@stacksolo/plugin-gcp-kernel 0.1.0

package/service/package.json

@@ -0,0 +1,26 @@
+{
+  "name": "stacksolo-gcp-kernel-service",
+  "version": "0.1.0",
+  "description": "StackSolo GCP kernel service - HTTP + Pub/Sub (serverless alternative to NATS kernel)",
+  "type": "module",
+  "main": "dist/index.js",
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsx watch src/index.ts",
+    "start": "node dist/index.js"
+  },
+  "dependencies": {
+    "@google-cloud/pubsub": "^4.0.0",
+    "@google-cloud/storage": "^7.0.0",
+    "firebase-admin": "^12.0.0",
+    "express": "^4.18.0",
+    "cors": "^2.8.5"
+  },
+  "devDependencies": {
+    "@types/express": "^4.17.21",
+    "@types/cors": "^2.8.17",
+    "@types/node": "^20.0.0",
+    "tsx": "^4.0.0",
+    "typescript": "^5.0.0"
+  }
+}

package/service/src/index.ts

@@ -0,0 +1,77 @@
+/**
+ * GCP Kernel Service
+ *
+ * A fully GCP-native kernel implementation:
+ * - Express HTTP server for all endpoints
+ * - Cloud Pub/Sub for event messaging (replaces NATS/JetStream)
+ * - Cloud Storage for file operations
+ * - Firebase Admin SDK for token validation
+ *
+ * Endpoints:
+ * - GET  /health          - Health check
+ * - POST /auth/validate   - Validate Firebase token
+ * - POST /files/upload-url    - Get signed upload URL
+ * - POST /files/download-url  - Get signed download URL
+ * - POST /files/list          - List files with prefix
+ * - POST /files/delete        - Delete file
+ * - POST /files/move          - Move/rename file
+ * - POST /files/metadata      - Get file metadata
+ * - POST /events/publish      - Publish event to Pub/Sub
+ * - POST /events/subscribe    - Register HTTP push subscription
+ * - POST /events/unsubscribe  - Remove subscription
+ * - GET  /events/subscriptions - List subscriptions
+ */
+
+import express from 'express';
+import cors from 'cors';
+import { initializeFirebase } from './services/firebase.js';
+import { startEventConsumer } from './services/pubsub.js';
+import { healthRouter } from './routes/health.js';
+import { authRouter } from './routes/auth.js';
+import { filesRouter } from './routes/files.js';
+import { eventsRouter } from './routes/events.js';
+
+const app = express();
+const PORT = parseInt(process.env.PORT || '8080', 10);
+
+// Middleware
+app.use(cors());
+app.use(express.json());
+
+// Initialize Firebase
+initializeFirebase();
+
+// Start event consumer for HTTP push delivery
+startEventConsumer().catch((error) => {
+  console.error('Failed to start event consumer:', error);
+});
+
+// Routes
+app.use('/health', healthRouter);
+app.use('/auth', authRouter);
+app.use('/files', filesRouter);
+app.use('/events', eventsRouter);
+
+// Root endpoint
+app.get('/', (_req, res) => {
+  res.json({
+    service: 'stacksolo-gcp-kernel',
+    version: '0.1.0',
+    type: 'gcp',
+    endpoints: {
+      health: '/health',
+      auth: '/auth/validate',
+      files: '/files/*',
+      events: '/events/*',
+    },
+  });
+});
+
+// Start server
+app.listen(PORT, () => {
+  console.log(`GCP Kernel service running on port ${PORT}`);
+  console.log(`Environment: ${process.env.NODE_ENV || 'development'}`);
+  console.log(`GCP Project: ${process.env.GCP_PROJECT_ID || 'not set'}`);
+  console.log(`Storage Bucket: ${process.env.GCS_BUCKET || 'not set'}`);
+  console.log(`Pub/Sub Topic: ${process.env.PUBSUB_EVENTS_TOPIC || 'not set'}`);
+});

package/service/src/routes/auth.ts

@@ -0,0 +1,51 @@
+/**
+ * Auth Routes
+ *
+ * POST /auth/validate - Validate Firebase ID token
+ */
+
+import { Router, Request, Response } from 'express';
+import { validateToken } from '../services/firebase.js';
+
+export const authRouter = Router();
+
+interface ValidateRequest {
+  token: string;
+}
+
+authRouter.post('/validate', async (req: Request, res: Response) => {
+  try {
+    const { token } = req.body as ValidateRequest;
+
+    if (!token) {
+      res.status(400).json({
+        error: 'Token is required',
+        code: 'MISSING_TOKEN',
+      });
+      return;
+    }
+
+    const result = await validateToken(token);
+
+    if (result.valid) {
+      res.json({
+        valid: true,
+        uid: result.uid,
+        email: result.email,
+        claims: result.claims,
+      });
+    } else {
+      res.status(401).json({
+        valid: false,
+        error: result.error,
+        code: 'INVALID_TOKEN',
+      });
+    }
+  } catch (error) {
+    console.error('Auth validation error:', error);
+    res.status(500).json({
+      error: 'Internal server error',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});

package/service/src/routes/events.ts

@@ -0,0 +1,148 @@
+/**
+ * Events Routes
+ *
+ * POST /events/publish      - Publish event to Pub/Sub
+ * POST /events/subscribe    - Register HTTP push subscription
+ * POST /events/unsubscribe  - Remove subscription
+ * GET  /events/subscriptions - List subscriptions
+ */
+
+import { Router, Request, Response } from 'express';
+import {
+  publishEvent,
+  createSubscription,
+  deleteSubscription,
+  listSubscriptions,
+} from '../services/pubsub.js';
+
+export const eventsRouter = Router();
+
+// POST /events/publish
+eventsRouter.post('/publish', async (req: Request, res: Response) => {
+  try {
+    const { eventType, data, metadata } = req.body as {
+      eventType: string;
+      data: unknown;
+      metadata?: Record<string, string>;
+    };
+
+    if (!eventType) {
+      res.status(400).json({
+        error: 'eventType is required',
+        code: 'MISSING_EVENT_TYPE',
+      });
+      return;
+    }
+
+    const result = await publishEvent(eventType, data, metadata);
+    res.json({
+      published: true,
+      ...result,
+    });
+  } catch (error) {
+    console.error('Error publishing event:', error);
+    res.status(500).json({
+      error: 'Failed to publish event',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});
+
+// POST /events/subscribe
+eventsRouter.post('/subscribe', async (req: Request, res: Response) => {
+  try {
+    const { pattern, endpoint, serviceName } = req.body as {
+      pattern: string;
+      endpoint: string;
+      serviceName?: string;
+    };
+
+    if (!pattern) {
+      res.status(400).json({
+        error: 'pattern is required',
+        code: 'MISSING_PATTERN',
+      });
+      return;
+    }
+
+    if (!endpoint) {
+      res.status(400).json({
+        error: 'endpoint is required',
+        code: 'MISSING_ENDPOINT',
+      });
+      return;
+    }
+
+    // Validate endpoint is a valid URL
+    try {
+      new URL(endpoint);
+    } catch {
+      res.status(400).json({
+        error: 'endpoint must be a valid URL',
+        code: 'INVALID_ENDPOINT',
+      });
+      return;
+    }
+
+    const result = await createSubscription(pattern, endpoint, serviceName);
+    res.json({
+      subscribed: true,
+      ...result,
+    });
+  } catch (error) {
+    console.error('Error creating subscription:', error);
+    res.status(500).json({
+      error: 'Failed to create subscription',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});
+
+// POST /events/unsubscribe
+eventsRouter.post('/unsubscribe', async (req: Request, res: Response) => {
+  try {
+    const { subscriptionId } = req.body as { subscriptionId: string };
+
+    if (!subscriptionId) {
+      res.status(400).json({
+        error: 'subscriptionId is required',
+        code: 'MISSING_SUBSCRIPTION_ID',
+      });
+      return;
+    }
+
+    await deleteSubscription(subscriptionId);
+    res.json({
+      unsubscribed: true,
+      subscriptionId,
+    });
+  } catch (error) {
+    if (error instanceof Error && error.message === 'NOT_FOUND') {
+      res.status(404).json({
+        error: 'Subscription not found',
+        code: 'NOT_FOUND',
+      });
+      return;
+    }
+    console.error('Error deleting subscription:', error);
+    res.status(500).json({
+      error: 'Failed to delete subscription',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});
+
+// GET /events/subscriptions
+eventsRouter.get('/subscriptions', async (req: Request, res: Response) => {
+  try {
+    const pattern = req.query.pattern as string | undefined;
+    const subs = listSubscriptions(pattern);
+    res.json({ subscriptions: subs });
+  } catch (error) {
+    console.error('Error listing subscriptions:', error);
+    res.status(500).json({
+      error: 'Failed to list subscriptions',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});

package/service/src/routes/files.ts

@@ -0,0 +1,230 @@
+/**
+ * Files Routes
+ *
+ * POST /files/upload-url    - Get signed upload URL
+ * POST /files/download-url  - Get signed download URL
+ * POST /files/list          - List files with prefix
+ * POST /files/delete        - Delete file
+ * POST /files/move          - Move/rename file
+ * POST /files/metadata      - Get file metadata
+ */
+
+import { Router, Request, Response } from 'express';
+import {
+  validatePath,
+  getUploadUrl,
+  getDownloadUrl,
+  listFiles,
+  deleteFile,
+  moveFile,
+  getFileMetadata,
+} from '../services/storage.js';
+
+export const filesRouter = Router();
+
+// POST /files/upload-url
+filesRouter.post('/upload-url', async (req: Request, res: Response) => {
+  try {
+    const { path, contentType } = req.body as { path: string; contentType: string };
+
+    // Validate path
+    const validation = validatePath(path);
+    if (!validation.valid) {
+      res.status(400).json({
+        error: validation.error,
+        code: 'INVALID_PATH',
+      });
+      return;
+    }
+
+    // Validate content type
+    if (!contentType) {
+      res.status(400).json({
+        error: 'Content type is required',
+        code: 'MISSING_CONTENT_TYPE',
+      });
+      return;
+    }
+
+    const result = await getUploadUrl(path, contentType);
+    res.json(result);
+  } catch (error) {
+    console.error('Error generating upload URL:', error);
+    res.status(500).json({
+      error: 'Failed to generate upload URL',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});
+
+// POST /files/download-url
+filesRouter.post('/download-url', async (req: Request, res: Response) => {
+  try {
+    const { path } = req.body as { path: string };
+
+    // Validate path
+    const validation = validatePath(path);
+    if (!validation.valid) {
+      res.status(400).json({
+        error: validation.error,
+        code: 'INVALID_PATH',
+      });
+      return;
+    }
+
+    const result = await getDownloadUrl(path);
+    res.json(result);
+  } catch (error) {
+    if (error instanceof Error && error.message === 'NOT_FOUND') {
+      res.status(404).json({
+        error: 'File not found',
+        code: 'NOT_FOUND',
+      });
+      return;
+    }
+    console.error('Error generating download URL:', error);
+    res.status(500).json({
+      error: 'Failed to generate download URL',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});
+
+// POST /files/list
+filesRouter.post('/list', async (req: Request, res: Response) => {
+  try {
+    const { prefix, maxResults, pageToken } = req.body as {
+      prefix?: string;
+      maxResults?: number;
+      pageToken?: string;
+    };
+
+    const result = await listFiles(prefix, maxResults, pageToken);
+    res.json(result);
+  } catch (error) {
+    console.error('Error listing files:', error);
+    res.status(500).json({
+      error: 'Failed to list files',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});
+
+// POST /files/delete
+filesRouter.post('/delete', async (req: Request, res: Response) => {
+  try {
+    const { path } = req.body as { path: string };
+
+    // Validate path
+    const validation = validatePath(path);
+    if (!validation.valid) {
+      res.status(400).json({
+        error: validation.error,
+        code: 'INVALID_PATH',
+      });
+      return;
+    }
+
+    await deleteFile(path);
+    res.json({
+      deleted: true,
+      path,
+    });
+  } catch (error) {
+    if (error instanceof Error && error.message === 'NOT_FOUND') {
+      res.status(404).json({
+        error: 'File not found',
+        code: 'NOT_FOUND',
+      });
+      return;
+    }
+    console.error('Error deleting file:', error);
+    res.status(500).json({
+      error: 'Failed to delete file',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});
+
+// POST /files/move
+filesRouter.post('/move', async (req: Request, res: Response) => {
+  try {
+    const { sourcePath, destinationPath } = req.body as {
+      sourcePath: string;
+      destinationPath: string;
+    };
+
+    // Validate source path
+    const sourceValidation = validatePath(sourcePath);
+    if (!sourceValidation.valid) {
+      res.status(400).json({
+        error: `Source: ${sourceValidation.error}`,
+        code: 'INVALID_PATH',
+      });
+      return;
+    }
+
+    // Validate destination path
+    const destValidation = validatePath(destinationPath);
+    if (!destValidation.valid) {
+      res.status(400).json({
+        error: `Destination: ${destValidation.error}`,
+        code: 'INVALID_PATH',
+      });
+      return;
+    }
+
+    await moveFile(sourcePath, destinationPath);
+    res.json({
+      moved: true,
+      sourcePath,
+      destinationPath,
+    });
+  } catch (error) {
+    if (error instanceof Error && error.message === 'NOT_FOUND') {
+      res.status(404).json({
+        error: 'Source file not found',
+        code: 'NOT_FOUND',
+      });
+      return;
+    }
+    console.error('Error moving file:', error);
+    res.status(500).json({
+      error: 'Failed to move file',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});
+
+// POST /files/metadata
+filesRouter.post('/metadata', async (req: Request, res: Response) => {
+  try {
+    const { path } = req.body as { path: string };
+
+    // Validate path
+    const validation = validatePath(path);
+    if (!validation.valid) {
+      res.status(400).json({
+        error: validation.error,
+        code: 'INVALID_PATH',
+      });
+      return;
+    }
+
+    const result = await getFileMetadata(path);
+    res.json(result);
+  } catch (error) {
+    if (error instanceof Error && error.message === 'NOT_FOUND') {
+      res.status(404).json({
+        error: 'File not found',
+        code: 'NOT_FOUND',
+      });
+      return;
+    }
+    console.error('Error getting file metadata:', error);
+    res.status(500).json({
+      error: 'Failed to get file metadata',
+      code: 'INTERNAL_ERROR',
+    });
+  }
+});

package/service/src/routes/health.ts

@@ -0,0 +1,22 @@
+/**
+ * Health Check Route
+ */
+
+import { Router } from 'express';
+
+export const healthRouter = Router();
+
+healthRouter.get('/', (_req, res) => {
+  res.json({
+    status: 'healthy',
+    service: 'gcp-kernel',
+    timestamp: new Date().toISOString(),
+    uptime: process.uptime(),
+    environment: {
+      gcpProject: process.env.GCP_PROJECT_ID || 'not set',
+      firebaseProject: process.env.FIREBASE_PROJECT_ID || 'not set',
+      bucket: process.env.GCS_BUCKET || 'not set',
+      topic: process.env.PUBSUB_EVENTS_TOPIC || 'not set',
+    },
+  });
+});

package/service/src/services/firebase.ts

@@ -0,0 +1,67 @@
+/**
+ * Firebase Admin SDK Service
+ *
+ * Handles Firebase initialization and token validation.
+ */
+
+import admin from 'firebase-admin';
+
+let initialized = false;
+
+/**
+ * Initialize Firebase Admin SDK
+ */
+export function initializeFirebase(): void {
+  if (initialized) return;
+
+  const projectId = process.env.FIREBASE_PROJECT_ID || process.env.GCP_PROJECT_ID;
+
+  if (!projectId) {
+    console.warn('FIREBASE_PROJECT_ID not set, auth validation will fail');
+    return;
+  }
+
+  try {
+    admin.initializeApp({
+      projectId,
+    });
+    initialized = true;
+    console.log(`Firebase Admin initialized for project: ${projectId}`);
+  } catch (error) {
+    console.error('Failed to initialize Firebase Admin:', error);
+  }
+}
+
+/**
+ * Validate a Firebase ID token
+ */
+export async function validateToken(token: string): Promise<{
+  valid: boolean;
+  uid?: string;
+  email?: string;
+  claims?: Record<string, unknown>;
+  error?: string;
+}> {
+  if (!initialized) {
+    return { valid: false, error: 'Firebase not initialized' };
+  }
+
+  try {
+    const decodedToken = await admin.auth().verifyIdToken(token);
+
+    return {
+      valid: true,
+      uid: decodedToken.uid,
+      email: decodedToken.email,
+      claims: {
+        email_verified: decodedToken.email_verified,
+        name: decodedToken.name,
+        picture: decodedToken.picture,
+        ...decodedToken,
+      },
+    };
+  } catch (error) {
+    const message = error instanceof Error ? error.message : 'Token validation failed';
+    return { valid: false, error: message };
+  }
+}