@wopr-network/platform-core 1.68.0 → 1.70.0

package/dist/server/routes/admin.js

@@ -0,0 +1,294 @@
+/**
+ * Admin tRPC router factory — platform-wide settings for the operator.
+ *
+ * All endpoints require platform_admin role (via adminProcedure).
+ * Dependencies are injected via PlatformContainer rather than module-level
+ * singletons, enabling clean testing and per-product composition.
+ */
+import { eq } from "drizzle-orm";
+import { z } from "zod";
+import { tenantModelSelection } from "../../db/schema/tenant-model-selection.js";
+import { adminProcedure, router } from "../../trpc/init.js";
+let modelListCache = null;
+let modelListCacheExpiry = 0;
+/** Well-known tenant ID for the global platform model setting. */
+const GLOBAL_TENANT_ID = "__platform__";
+// ---------------------------------------------------------------------------
+// Gateway model cache (short-TTL, refreshed per-request for the proxy)
+// ---------------------------------------------------------------------------
+const CACHE_TTL_MS = 5_000;
+let cachedModel = null;
+let modelCacheExpiry = 0;
+/** Container ref stashed by `warmModelCache` so the background refresh can use it. */
+let _container = null;
+/**
+ * Synchronous model resolver for the gateway proxy.
+ * Returns the cached DB value, or null to fall back to env var.
+ * The cache is refreshed asynchronously every 5 seconds.
+ */
+export function resolveGatewayModel() {
+    const now = Date.now();
+    if (now > modelCacheExpiry && _container) {
+        // Refresh cache in the background — don't block the request
+        refreshModelCache(_container).catch(() => { });
+    }
+    return cachedModel;
+}
+async function refreshModelCache(container) {
+    try {
+        const row = await container.db
+            .select({ defaultModel: tenantModelSelection.defaultModel })
+            .from(tenantModelSelection)
+            .where(eq(tenantModelSelection.tenantId, GLOBAL_TENANT_ID))
+            .then((rows) => rows[0] ?? null);
+        cachedModel = row?.defaultModel ?? null;
+        modelCacheExpiry = Date.now() + CACHE_TTL_MS;
+    }
+    catch {
+        // DB error — keep stale cache, retry next time
+    }
+}
+/** Seed the cache on startup so the first request doesn't miss. */
+export async function warmModelCache(container) {
+    _container = container;
+    await refreshModelCache(container);
+}
+// ---------------------------------------------------------------------------
+// Router factory
+// ---------------------------------------------------------------------------
+export function createAdminRouter(container, config) {
+    return router({
+        /** Get the current gateway model setting. */
+        getGatewayModel: adminProcedure.query(async () => {
+            const row = await container.db
+                .select({
+                defaultModel: tenantModelSelection.defaultModel,
+                updatedAt: tenantModelSelection.updatedAt,
+            })
+                .from(tenantModelSelection)
+                .where(eq(tenantModelSelection.tenantId, GLOBAL_TENANT_ID))
+                .then((rows) => rows[0] ?? null);
+            return {
+                model: row?.defaultModel ?? null,
+                updatedAt: row?.updatedAt ?? null,
+            };
+        }),
+        /** Set the gateway model. Takes effect within 5 seconds. */
+        setGatewayModel: adminProcedure
+            .input(z.object({ model: z.string().min(1).max(200) }))
+            .mutation(async ({ input }) => {
+            const now = new Date().toISOString();
+            await container.db
+                .insert(tenantModelSelection)
+                .values({
+                tenantId: GLOBAL_TENANT_ID,
+                defaultModel: input.model,
+                updatedAt: now,
+            })
+                .onConflictDoUpdate({
+                target: tenantModelSelection.tenantId,
+                set: { defaultModel: input.model, updatedAt: now },
+            });
+            // Immediately update the in-memory cache.
+            cachedModel = input.model;
+            modelCacheExpiry = Date.now() + CACHE_TTL_MS;
+            return { ok: true, model: input.model };
+        }),
+        /** List available OpenRouter models for the gateway model dropdown. */
+        listAvailableModels: adminProcedure.query(async () => {
+            const apiKey = config?.openRouterApiKey;
+            if (!apiKey)
+                return { models: [] };
+            const now = Date.now();
+            if (modelListCache && modelListCacheExpiry > now)
+                return { models: modelListCache };
+            try {
+                const res = await fetch("https://openrouter.ai/api/v1/models", {
+                    headers: { Authorization: `Bearer ${apiKey}` },
+                    signal: AbortSignal.timeout(10_000),
+                });
+                if (!res.ok)
+                    return { models: modelListCache ?? [] };
+                const json = (await res.json());
+                const models = json.data
+                    .map((m) => ({
+                    id: m.id,
+                    name: m.name,
+                    contextLength: m.context_length ?? 0,
+                    promptPrice: m.pricing?.prompt ?? "0",
+                    completionPrice: m.pricing?.completion ?? "0",
+                }))
+                    .sort((a, b) => a.id.localeCompare(b.id));
+                modelListCache = models;
+                modelListCacheExpiry = now + 60_000;
+                return { models };
+            }
+            catch {
+                return { models: modelListCache ?? [] };
+            }
+        }),
+        // -----------------------------------------------------------------------
+        // Platform-wide instance overview (all tenants)
+        // -----------------------------------------------------------------------
+        /** List ALL instances across all tenants with health status. */
+        listAllInstances: adminProcedure.query(async () => {
+            if (!container.fleet) {
+                return { instances: [], error: "Fleet not configured" };
+            }
+            const fleet = container.fleet;
+            const profiles = await fleet.profileStore.list();
+            const instances = await Promise.all(profiles.map(async (profile) => {
+                try {
+                    const status = await fleet.manager.status(profile.id);
+                    return {
+                        id: profile.id,
+                        name: profile.name,
+                        tenantId: profile.tenantId,
+                        image: profile.image,
+                        state: status.state,
+                        health: status.health,
+                        uptime: status.uptime,
+                        containerId: status.containerId ?? null,
+                        startedAt: status.startedAt ?? null,
+                    };
+                }
+                catch {
+                    return {
+                        id: profile.id,
+                        name: profile.name,
+                        tenantId: profile.tenantId,
+                        image: profile.image,
+                        state: "error",
+                        health: null,
+                        uptime: null,
+                        containerId: null,
+                        startedAt: null,
+                    };
+                }
+            }));
+            return { instances };
+        }),
+        // -----------------------------------------------------------------------
+        // Platform-wide tenant/org overview
+        // -----------------------------------------------------------------------
+        /** List all organizations with member counts and instance counts. */
+        listAllOrgs: adminProcedure.query(async () => {
+            const orgs = await container.pool.query(`
+        SELECT
+          o.id,
+          o.name,
+          o.slug,
+          o.created_at as "createdAt",
+          (SELECT COUNT(*) FROM org_member om WHERE om.org_id = o.id) as "memberCount"
+        FROM organization o
+        ORDER BY o.created_at DESC
+      `);
+            // Count instances per tenant from fleet profiles
+            const instanceCountByTenant = new Map();
+            if (container.fleet) {
+                const profiles = await container.fleet.profileStore.list();
+                for (const p of profiles) {
+                    instanceCountByTenant.set(p.tenantId, (instanceCountByTenant.get(p.tenantId) ?? 0) + 1);
+                }
+            }
+            const result = await Promise.all(orgs.rows.map(async (org) => {
+                let balanceCents = 0;
+                try {
+                    const balance = await container.creditLedger.balance(org.id);
+                    balanceCents = balance.toCentsRounded();
+                }
+                catch {
+                    // Ledger may not have an entry for this org
+                }
+                return {
+                    id: org.id,
+                    name: org.name,
+                    slug: org.slug,
+                    createdAt: org.createdAt,
+                    memberCount: Number(org.memberCount),
+                    instanceCount: instanceCountByTenant.get(org.id) ?? 0,
+                    balanceCents,
+                };
+            }));
+            return { orgs: result };
+        }),
+        // -----------------------------------------------------------------------
+        // Platform-wide billing summary
+        // -----------------------------------------------------------------------
+        /** Get platform billing summary: total credits, active service keys, payment method count. */
+        billingOverview: adminProcedure.query(async () => {
+            // Total credit balance across all tenants
+            let totalBalanceCents = 0;
+            try {
+                const balanceResult = await container.pool.query(`
+          SELECT COALESCE(SUM(amount), 0) as "totalRaw"
+          FROM credit_entry
+        `);
+                const rawTotal = Number(balanceResult.rows[0]?.totalRaw ?? 0);
+                // credit_entry.amount is in microdollars (10^-6), convert to cents
+                totalBalanceCents = Math.round(rawTotal / 10_000);
+            }
+            catch {
+                // Table may not exist yet
+            }
+            // Count active service keys
+            let activeKeyCount = 0;
+            if (container.gateway) {
+                try {
+                    const keyResult = await container.pool.query(`SELECT COUNT(*) as "count" FROM service_keys WHERE revoked_at IS NULL`);
+                    activeKeyCount = Number(keyResult.rows[0]?.count ?? 0);
+                }
+                catch {
+                    // Table may not exist
+                }
+            }
+            // Count payment methods across all tenants
+            let paymentMethodCount = 0;
+            try {
+                const pmResult = await container.pool.query(`
+          SELECT COUNT(*) as "count" FROM payment_methods WHERE enabled = true
+        `);
+                paymentMethodCount = Number(pmResult.rows[0]?.count ?? 0);
+            }
+            catch {
+                // Table may not exist
+            }
+            // Count total orgs
+            let orgCount = 0;
+            try {
+                const orgCountResult = await container.pool.query(`SELECT COUNT(*) as "count" FROM organization`);
+                orgCount = Number(orgCountResult.rows[0]?.count ?? 0);
+            }
+            catch {
+                // Table may not exist
+            }
+            return {
+                totalBalanceCents,
+                activeKeyCount,
+                paymentMethodCount,
+                orgCount,
+            };
+        }),
+        // -----------------------------------------------------------------------
+        // Hot pool config (DB-driven, admin-only)
+        // -----------------------------------------------------------------------
+        getPoolConfig: adminProcedure.query(async () => {
+            if (!container.hotPool) {
+                return { enabled: false, poolSize: 0, warmCount: 0 };
+            }
+            const poolSize = await container.hotPool.getPoolSize();
+            const warmRes = await container.pool.query("SELECT COUNT(*)::int AS count FROM pool_instances WHERE status = 'warm'");
+            const warmCount = Number(warmRes.rows[0]?.count ?? 0);
+            return { enabled: true, poolSize, warmCount };
+        }),
+        setPoolSize: adminProcedure
+            .input(z.object({ size: z.number().int().min(0).max(50) }))
+            .mutation(async ({ input }) => {
+            if (!container.hotPool) {
+                throw new Error("Hot pool not enabled");
+            }
+            await container.hotPool.setPoolSize(input.size);
+            return { poolSize: input.size };
+        }),
+    });
+}

package/dist/server/routes/crypto-webhook.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Crypto webhook route — accepts payment confirmations from the key server.
+ *
+ * Extracted from paperclip-platform into platform-core so every product
+ * gets the same timing-safe auth, Zod validation, and idempotent handler
+ * without copy-pasting.
+ */
+import { Hono } from "hono";
+import type { PlatformContainer } from "../container.js";
+export interface CryptoWebhookConfig {
+    provisionSecret: string;
+    cryptoServiceKey?: string;
+}
+/**
+ * Create the crypto webhook Hono sub-app.
+ *
+ * Mount it at `/api/webhooks/crypto` (or wherever the product prefers).
+ *
+ * ```ts
+ * app.route("/api/webhooks/crypto", createCryptoWebhookRoutes(container, config));
+ * ```
+ */
+export declare function createCryptoWebhookRoutes(container: PlatformContainer, config: CryptoWebhookConfig): Hono;

package/dist/server/routes/crypto-webhook.js

@@ -0,0 +1,82 @@
+/**
+ * Crypto webhook route — accepts payment confirmations from the key server.
+ *
+ * Extracted from paperclip-platform into platform-core so every product
+ * gets the same timing-safe auth, Zod validation, and idempotent handler
+ * without copy-pasting.
+ */
+import { timingSafeEqual } from "node:crypto";
+import { Hono } from "hono";
+import { z } from "zod";
+import { handleKeyServerWebhook } from "../../billing/crypto/key-server-webhook.js";
+// ---------------------------------------------------------------------------
+// Zod schema for incoming webhook payloads
+// ---------------------------------------------------------------------------
+const cryptoWebhookSchema = z.object({
+    chargeId: z.string().min(1),
+    chain: z.string().min(1),
+    address: z.string().min(1),
+    amountUsdCents: z.number().optional(),
+    amountReceivedCents: z.number().optional(),
+    status: z.string().min(1),
+    txHash: z.string().optional(),
+    amountReceived: z.string().optional(),
+    confirmations: z.number().optional(),
+    confirmationsRequired: z.number().optional(),
+});
+// ---------------------------------------------------------------------------
+// Timing-safe secret validation
+// ---------------------------------------------------------------------------
+function assertSecret(authHeader, config) {
+    if (!authHeader?.startsWith("Bearer "))
+        return false;
+    const token = authHeader.slice("Bearer ".length).trim();
+    const secrets = [config.provisionSecret, config.cryptoServiceKey].filter((s) => !!s);
+    for (const secret of secrets) {
+        if (token.length === secret.length && timingSafeEqual(Buffer.from(token), Buffer.from(secret))) {
+            return true;
+        }
+    }
+    return false;
+}
+// ---------------------------------------------------------------------------
+// Route factory
+// ---------------------------------------------------------------------------
+/**
+ * Create the crypto webhook Hono sub-app.
+ *
+ * Mount it at `/api/webhooks/crypto` (or wherever the product prefers).
+ *
+ * ```ts
+ * app.route("/api/webhooks/crypto", createCryptoWebhookRoutes(container, config));
+ * ```
+ */
+export function createCryptoWebhookRoutes(container, config) {
+    const app = new Hono();
+    app.post("/", async (c) => {
+        if (!assertSecret(c.req.header("authorization"), config)) {
+            return c.json({ error: "Unauthorized" }, 401);
+        }
+        if (!container.crypto) {
+            return c.json({ error: "Crypto payments not configured" }, 501);
+        }
+        let payload;
+        try {
+            const raw = await c.req.json();
+            payload = cryptoWebhookSchema.parse(raw);
+        }
+        catch (err) {
+            if (err instanceof z.ZodError) {
+                return c.json({ error: "Invalid payload", issues: err.issues }, 400);
+            }
+            return c.json({ error: "Invalid JSON" }, 400);
+        }
+        const result = await handleKeyServerWebhook({
+            chargeStore: container.crypto.chargeRepo,
+            creditLedger: container.creditLedger,
+            replayGuard: container.crypto.webhookSeenRepo,
+        }, payload);
+        return c.json(result, 200);
+    });
+    return app;
+}

package/dist/server/routes/provision-webhook.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Provision webhook routes — instance lifecycle management.
+ *
+ * POST /create  — spin up a new container and configure it
+ * POST /destroy — tear down a container
+ * PUT  /budget  — update a container's spending budget
+ *
+ * Extracted from product-specific implementations into platform-core so
+ * every product gets the same timing-safe auth and DI-based fleet access
+ * without copy-pasting.
+ *
+ * All env var names are generic (no product-specific prefixes).
+ */
+import { Hono } from "hono";
+import type { PlatformContainer } from "../container.js";
+export interface ProvisionWebhookConfig {
+    provisionSecret: string;
+    /** Docker image to provision for new instances. */
+    instanceImage: string;
+    /** Port the provisioned container listens on. */
+    containerPort: number;
+    /** Maximum instances per tenant (0 = unlimited). */
+    maxInstancesPerTenant: number;
+    /** URL of the metered inference gateway (passed to provisioned containers). */
+    gatewayUrl?: string;
+    /** Container prefix for naming (e.g. "wopr" → "wopr-<subdomain>"). */
+    containerPrefix?: string;
+}
+/**
+ * Create the provision webhook Hono sub-app.
+ *
+ * Mount it at `/api/provision` (or wherever the product prefers).
+ *
+ * ```ts
+ * app.route("/api/provision", createProvisionWebhookRoutes(container, config));
+ * ```
+ */
+export declare function createProvisionWebhookRoutes(container: PlatformContainer, config: ProvisionWebhookConfig): Hono;

package/dist/server/routes/provision-webhook.js

@@ -0,0 +1,160 @@
+/**
+ * Provision webhook routes — instance lifecycle management.
+ *
+ * POST /create  — spin up a new container and configure it
+ * POST /destroy — tear down a container
+ * PUT  /budget  — update a container's spending budget
+ *
+ * Extracted from product-specific implementations into platform-core so
+ * every product gets the same timing-safe auth and DI-based fleet access
+ * without copy-pasting.
+ *
+ * All env var names are generic (no product-specific prefixes).
+ */
+import { timingSafeEqual } from "node:crypto";
+import { Hono } from "hono";
+// ---------------------------------------------------------------------------
+// Timing-safe secret validation (same pattern as crypto-webhook)
+// ---------------------------------------------------------------------------
+function assertSecret(authHeader, secret) {
+    if (!authHeader?.startsWith("Bearer "))
+        return false;
+    const token = authHeader.slice("Bearer ".length).trim();
+    if (token.length !== secret.length)
+        return false;
+    return timingSafeEqual(Buffer.from(token), Buffer.from(secret));
+}
+// ---------------------------------------------------------------------------
+// Route factory
+// ---------------------------------------------------------------------------
+/**
+ * Create the provision webhook Hono sub-app.
+ *
+ * Mount it at `/api/provision` (or wherever the product prefers).
+ *
+ * ```ts
+ * app.route("/api/provision", createProvisionWebhookRoutes(container, config));
+ * ```
+ */
+export function createProvisionWebhookRoutes(container, config) {
+    const app = new Hono();
+    // ------------------------------------------------------------------
+    // POST /create — create a new managed instance
+    // ------------------------------------------------------------------
+    app.post("/create", async (c) => {
+        if (!assertSecret(c.req.header("authorization"), config.provisionSecret)) {
+            return c.json({ error: "Unauthorized" }, 401);
+        }
+        if (!container.fleet) {
+            return c.json({ error: "Fleet management not configured" }, 501);
+        }
+        const body = await c.req.json();
+        const { tenantId, subdomain } = body;
+        if (!tenantId || !subdomain) {
+            return c.json({ error: "Missing required fields: tenantId, subdomain" }, 422);
+        }
+        // Billing gate — require positive credit balance before provisioning
+        const balance = await container.creditLedger.balance(tenantId);
+        if (typeof balance === "object" && "isZero" in balance) {
+            const bal = balance;
+            if (bal.isZero() || bal.isNegative()) {
+                return c.json({ error: "Insufficient credits: add funds before creating an instance" }, 402);
+            }
+        }
+        // Instance limit gate
+        const { profileStore, manager: fleet, proxy } = container.fleet;
+        if (config.maxInstancesPerTenant > 0) {
+            const profiles = await profileStore.list();
+            const tenantInstances = profiles.filter((p) => p.tenantId === tenantId);
+            if (tenantInstances.length >= config.maxInstancesPerTenant) {
+                return c.json({ error: `Instance limit reached: maximum ${config.maxInstancesPerTenant} per tenant` }, 403);
+            }
+        }
+        // Create the Docker container
+        const instance = await fleet.create({
+            tenantId,
+            name: subdomain,
+            description: `Managed instance for ${subdomain}`,
+            image: config.instanceImage,
+            env: {
+                PORT: String(config.containerPort),
+                PROVISION_SECRET: config.provisionSecret,
+                HOSTED_MODE: "true",
+                DEPLOYMENT_MODE: "hosted_proxy",
+                DEPLOYMENT_EXPOSURE: "private",
+                MIGRATION_AUTO_APPLY: "true",
+            },
+            restartPolicy: "unless-stopped",
+            releaseChannel: "stable",
+            updatePolicy: "manual",
+        });
+        // Register proxy route — container name must match FleetManager naming convention
+        const prefix = config.containerPrefix ?? "wopr";
+        const containerName = `${prefix}-${subdomain}`;
+        await proxy.addRoute({
+            instanceId: instance.id,
+            subdomain,
+            upstreamHost: containerName,
+            upstreamPort: config.containerPort,
+            healthy: true,
+        });
+        return c.json({
+            ok: true,
+            instanceId: instance.id,
+            subdomain,
+            containerUrl: `http://${containerName}:${config.containerPort}`,
+        }, 201);
+    });
+    // ------------------------------------------------------------------
+    // POST /destroy — tear down a managed instance
+    // ------------------------------------------------------------------
+    app.post("/destroy", async (c) => {
+        if (!assertSecret(c.req.header("authorization"), config.provisionSecret)) {
+            return c.json({ error: "Unauthorized" }, 401);
+        }
+        if (!container.fleet) {
+            return c.json({ error: "Fleet management not configured" }, 501);
+        }
+        const body = await c.req.json();
+        const { instanceId } = body;
+        if (!instanceId) {
+            return c.json({ error: "Missing required field: instanceId" }, 422);
+        }
+        const { manager: fleet, proxy, serviceKeyRepo } = container.fleet;
+        // Revoke gateway service key
+        await serviceKeyRepo.revokeByInstance(instanceId);
+        // Remove the Docker container
+        try {
+            await fleet.remove(instanceId);
+        }
+        catch {
+            // Container may already be gone — continue cleanup
+        }
+        // Remove proxy route
+        proxy.removeRoute(instanceId);
+        return c.json({ ok: true });
+    });
+    // ------------------------------------------------------------------
+    // PUT /budget — update a container's spending budget
+    // ------------------------------------------------------------------
+    app.put("/budget", async (c) => {
+        if (!assertSecret(c.req.header("authorization"), config.provisionSecret)) {
+            return c.json({ error: "Unauthorized" }, 401);
+        }
+        if (!container.fleet) {
+            return c.json({ error: "Fleet management not configured" }, 501);
+        }
+        const body = await c.req.json();
+        const { instanceId, tenantEntityId, budgetCents } = body;
+        if (!instanceId || !tenantEntityId || budgetCents === undefined) {
+            return c.json({ error: "Missing required fields: instanceId, tenantEntityId, budgetCents" }, 422);
+        }
+        const { manager: fleet } = container.fleet;
+        const status = await fleet.status(instanceId);
+        if (status.state !== "running") {
+            return c.json({ error: "Instance not running" }, 503);
+        }
+        return c.json({ ok: true, instanceId, budgetCents });
+    });
+    return app;
+}

package/dist/server/routes/stripe-webhook.d.ts

@@ -0,0 +1,10 @@
+import { Hono } from "hono";
+import type { PlatformContainer } from "../container.js";
+/**
+ * Stripe webhook route factory.
+ *
+ * Delegates to `container.stripe.processor.handleWebhook()` which
+ * calls `stripe.webhooks.constructEvent()` internally for signature
+ * verification.
+ */
+export declare function createStripeWebhookRoutes(container: PlatformContainer): Hono;

package/dist/server/routes/stripe-webhook.js

@@ -0,0 +1,29 @@
+import { Hono } from "hono";
+/**
+ * Stripe webhook route factory.
+ *
+ * Delegates to `container.stripe.processor.handleWebhook()` which
+ * calls `stripe.webhooks.constructEvent()` internally for signature
+ * verification.
+ */
+export function createStripeWebhookRoutes(container) {
+    const routes = new Hono();
+    routes.post("/", async (c) => {
+        if (!container.stripe) {
+            return c.json({ error: "Stripe not configured" }, 501);
+        }
+        const rawBody = Buffer.from(await c.req.arrayBuffer());
+        const sig = c.req.header("stripe-signature");
+        if (!sig) {
+            return c.json({ error: "Missing stripe-signature header" }, 400);
+        }
+        try {
+            const result = await container.stripe.processor.handleWebhook(rawBody, sig);
+            return c.json({ ok: true, result }, 200);
+        }
+        catch {
+            return c.json({ error: "Webhook processing failed" }, 400);
+        }
+    });
+    return routes;
+}

package/dist/server/services/hot-pool-claim.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Atomic hot pool claiming.
+ *
+ * Uses IPoolRepository for all DB operations. No raw pool.query().
+ */
+import type { PlatformContainer } from "../container.js";
+import type { IPoolRepository } from "./pool-repository.js";
+export interface ClaimConfig {
+    /** Shared secret for provision auth. */
+    provisionSecret: string;
+    /** Container name prefix. Default: "wopr". */
+    containerPrefix?: string;
+}
+export interface ClaimAdminUser {
+    id: string;
+    email: string;
+    name: string;
+}
+export interface ClaimResult {
+    id: string;
+    name: string;
+    subdomain: string;
+}
+/**
+ * Claim a warm pool instance, rename it, create a fleet profile,
+ * and register the proxy route.
+ *
+ * Returns the claim result on success, or null if the pool is empty.
+ */
+export declare function claimPoolInstance(container: PlatformContainer, repo: IPoolRepository, name: string, tenantId: string, _adminUser: ClaimAdminUser, config?: ClaimConfig): Promise<ClaimResult | null>;