@wopr-network/platform-core 1.12.2 → 1.13.1

package/src/api/routes/admin-gpu.ts

@@ -0,0 +1,202 @@
+import { Hono } from "hono";
+import { z } from "zod";
+import type { AuthEnv } from "../../auth/index.js";
+import type { AdminAuditLogger } from "./admin-audit-helper.js";
+import { safeAuditLog } from "./admin-audit-helper.js";
+
+/** Minimal interface for GPU node repository. */
+export interface IGpuNodeRepository {
+  list(): Promise<unknown[]>;
+  getById(nodeId: string): Promise<{ dropletId?: string | number | null; status?: string } | null>;
+}
+
+/** Minimal interface for GPU node provisioner. */
+export interface IGpuNodeProvisioner {
+  provision(opts: { region?: string; size?: string; name?: string }): Promise<{
+    nodeId: string;
+    dropletId?: string | number | null;
+    region?: string;
+    size?: string;
+    monthlyCostCents?: number;
+  }>;
+  destroy(nodeId: string): Promise<void>;
+}
+
+/** Minimal interface for DO API client. */
+export interface IDOClient {
+  listRegions(): Promise<unknown[]>;
+  listSizes(): Promise<unknown[]>;
+  rebootDroplet(dropletId: number): Promise<void>;
+}
+
+export interface AdminGpuDeps {
+  gpuNodeRepo: () => IGpuNodeRepository;
+  gpuNodeProvisioner: () => IGpuNodeProvisioner;
+  doClient: () => IDOClient;
+  auditLogger?: () => AdminAuditLogger;
+  logger?: { error(msg: string, meta?: Record<string, unknown>): void };
+}
+
+/**
+ * Create admin GPU node management routes.
+ * Static routes (/regions, /sizes) are registered BEFORE parameterized routes (/:nodeId).
+ */
+export function createAdminGpuRoutes(deps: AdminGpuDeps): Hono<AuthEnv> {
+  const routes = new Hono<AuthEnv>();
+
+  routes.get("/", async (c) => {
+    const nodes = await deps.gpuNodeRepo().list();
+    return c.json({ success: true, nodes, count: nodes.length });
+  });
+
+  routes.post("/", async (c) => {
+    try {
+      const body = await c.req.json();
+      const parsed = z
+        .object({
+          region: z.string().min(1).max(20).optional(),
+          size: z.string().min(1).max(50).optional(),
+          name: z
+            .string()
+            .min(1)
+            .max(63)
+            .regex(/^[a-zA-Z0-9][a-zA-Z0-9-]*$/)
+            .optional(),
+        })
+        .parse(body);
+
+      const provisioner = deps.gpuNodeProvisioner();
+      const result = await provisioner.provision(parsed);
+
+      safeAuditLog(deps.auditLogger, {
+        adminUser: (c.get("user") as { id?: string } | undefined)?.id ?? "unknown",
+        action: "gpu.provision",
+        category: "config",
+        details: {
+          nodeId: result.nodeId,
+          dropletId: result.dropletId,
+          region: result.region,
+          size: result.size,
+          monthlyCostCents: result.monthlyCostCents,
+        },
+      });
+
+      return c.json({ success: true, node: result }, 201);
+    } catch (err) {
+      if (err instanceof z.ZodError) {
+        return c.json({ success: false, error: err.issues }, 400);
+      }
+      if (err instanceof Error && err.message.includes("DO_API_TOKEN")) {
+        return c.json(
+          { success: false, error: "GPU provisioning not configured. Set DO_API_TOKEN environment variable." },
+          503,
+        );
+      }
+      deps.logger?.error("GPU node provisioning failed", { err });
+      return c.json({ success: false, error: err instanceof Error ? err.message : "Unknown error" }, 500);
+    }
+  });
+
+  routes.get("/regions", async (c) => {
+    try {
+      const regions = await deps.doClient().listRegions();
+      return c.json({ success: true, regions });
+    } catch (err) {
+      if (err instanceof Error && err.message.includes("DO_API_TOKEN")) {
+        return c.json(
+          { success: false, error: "GPU provisioning not configured. Set DO_API_TOKEN environment variable." },
+          503,
+        );
+      }
+      return c.json({ success: false, error: err instanceof Error ? err.message : "Unknown error" }, 500);
+    }
+  });
+
+  routes.get("/sizes", async (c) => {
+    try {
+      const sizes = await deps.doClient().listSizes();
+      return c.json({ success: true, sizes });
+    } catch (err) {
+      if (err instanceof Error && err.message.includes("DO_API_TOKEN")) {
+        return c.json(
+          { success: false, error: "GPU provisioning not configured. Set DO_API_TOKEN environment variable." },
+          503,
+        );
+      }
+      return c.json({ success: false, error: err instanceof Error ? err.message : "Unknown error" }, 500);
+    }
+  });
+
+  routes.get("/:nodeId", async (c) => {
+    const nodeId = c.req.param("nodeId") as string;
+    const node = await deps.gpuNodeRepo().getById(nodeId);
+    if (!node) {
+      return c.json({ success: false, error: "GPU node not found" }, 404);
+    }
+    return c.json({ success: true, node });
+  });
+
+  routes.delete("/:nodeId", async (c) => {
+    const nodeId = c.req.param("nodeId") as string;
+
+    try {
+      const node = await deps.gpuNodeRepo().getById(nodeId);
+      if (!node) {
+        return c.json({ success: false, error: "GPU node not found" }, 404);
+      }
+      if (node.status === "provisioning" || node.status === "bootstrapping") {
+        return c.json(
+          {
+            success: false,
+            error: `Cannot destroy GPU node in ${node.status} state — wait until provisioning/bootstrapping completes`,
+          },
+          409,
+        );
+      }
+
+      await deps.gpuNodeProvisioner().destroy(nodeId);
+
+      safeAuditLog(deps.auditLogger, {
+        adminUser: (c.get("user") as { id?: string } | undefined)?.id ?? "unknown",
+        action: "gpu.destroy",
+        category: "config",
+        details: { nodeId },
+      });
+
+      return c.json({ success: true });
+    } catch (err) {
+      deps.logger?.error("GPU node destruction failed", { nodeId, err });
+      return c.json({ success: false, error: err instanceof Error ? err.message : "Unknown error" }, 500);
+    }
+  });
+
+  routes.post("/:nodeId/reboot", async (c) => {
+    const nodeId = c.req.param("nodeId") as string;
+
+    try {
+      const node = await deps.gpuNodeRepo().getById(nodeId);
+      if (!node) {
+        return c.json({ success: false, error: "GPU node not found" }, 404);
+      }
+      if (!node.dropletId) {
+        return c.json({ success: false, error: "GPU node has no droplet assigned" }, 400);
+      }
+
+      await deps.doClient().rebootDroplet(Number(node.dropletId));
+
+      safeAuditLog(deps.auditLogger, {
+        adminUser: (c.get("user") as { id?: string } | undefined)?.id ?? "unknown",
+        action: "gpu.reboot",
+        category: "config",
+        details: { nodeId, dropletId: node.dropletId },
+      });
+
+      return c.json({ success: true, message: `Reboot initiated for GPU node ${nodeId}` });
+    } catch (err) {
+      deps.logger?.error("GPU node reboot failed", { nodeId, err });
+      return c.json({ success: false, error: err instanceof Error ? err.message : "Unknown error" }, 500);
+    }
+  });
+
+  return routes;
+}

package/src/api/routes/admin-inference.ts

@@ -0,0 +1,109 @@
+import { Hono } from "hono";
+import type { AuthEnv } from "../../auth/index.js";
+import type { ISessionUsageRepository } from "../../inference/session-usage-repository.js";
+
+/**
+ * Create admin inference dashboard routes.
+ *
+ * Routes:
+ *   GET /          — Summary: daily costs, session count, avg cost, cache hit rate
+ *   GET /daily     — Daily cost breakdown
+ *   GET /pages     — Per-page cost breakdown
+ *   GET /cache     — Cache hit rate
+ *   GET /session/:sessionId — Per-session usage detail
+ *
+ * @param repoFactory - factory for the session usage repository (lazy init)
+ */
+export function createAdminInferenceRoutes(repoFactory: () => ISessionUsageRepository): Hono<AuthEnv> {
+  const routes = new Hono<AuthEnv>();
+
+  routes.get("/", async (c) => {
+    const repo = repoFactory();
+    const daysParam = c.req.query("days");
+    const days = Math.min(90, Math.max(1, Number.isNaN(Number(daysParam)) ? 7 : Number(daysParam)));
+    const since = Date.now() - days * 24 * 60 * 60 * 1000;
+
+    try {
+      const [dailyCosts, pageCosts, cacheHitRate] = await Promise.all([
+        repo.aggregateByDay(since),
+        repo.aggregateByPage(since),
+        repo.cacheHitRate(since),
+      ]);
+
+      const totalCostUsd = dailyCosts.reduce((sum, d) => sum + d.totalCostUsd, 0);
+      const totalSessions = dailyCosts.reduce((sum, d) => sum + d.sessionCount, 0);
+      const avgCostPerSession = totalSessions > 0 ? totalCostUsd / totalSessions : 0;
+
+      return c.json({
+        period: { days, since },
+        summary: {
+          totalCostUsd,
+          totalSessions,
+          avgCostPerSessionUsd: avgCostPerSession,
+          cacheHitRate: cacheHitRate.hitRate,
+        },
+        dailyCosts,
+        pageCosts,
+      });
+    } catch (err) {
+      return c.json({ error: err instanceof Error ? err.message : "Internal server error" }, 500);
+    }
+  });
+
+  routes.get("/daily", async (c) => {
+    const repo = repoFactory();
+    const daysParam = c.req.query("days");
+    const days = Math.min(90, Math.max(1, Number.isNaN(Number(daysParam)) ? 30 : Number(daysParam)));
+    const since = Date.now() - days * 24 * 60 * 60 * 1000;
+
+    try {
+      const dailyCosts = await repo.aggregateByDay(since);
+      return c.json({ days, dailyCosts });
+    } catch (err) {
+      return c.json({ error: err instanceof Error ? err.message : "Internal server error" }, 500);
+    }
+  });
+
+  routes.get("/pages", async (c) => {
+    const repo = repoFactory();
+    const daysParam = c.req.query("days");
+    const days = Math.min(90, Math.max(1, Number.isNaN(Number(daysParam)) ? 7 : Number(daysParam)));
+    const since = Date.now() - days * 24 * 60 * 60 * 1000;
+
+    try {
+      const pageCosts = await repo.aggregateByPage(since);
+      return c.json({ days, pageCosts });
+    } catch (err) {
+      return c.json({ error: err instanceof Error ? err.message : "Internal server error" }, 500);
+    }
+  });
+
+  routes.get("/cache", async (c) => {
+    const repo = repoFactory();
+    const daysParam = c.req.query("days");
+    const days = Math.min(90, Math.max(1, Number.isNaN(Number(daysParam)) ? 7 : Number(daysParam)));
+    const since = Date.now() - days * 24 * 60 * 60 * 1000;
+
+    try {
+      const cacheStats = await repo.cacheHitRate(since);
+      return c.json({ days, cacheStats });
+    } catch (err) {
+      return c.json({ error: err instanceof Error ? err.message : "Internal server error" }, 500);
+    }
+  });
+
+  routes.get("/session/:sessionId", async (c) => {
+    const repo = repoFactory();
+    const sessionId = c.req.param("sessionId");
+
+    try {
+      const records = await repo.findBySessionId(sessionId);
+      const totalCostUsd = records.reduce((sum, r) => sum + r.costUsd, 0);
+      return c.json({ sessionId, totalCostUsd, records });
+    } catch (err) {
+      return c.json({ error: err instanceof Error ? err.message : "Internal server error" }, 500);
+    }
+  });
+
+  return routes;
+}

package/src/api/routes/admin-marketplace.ts

@@ -0,0 +1,233 @@
+import { Hono } from "hono";
+import { z } from "zod";
+import type { AuthEnv } from "../../auth/index.js";
+import type { IMarketplacePluginRepository } from "../../marketplace/marketplace-plugin-repository.js";
+import type { AdminAuditLogger } from "./admin-audit-helper.js";
+import { safeAuditLog } from "./admin-audit-helper.js";
+
+const addPluginSchema = z.object({
+  npmPackage: z.string().min(1),
+  version: z.string().min(1),
+  category: z.string().optional(),
+  notes: z.string().optional(),
+});
+
+const updatePluginSchema = z.object({
+  enabled: z.boolean().optional(),
+  featured: z.boolean().optional(),
+  sortOrder: z.number().int().optional(),
+  category: z.string().nullable().optional(),
+  notes: z.string().nullable().optional(),
+});
+
+/** Optional volume installer interface for fire-and-forget plugin installation. */
+export interface PluginVolumeInstaller {
+  installPluginToVolume(opts: {
+    pluginId: string;
+    npmPackage: string;
+    version: string;
+    volumePath: string;
+    repo: IMarketplacePluginRepository;
+  }): Promise<void>;
+}
+
+/** Optional npm discovery interface. */
+export interface NpmPluginDiscoverer {
+  discoverNpmPlugins(opts: {
+    repo: IMarketplacePluginRepository;
+    notify: (msg: string) => void;
+  }): Promise<{ discovered: number; skipped: number }>;
+}
+
+export interface AdminMarketplaceDeps {
+  repoFactory: () => IMarketplacePluginRepository;
+  auditLogger?: () => AdminAuditLogger;
+  volumeInstaller?: () => PluginVolumeInstaller;
+  pluginVolumePath?: string;
+  discoverer?: () => NpmPluginDiscoverer;
+  logger?: { info(msg: string): void; error(msg: string, meta?: Record<string, unknown>): void };
+}
+
+export function createAdminMarketplaceRoutes(
+  repoFactoryOrDeps: (() => IMarketplacePluginRepository) | AdminMarketplaceDeps,
+  auditLogger?: () => AdminAuditLogger,
+): Hono<AuthEnv> {
+  const deps: AdminMarketplaceDeps =
+    typeof repoFactoryOrDeps === "function" ? { repoFactory: repoFactoryOrDeps, auditLogger } : repoFactoryOrDeps;
+
+  const routes = new Hono<AuthEnv>();
+
+  let _repo: IMarketplacePluginRepository | null = null;
+  const repo = (): IMarketplacePluginRepository => {
+    if (!_repo) _repo = deps.repoFactory();
+    return _repo;
+  };
+
+  // GET /plugins — list all marketplace plugins
+  routes.get("/plugins", async (c) => {
+    return c.json(await repo().findAll());
+  });
+
+  // GET /queue — list plugins pending review (enabled = false)
+  routes.get("/queue", async (c) => {
+    return c.json(await repo().findPendingReview());
+  });
+
+  // POST /plugins — manually add a plugin by npm package name
+  routes.post("/plugins", async (c) => {
+    let body: unknown;
+    try {
+      body = await c.req.json();
+    } catch {
+      return c.json({ error: "Invalid JSON body" }, 400);
+    }
+    const parsed = addPluginSchema.safeParse(body);
+    if (!parsed.success) {
+      return c.json({ error: "Validation failed", details: parsed.error.flatten() }, 400);
+    }
+
+    const { npmPackage, version, category, notes } = parsed.data;
+    const existing = await repo().findById(npmPackage);
+    if (existing) {
+      return c.json({ error: "Plugin already exists" }, 409);
+    }
+
+    const plugin = await repo().insert({
+      pluginId: npmPackage,
+      npmPackage,
+      version,
+      category,
+      notes,
+    });
+    const user = c.get("user") as { id: string } | undefined;
+    safeAuditLog(deps.auditLogger, {
+      adminUser: user?.id ?? "unknown",
+      action: "marketplace.plugin.create",
+      category: "config",
+      details: { pluginId: npmPackage, version },
+      outcome: "success",
+    });
+
+    // Fire-and-forget: install into shared volume
+    if (deps.volumeInstaller) {
+      const volumePath = deps.pluginVolumePath ?? "/data/plugins";
+      try {
+        const installer = deps.volumeInstaller();
+        installer
+          .installPluginToVolume({
+            pluginId: npmPackage,
+            npmPackage,
+            version,
+            volumePath,
+            repo: repo(),
+          })
+          .catch((err: unknown) => {
+            deps.logger?.error("Volume install trigger failed", { pluginId: npmPackage, err });
+          });
+      } catch {
+        /* volume installer unavailable — non-fatal */
+      }
+    }
+
+    return c.json(plugin, 201);
+  });
+
+  // PATCH /plugins/:id — update plugin (enable/disable, feature, sort, notes)
+  routes.patch("/plugins/:id", async (c) => {
+    const id = c.req.param("id");
+    const existing = await repo().findById(id);
+    if (!existing) {
+      return c.json({ error: "Plugin not found" }, 404);
+    }
+
+    let body: unknown;
+    try {
+      body = await c.req.json();
+    } catch {
+      return c.json({ error: "Invalid JSON body" }, 400);
+    }
+    const parsed = updatePluginSchema.safeParse(body);
+    if (!parsed.success) {
+      return c.json({ error: "Validation failed", details: parsed.error.flatten() }, 400);
+    }
+
+    const patch: Record<string, unknown> = { ...parsed.data };
+    if (parsed.data.enabled === true) {
+      const user = c.get("user") as { id: string } | undefined;
+      if (user) patch.enabledBy = user.id;
+    }
+
+    const updated = await repo().update(id, patch as Parameters<IMarketplacePluginRepository["update"]>[1]);
+    const user = c.get("user") as { id: string } | undefined;
+    safeAuditLog(deps.auditLogger, {
+      adminUser: user?.id ?? "unknown",
+      action: "marketplace.plugin.update",
+      category: "config",
+      details: { pluginId: id, patch },
+      outcome: "success",
+    });
+    return c.json(updated);
+  });
+
+  // DELETE /plugins/:id — remove a plugin from the registry
+  routes.delete("/plugins/:id", async (c) => {
+    const id = c.req.param("id");
+    const existing = await repo().findById(id);
+    if (!existing) {
+      return c.json({ error: "Plugin not found" }, 404);
+    }
+    await repo().delete(id);
+    const user = c.get("user") as { id: string } | undefined;
+    safeAuditLog(deps.auditLogger, {
+      adminUser: user?.id ?? "unknown",
+      action: "marketplace.plugin.delete",
+      category: "config",
+      details: { pluginId: id },
+      outcome: "success",
+    });
+    return c.body(null, 204);
+  });
+
+  // GET /plugins/:id/install-status — poll install progress
+  routes.get("/plugins/:id/install-status", async (c) => {
+    const id = c.req.param("id");
+    const plugin = await repo().findById(id);
+    if (!plugin) {
+      return c.json({ error: "Plugin not found" }, 404);
+    }
+
+    const status = plugin.installedAt ? "installed" : plugin.installError ? "failed" : "pending";
+
+    return c.json({
+      pluginId: plugin.pluginId,
+      status,
+      installedAt: plugin.installedAt,
+      installError: plugin.installError,
+    });
+  });
+
+  // POST /discover — trigger manual discovery run
+  routes.post("/discover", async (c) => {
+    if (!deps.discoverer) {
+      return c.json({ error: "Discovery not configured" }, 503);
+    }
+    const discoverer = deps.discoverer();
+    const result = await discoverer.discoverNpmPlugins({
+      repo: repo(),
+      notify: (msg: string) => {
+        deps.logger?.info(`[Marketplace] ${msg}`);
+      },
+    });
+    const user = c.get("user") as { id: string } | undefined;
+    safeAuditLog(deps.auditLogger, {
+      adminUser: user?.id ?? "unknown",
+      action: "marketplace.discovery.trigger",
+      category: "config",
+      details: { discovered: result.discovered, skipped: result.skipped },
+      outcome: "success",
+    });
+    return c.json(result);
+  });
+
+  return routes;
+}

package/src/api/routes/admin-migration.ts

@@ -0,0 +1,61 @@
+import { Hono } from "hono";
+import { z } from "zod";
+import type { AuthEnv } from "../../auth/index.js";
+import { logger } from "../../config/logger.js";
+import type { AdminAuditLogger } from "./admin-audit-helper.js";
+import { safeAuditLog } from "./admin-audit-helper.js";
+
+export interface MigrationOrchestrator {
+  migrate(botId: string, targetNodeId?: string): Promise<{ success: boolean; error?: string }>;
+}
+
+const migrateInputSchema = z.object({
+  targetNodeId: z.string().min(1).optional(),
+});
+
+export function createAdminMigrationRoutes(
+  getOrchestrator: () => MigrationOrchestrator,
+  auditLogger?: () => AdminAuditLogger,
+): Hono<AuthEnv> {
+  const routes = new Hono<AuthEnv>();
+
+  routes.post("/:botId", async (c) => {
+    const botId = c.req.param("botId") as string;
+
+    let body: z.infer<typeof migrateInputSchema> = {};
+    try {
+      body = migrateInputSchema.parse(await c.req.json());
+    } catch {
+      // No body is fine — auto-select target
+    }
+
+    try {
+      const result = await getOrchestrator().migrate(botId, body.targetNodeId);
+
+      safeAuditLog(auditLogger, {
+        adminUser: (c.get("user") as { id?: string } | undefined)?.id ?? "unknown",
+        action: "bot.migrate",
+        category: "config",
+        details: { botId, targetNodeId: body.targetNodeId, success: result.success },
+        outcome: result.success ? "success" : "failure",
+      });
+
+      if (result.success) {
+        return c.json({ success: true, result });
+      }
+      return c.json({ success: false, result }, 400);
+    } catch (err) {
+      logger.error("Migration failed", { botId, err });
+      safeAuditLog(auditLogger, {
+        adminUser: (c.get("user") as { id?: string } | undefined)?.id ?? "unknown",
+        action: "bot.migrate",
+        category: "config",
+        details: { botId, targetNodeId: body.targetNodeId },
+        outcome: "failure",
+      });
+      return c.json({ success: false, error: err instanceof Error ? err.message : "Unknown error" }, 500);
+    }
+  });
+
+  return routes;
+}