with the same body.
+ *
  * Exported so the seeder test file can exercise it directly against
  * a mocked DynamoControlService; the production handler reaches it
  * through {@link SeedDemoDataDependencies.seedDemoGraph}.

package/lib/seed-demo-data.handler.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { WorkflowDedupClient } from '@openhi/workflows';
 import { EventBridgeEvent } from 'aws-lambda';
-import { d as DemoDevUser } from './events-CMG8xanm.js';
+import { d as DemoDevUser } from './events-DTgo2dcW.js';
 import { O as OpenHiContext } from './openhi-context-CaBH8SFo.js';
 import '@openhi/types';
@@ -68,6 +68,19 @@ interface SeedDemoDataDependencies {
  * put is keyed by a deterministic stable id so re-runs after
  * dedup-TTL expiry upsert the same records.
  *
+ * Self-healing-on-every-deploy contract: every individual upsert
+ * across all three phases is wrapped via {@link tryRun}. A single
+ * item's failure (transient AWS error, write-time constraint
+ * violation, etc.) is collected into a per-call accumulator and
+ * does not skip the remaining items in its phase. After all phases
+ * run, collected failures are aggregate-thrown as a single error so
+ * EventBridge still routes the workflow into its failure-detection
+ * path (DLQ + CloudWatch alarm) and the outer `runSeedDemoData`
+ * records `markFailed` on the dedup row. Because every put is keyed
+ * by a deterministic stable id, the next deploy re-attempts every
+ * item — failed items eventually heal, successful items overwrite
+ * themselves with the same body.
+ *
  * Exported so the seeder test file can exercise it directly against
  * a mocked DynamoControlService; the production handler reaches it
  * through {@link SeedDemoDataDependencies.seedDemoGraph}.

package/lib/seed-demo-data.handler.js CHANGED Viewed

@@ -723,11 +723,15 @@ var import_workflows2 = __toESM(require_lib());
 // src/workflows/control-plane/seed-demo-data/events.ts
 var import_types = require("@openhi/types");
 var import_workflows = __toESM(require_lib());
+// src/data/operations/control/membership-constraints/platform-scope-tenant-id.ts
+var PLATFORM_SCOPE_TENANT_ID = "platform";
+// src/workflows/control-plane/seed-demo-data/events.ts
 var SEED_DEMO_DATA_CONSUMER_NAME = "seed-demo-data";
 var DEMO_URN_SYSTEM = "urn:openhi:demo";
 var OPENHI_RESOURCE_URN_SYSTEM = "http://openhi.org/";
 var DEMO_PERIOD = { start: "2026-01-01T00:00:00Z" };
-var PLATFORM_SCOPE_TENANT_ID = "platform";
 var PLACEHOLDER_TENANT_ID = "placeholder-tenant-id";
 var PLACEHOLDER_WORKSPACE_ID = "placeholder-workspace-id";
 var DEV_USERS = [
@@ -3510,6 +3514,9 @@ function buildRoleAssignmentWorkspaceProjectionItem(input) {
 var TENANT_LANE_SK_PREFIX = "MEMBERSHIP#TENANT#";
 async function assertUserHasTenantMembershipOperation(params) {
   const { userId, tenantId, tableName } = params;
+  if (tenantId === PLATFORM_SCOPE_TENANT_ID) {
+    return;
+  }
   const service = getDynamoControlService(tableName);
   const result = await service.entities.membershipUserProjection.query.record({ userId }).begins({ sk: TENANT_LANE_SK_PREFIX }).go();
   const matched = (result.data ?? []).some((row) => row.tenantId === tenantId);
@@ -5017,6 +5024,25 @@ var errorMessage = (err) => {
   }
   return String(err);
 };
+var tryRun = async (failures, phase, scope, resourceType, resourceId, fn) => {
+  try {
+    await fn();
+    return true;
+  } catch (err) {
+    failures.push({ phase, scope, resourceType, resourceId, error: err });
+    return false;
+  }
+};
+var aggregateFailureError = (failures) => {
+  const summary = failures.map(
+    (f) => `${f.phase} ${f.scope}/${f.resourceType}/${f.resourceId}: ${errorMessage(
+      f.error
+    )}`
+  ).join("; ");
+  return new Error(
+    `seed-demo-data: ${failures.length} item(s) failed across phases: ${summary}`
+  );
+};
 var idForRoleCode = (code) => {
   for (const key of Object.keys(import_types12.PLATFORM_ROLE_IDS)) {
     if (import_types12.PLATFORM_ROLE_CONCEPTS[key].code === code) {
@@ -5126,95 +5152,180 @@ var upsertUser = async (context, user, cognitoSub) => {
     lastUpdated: context.date ?? (/* @__PURE__ */ new Date()).toISOString()
   }).go();
 };
-var seedWorkspaceDataPlane = async (baseContext, group) => {
+var seedWorkspaceDataPlane = async (baseContext, group, failures) => {
   const workspaceContext = {
     ...baseContext,
     tenantId: group.tenantId,
     workspaceId: group.workspaceId
   };
+  const scope = `${group.tenantId}/${group.workspaceId}`;
   for (const patient of group.patients) {
-    await createPatientOperation({
-      context: workspaceContext,
-      body: patient
-    });
+    await tryRun(
+      failures,
+      "phase-3",
+      scope,
+      "Patient",
+      patient.id ?? "",
+      () => createPatientOperation({
+        context: workspaceContext,
+        body: patient
+      })
+    );
   }
   for (const practitioner of group.practitioners) {
-    await createPractitionerOperation({
-      context: workspaceContext,
-      body: practitioner
-    });
+    await tryRun(
+      failures,
+      "phase-3",
+      scope,
+      "Practitioner",
+      practitioner.id ?? "",
+      () => createPractitionerOperation({
+        context: workspaceContext,
+        body: practitioner
+      })
+    );
   }
   for (const observation of group.observations) {
-    await createObservationOperation({
-      context: workspaceContext,
-      body: observation
-    });
+    await tryRun(
+      failures,
+      "phase-3",
+      scope,
+      "Observation",
+      observation.id ?? "",
+      () => createObservationOperation({
+        context: workspaceContext,
+        body: observation
+      })
+    );
   }
   for (const encounter of group.encounters) {
-    await createEncounterOperation({
-      context: workspaceContext,
-      body: encounter
-    });
+    await tryRun(
+      failures,
+      "phase-3",
+      scope,
+      "Encounter",
+      encounter.id ?? "",
+      () => createEncounterOperation({
+        context: workspaceContext,
+        body: encounter
+      })
+    );
   }
   for (const account of group.accounts) {
-    await createAccountOperation({
-      context: workspaceContext,
-      body: account
-    });
+    await tryRun(
+      failures,
+      "phase-3",
+      scope,
+      "Account",
+      account.id ?? "",
+      () => createAccountOperation({
+        context: workspaceContext,
+        body: account
+      })
+    );
   }
 };
 var seedDemoGraph = async (params) => {
   const { baseContext, devUsers, cognito } = params;
+  const failures = [];
   for (const spec of DEMO_TENANT_SPECS) {
     const tenantContext = {
       ...baseContext,
       tenantId: spec.tenantId
     };
-    await createTenantOperation({
-      context: tenantContext,
-      body: { id: spec.tenantId, resource: tenantResourceBody(spec) }
-    });
-    for (const workspace of spec.workspaces) {
-      await createWorkspaceOperation({
+    await tryRun(
+      failures,
+      "phase-1",
+      spec.tenantId,
+      "Tenant",
+      spec.tenantId,
+      () => createTenantOperation({
         context: tenantContext,
-        body: {
-          id: workspace.id,
-          resource: workspaceResourceBody(spec, workspace)
-        }
-      });
+        body: { id: spec.tenantId, resource: tenantResourceBody(spec) }
+      })
+    );
+    for (const workspace of spec.workspaces) {
+      await tryRun(
+        failures,
+        "phase-1",
+        spec.tenantId,
+        "Workspace",
+        workspace.id,
+        () => createWorkspaceOperation({
+          context: tenantContext,
+          body: {
+            id: workspace.id,
+            resource: workspaceResourceBody(spec, workspace)
+          }
+        })
+      );
     }
   }
   for (const user of devUsers) {
-    const cognitoSub = await cognito.ensureUser(user.email);
-    await upsertUser(baseContext, user, cognitoSub);
+    let cognitoSub;
+    try {
+      cognitoSub = await cognito.ensureUser(user.email);
+    } catch (err) {
+      failures.push({
+        phase: "phase-2",
+        scope: user.id,
+        resourceType: "CognitoUser",
+        resourceId: user.email,
+        error: err
+      });
+      continue;
+    }
+    await tryRun(
+      failures,
+      "phase-2",
+      user.id,
+      "User",
+      user.id,
+      () => upsertUser(baseContext, user, cognitoSub)
+    );
     for (const spec of DEMO_TENANT_SPECS) {
       const tenantContext = {
         ...baseContext,
         tenantId: spec.tenantId
       };
+      const userScope = `${user.id}@${spec.tenantId}`;
       const membershipId = demoMembershipId(user.id, spec.tenantId);
-      await createMembershipOperation({
-        context: tenantContext,
-        body: {
-          id: membershipId,
-          resource: membershipResourceBody(spec, user, membershipId)
-        }
-      });
-      for (const roleCode of demoRolesForUserInTenant(user, spec.tenantId)) {
-        const raId = demoRoleAssignmentId(user.id, spec.tenantId, roleCode);
-        await createRoleAssignmentOperation({
+      await tryRun(
+        failures,
+        "phase-2",
+        userScope,
+        "Membership",
+        membershipId,
+        () => createMembershipOperation({
           context: tenantContext,
           body: {
-            id: raId,
-            resource: roleAssignmentResourceBody(
-              spec.scenario,
-              spec.tenantId,
-              user,
-              roleCode,
-              raId
-            )
+            id: membershipId,
+            resource: membershipResourceBody(spec, user, membershipId)
           }
-        });
+        })
+      );
+      for (const roleCode of demoRolesForUserInTenant(user, spec.tenantId)) {
+        const raId = demoRoleAssignmentId(user.id, spec.tenantId, roleCode);
+        await tryRun(
+          failures,
+          "phase-2",
+          userScope,
+          "RoleAssignment",
+          raId,
+          () => createRoleAssignmentOperation({
+            context: tenantContext,
+            body: {
+              id: raId,
+              resource: roleAssignmentResourceBody(
+                spec.scenario,
+                spec.tenantId,
+                user,
+                roleCode,
+                raId
+              )
+            }
+          })
+        );
       }
     }
     const platformContext = {
@@ -5227,22 +5338,42 @@ var seedDemoGraph = async (params) => {
       PLATFORM_SCOPE_TENANT_ID,
       platformRoleCode
     );
-    await createRoleAssignmentOperation({
-      context: platformContext,
-      body: {
-        id: platformRaId,
-        resource: roleAssignmentResourceBody(
-          "platform",
-          PLATFORM_SCOPE_TENANT_ID,
-          user,
-          platformRoleCode,
-          platformRaId
-        )
-      }
-    });
+    await tryRun(
+      failures,
+      "phase-2",
+      `${user.id}@${PLATFORM_SCOPE_TENANT_ID}`,
+      "RoleAssignment",
+      platformRaId,
+      () => createRoleAssignmentOperation({
+        context: platformContext,
+        body: {
+          id: platformRaId,
+          resource: roleAssignmentResourceBody(
+            "platform",
+            PLATFORM_SCOPE_TENANT_ID,
+            user,
+            platformRoleCode,
+            platformRaId
+          )
+        }
+      })
+    );
   }
   for (const group of DEMO_DATA_PLANE_FIXTURES) {
-    await seedWorkspaceDataPlane(baseContext, group);
+    try {
+      await seedWorkspaceDataPlane(baseContext, group, failures);
+    } catch (err) {
+      failures.push({
+        phase: "phase-3",
+        scope: `${group.tenantId}/${group.workspaceId}`,
+        resourceType: "Workspace",
+        resourceId: group.workspaceId,
+        error: err
+      });
+    }
+  }
+  if (failures.length > 0) {
+    throw aggregateFailureError(failures);
   }
 };
 var runSeedDemoData = async (event, deps, devUsers) => {