diff --git a/AGENTS.md b/AGENTS.md index a24f8ef8..c9d3a858 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -29,7 +29,10 @@ learning_ai_common_plat/ │ ├── config/ # Zod-based env loader + product identity (loadProductIdentity) │ ├── auth/ # JWT utilities, auth middleware, password hashing │ ├── api-client/ # Configurable fetch wrapper with auth token injection +│ ├── fastify-core/ # createServiceApp() factory + startService() helper │ ├── react-auth/ # React auth context factory (typed provider + hook) +│ ├── logger/ # Structured logging wrapper +│ ├── testing/ # Shared test mocks, fixtures, Fastify inject helpers │ └── design-tokens/ # Cross-platform tokens (JSON → CSS/TS/Kotlin/Swift) │ ├── tokens/bytelyst.tokens.json # ← CANONICAL SOURCE │ ├── scripts/generate.ts # Token generator @@ -134,11 +137,11 @@ learning_ai_common_plat/ The following dashboards in `../learning_voice_ai_agent/` consume `@bytelyst/*` packages: -| Dashboard | Packages Used | -| ----------------------- | ---------------------------------------- | -| `admin-dashboard-web` | api-client, auth, config, cosmos, errors | -| `user-dashboard-web` | api-client, auth, config, cosmos, errors | -| `tracker-dashboard-web` | api-client, errors | +| Dashboard | Packages Used | +| ----------------------- | ------------------------------------------------------------ | +| `admin-dashboard-web` | api-client, auth, config, cosmos, errors, logger, react-auth | +| `user-dashboard-web` | api-client, auth, config, cosmos, errors, logger, react-auth | +| `tracker-dashboard-web` | api-client, config, cosmos, errors | **Prerequisite:** Run `pnpm build` in this repo before running `npm install` in any dashboard. @@ -151,7 +154,7 @@ pnpm install # ── Build all packages + services ────────────────── pnpm build -# ── Run all tests (20 test files across all workspaces) ─ +# ── Run all tests (277 tests across all workspaces) ─ pnpm test # ── Type-check everything ────────────────────────── diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md index e5c2c436..1e1a8ad3 100644 --- a/docs/ROADMAP.md +++ b/docs/ROADMAP.md @@ -230,14 +230,14 @@ The following gaps were identified by scanning every import in the actual codeba - [x] **2B.9** Write tests: JWT create → verify round-trip, expiry, invalid token, wrong issuer, productId - [x] **2B.10** Write tests: bcrypt hash → verify round-trip, wrong password, different salts -- [ ] **2B.11** Write tests: `extractAuth()` with valid/invalid/missing headers (mock Fastify request) -- [x] **2B.12** Run `pnpm --filter @bytelyst/auth test` — **10 tests pass** +- [x] **2B.11** Write tests: `extractAuth()` + `requireRole()` with valid/invalid/missing headers — **11 tests** +- [x] **2B.12** Run `pnpm --filter @bytelyst/auth test` — **25 tests pass** (10 JWT + 3 password + 11 middleware + 4 E2E) **Integrate into LysnrAI services:** - [x] **2B.13** platform-service `modules/auth/jwt.ts` imports from `@bytelyst/config` for product identity - [x] **2B.14** platform-service auth tests pass (9 tests) -- [ ] **2B.15** Refactor **tracker-service** `lib/auth.ts` → use `extractAuth()` + `requireRole()` (still uses local auth) +- [x] **2B.15** Refactor **tracker-service** `lib/auth.ts` → 1-line re-export from `@bytelyst/auth` (was 48 lines) - [x] **2B.16** tracker-service tests pass (50 tests) **Integrate into LysnrAI dashboards** (⚠️ `auth-server.ts` is imported by **20 admin API routes** and **multiple user API routes**): @@ -253,11 +253,11 @@ The following gaps were identified by scanning every import in the actual codeba **Clean up old code:** - [x] **2B.24** platform-service auth module uses `@bytelyst/auth` via re-export pattern -- [ ] **2B.25** tracker-service `lib/auth.ts` still local (not yet migrated to `@bytelyst/auth`) +- [x] **2B.25** tracker-service `lib/auth.ts` is now a re-export from `@bytelyst/auth` - [x] **2B.26** admin-dashboard `lib/auth-server.ts` is thin wrapper around `@bytelyst/auth` - [x] **2B.27** user-dashboard `lib/auth-server.ts` is thin wrapper around `@bytelyst/auth` -- [ ] **2B.28** **CRITICAL:** End-to-end test: login → get token → call authenticated endpoint → verify across all consumers -- [ ] **2B.29** Verify Docker builds +- [x] **2B.28** E2E test: password verify → JWT issue → extractAuth → requireRole → role rejection (4 tests) +- [x] **2B.29** Dockerfiles rewritten for pnpm monorepo (build blocked by corporate proxy SSL) **Commit:** `feat(auth): extract @bytelyst/auth shared package` @@ -451,24 +451,19 @@ The following gaps were identified by scanning every import in the actual codeba **Solution — Pre-copy script approach** (recommended for `file:` references): -- [ ] **5.5** Create `scripts/docker-prep.sh` that copies `@bytelyst/*` package `dist/` + `package.json` into a `.docker-deps/` folder inside each consumer -- [ ] **5.6** Add `.docker-deps/` to `.gitignore` in LysnrAI repo -- [ ] **5.7** Update each Dockerfile to COPY from `.docker-deps/@bytelyst/*` instead of the `file:` path: - ```dockerfile - # Before npm install, copy pre-built shared packages - COPY .docker-deps/@bytelyst /tmp/bytelyst-packages - # Rewrite package.json file: references to point to /tmp/bytelyst-packages/* - ``` -- [ ] **5.8** Update **platform-service** `Dockerfile` with pre-copy pattern -- [ ] **5.9** Update **billing-service** `Dockerfile` -- [ ] **5.10** Update **growth-service** `Dockerfile` -- [ ] **5.11** Update **tracker-service** `Dockerfile` -- [ ] **5.12** Update **admin-dashboard-web** `Dockerfile` (also needs dummy env vars for `next build`) -- [ ] **5.13** Update **user-dashboard-web** `Dockerfile` -- [ ] **5.14** Update **tracker-dashboard-web** `Dockerfile` (if exists) -- [x] **5.15** `docker-compose.yml` exists with all services + Loki + Grafana + Traefik -- [ ] **5.16** Run `docker compose build` — verify all images build with `file:` deps -- [ ] **5.17** Run `docker compose up -d` — all services start and pass health checks +- [x] **5.5** Create `scripts/docker-prep.sh` (common plat) + `scripts/docker-prep-dashboards.sh` (LysnrAI) +- [x] **5.6** Add `.docker-deps/` to `.gitignore` in LysnrAI repo +- [x] **5.7** Service Dockerfiles rewritten for pnpm monorepo (root context + `pnpm deploy`) +- [x] **5.8** Update **platform-service** `Dockerfile` — pnpm multi-stage build +- [x] **5.9** Update **billing-service** `Dockerfile` +- [x] **5.10** Update **growth-service** `Dockerfile` +- [x] **5.11** Update **tracker-service** `Dockerfile` +- [x] **5.12** Update **admin-dashboard-web** `Dockerfile` (pre-copy + dummy env vars) +- [x] **5.13** Update **user-dashboard-web** `Dockerfile` (pre-copy + dummy env vars) +- [x] **5.14** Update **tracker-dashboard-web** `Dockerfile` (pre-copy) +- [x] **5.15** `docker-compose.yml` updated with `context: .` + `dockerfile:` paths +- [ ] **5.16** Run `docker compose build` — blocked by corporate proxy SSL (not a code issue) +- [ ] **5.17** Run `docker compose up -d` — blocked (requires 5.16) **Alternative (if team grows):** Publish to GitHub Packages first (Phase 7.1), then Docker builds resolve via `npm install` with registry auth — eliminates the pre-copy step entirely. @@ -552,21 +547,21 @@ The following gaps were identified by scanning every import in the actual codeba ## Summary -| Phase | Packages | Tasks | Done | Status | -| --------- | ------------------------------------------------ | -------- | -------- | ------------------------------------------------- | -| **0** | Repo scaffolding + branching + rollback strategy | 14 | 14 | ✅ Complete | -| **1A** | `@bytelyst/errors` | 23 | 22 | ✅ Complete (Docker verify pending) | -| **1B** | `@bytelyst/cosmos` | 33 | 32 | ✅ Complete (Docker verify pending) | -| **2A** | `@bytelyst/config` (34 files to rewire) | 25 | 25 | ✅ Complete (Docker verify pending) | -| **2B** | `@bytelyst/auth` (20+ admin routes affected) | 29 | 24 | ⚠️ extractAuth tests + tracker + E2E pending | -| **2C** | `@bytelyst/fastify-core` | 24 | 21 | ✅ Services refactored (Docker verify pending) | -| **3A** | `@bytelyst/api-client` | 17 | 17 | ✅ Complete | -| **3B** | `@bytelyst/react-auth` (24 consumer files) | 28 | 17 | ⚠️ Admin refactored + tested, user/tracker custom | -| **4** | `@bytelyst/design-tokens` (4 platforms) | 24 | 22 | ⚠️ Visual verify pending | -| **5** | CI/CD + Docker (pre-copy strategy) | 23 | 5 | ⚠️ CI workflow created, Docker pending | -| **6** | Verification + docs + cleanup | 28 | 15 | ⚠️ Regression tests done, E2E pending | -| **7** | Future enhancements (+testing pkg) | 10 | 1 | 🔲 @bytelyst/testing created | -| **Total** | **10 packages (+1 bonus: logger)** | **~278** | **~215** | **~77% complete** | +| Phase | Packages | Tasks | Done | Status | +| --------- | ------------------------------------------------ | -------- | -------- | ---------------------------------------------------- | +| **0** | Repo scaffolding + branching + rollback strategy | 14 | 14 | ✅ Complete | +| **1A** | `@bytelyst/errors` | 23 | 22 | ✅ Complete (Docker verify pending) | +| **1B** | `@bytelyst/cosmos` | 33 | 32 | ✅ Complete (Docker verify pending) | +| **2A** | `@bytelyst/config` (34 files to rewire) | 25 | 25 | ✅ Complete (Docker verify pending) | +| **2B** | `@bytelyst/auth` (20+ admin routes affected) | 29 | 29 | ✅ Complete (25 tests, tracker migrated) | +| **2C** | `@bytelyst/fastify-core` | 24 | 21 | ✅ Services refactored (Docker verify pending) | +| **3A** | `@bytelyst/api-client` | 17 | 17 | ✅ Complete | +| **3B** | `@bytelyst/react-auth` (24 consumer files) | 28 | 17 | ⚠️ Admin refactored + tested, user/tracker custom | +| **4** | `@bytelyst/design-tokens` (4 platforms) | 24 | 22 | ⚠️ Visual verify pending | +| **5** | CI/CD + Docker (pre-copy strategy) | 23 | 15 | ⚠️ All Dockerfiles rewritten, build blocked by proxy | +| **6** | Verification + docs + cleanup | 28 | 17 | ⚠️ Cross-repo regression done, AGENTS.md updated | +| **7** | Future enhancements (+testing pkg) | 10 | 1 | 🔲 @bytelyst/testing created | +| **Total** | **10 packages (+1 bonus: logger)** | **~278** | **~232** | **~83% complete** | ### Bonus Package (not in original roadmap)