Chore/evault pitstop refactor (#395)

* chore: move eVault chore architecture to multi-tenant

* chore: add tests

* feat: mark verification code as consumed after linking

* test: verify verification record is marked as consumed

* feat: add UUID validation for namespace in provisioning and made W3ID generation deterministic again.

* chore: fix build

* chore: attempt to fix CI fail on tests

* fix: CI to rebuild native modules

* fix: add rebuild command and remove docker buildx

* chore: fix code review problems

* chore: add workflow to run registry tests on CI

* chore; pnpm lock

* chore: remove commented out stale code

* chore: run format

* chore: fix more review comments, and add test to make sure eName is always deterministic

* chore: fix pnpm lock

---------

Co-authored-by: Patrick Fischer <[email protected]>

Author: coodos

.github/workflows/tests-evault-core.yml

@@ -23,12 +23,34 @@ jobs:
         with:
           node-version: 22
 
+      - name: Install build dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y build-essential python3
+
       - name: Install pnpm
         run: npm install -g pnpm
 
       - name: Install dependencies
         run: pnpm install
 
+      - name: Clean and rebuild ssh2 native module
+        run: |
+          # Remove any pre-built binaries that might be incompatible
+          find node_modules -name "sshcrypto.node" -delete 2>/dev/null || true
+          find node_modules -path "*/ssh2/lib/protocol/crypto/build/Release/sshcrypto.node" -delete 2>/dev/null || true
+          # Rebuild ssh2 specifically for this platform
+          pnpm rebuild ssh2
+          # Rebuild all other native modules
+          pnpm rebuild
+
       - name: Run tests
+        env:
+          CI: true
+          GITHUB_ACTIONS: true
+          DOCKER_HOST: unix:///var/run/docker.sock
+          TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE: /var/run/docker.sock
+          TESTCONTAINERS_RYUK_DISABLED: false
+          TESTCONTAINERS_HOST_OVERRIDE: localhost
         run: pnpm -F=evault-core test
 

.github/workflows/tests-registry.yml

@@ -0,0 +1,56 @@
+name: Tests [registry]
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - 'platforms/registry/**'
+  pull_request:
+    branches: [main]
+    paths:
+      - 'platforms/registry/**'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js 22
+        uses: actions/setup-node@v4
+        with:
+          node-version: 22
+
+      - name: Install build dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y build-essential python3
+
+      - name: Install pnpm
+        run: npm install -g pnpm
+
+      - name: Install dependencies
+        run: pnpm install
+
+      - name: Clean and rebuild ssh2 native module
+        run: |
+          # Remove any pre-built binaries that might be incompatible
+          find node_modules -name "sshcrypto.node" -delete 2>/dev/null || true
+          find node_modules -path "*/ssh2/lib/protocol/crypto/build/Release/sshcrypto.node" -delete 2>/dev/null || true
+          # Rebuild ssh2 specifically for this platform
+          pnpm rebuild ssh2
+          # Rebuild all other native modules
+          pnpm rebuild
+
+      - name: Run tests
+        env:
+          CI: true
+          GITHUB_ACTIONS: true
+          DOCKER_HOST: unix:///var/run/docker.sock
+          TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE: /var/run/docker.sock
+          TESTCONTAINERS_RYUK_DISABLED: false
+          TESTCONTAINERS_HOST_OVERRIDE: localhost
+        run: pnpm -F=registry test
+

.gitignore

@@ -40,6 +40,9 @@ yarn-error.log*
 # Misc
 .DS_Store
 *.pem
- 
 
-evault-cache.json
+
+evault-cache.json
+
+.pnpm-store
+.pnpm-store/

Dockerfile.dev

@@ -0,0 +1,21 @@
+FROM node:20-alpine
+
+WORKDIR /app
+
+# Install pnpm
+RUN npm install -g [email protected]
+
+# Copy entrypoint script
+COPY docker-entrypoint.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/docker-entrypoint.sh
+
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# Copy only root config files - source code comes via volumes
+# This keeps the image small and export fast
+COPY package.json pnpm-lock.yaml pnpm-workspace.yaml turbo.json ./
+
+# Note: Dependencies are installed on first container run via entrypoint script
+# This avoids huge layer exports during build. Volumes mount source code,
+# and entrypoint ensures deps are installed before running commands.
+

dev-docker-compose.README.md

@@ -0,0 +1,89 @@
+# Dev Docker Compose
+
+This docker-compose file sets up the development environment for the Metastate project.
+
+## Core Services (Always Running)
+
+- **registry** - Runs on port 4321
+- **evault-core** - Runs on ports 3001 (Express/Provisioning) and 4000 (Fastify/GraphQL)
+- **neo4j** - Runs on ports 7474 (HTTP) and 7687 (Bolt) for graph data storage
+- **postgres** - Runs on port 5432 with multiple databases pre-created
+
+## Optional Platform Services
+
+Use Docker Compose profiles to enable optional platforms:
+
+### Available Profiles
+
+- `pictique` - Pictique API (port 1111)
+- `evoting` - eVoting API (port 4000)
+- `dreamsync` - DreamSync API (port 4001)
+- `cerberus` - Cerberus (port 3002)
+- `group-charter` - Group Charter Manager API (port 3003)
+- `blabsy` - Blabsy W3DS Auth API (port 3000)
+- `ereputation` - eReputation (port 5000)
+- `marketplace` - Marketplace (port 5001)
+- `all` - Enable all optional platforms at once
+
+## Usage
+
+### Start core services only:
+```bash
+docker compose -f dev-docker-compose.yaml up
+```
+
+### Start with specific platforms:
+```bash
+# Single platform
+docker compose -f dev-docker-compose.yaml --profile pictique up
+
+# Multiple platforms
+docker compose -f dev-docker-compose.yaml --profile pictique --profile evoting up
+
+# All platforms
+docker compose -f dev-docker-compose.yaml --profile all up
+```
+
+### Background mode:
+```bash
+docker compose -f dev-docker-compose.yaml --profile pictique up -d
+```
+
+### Stop services:
+```bash
+docker compose -f dev-docker-compose.yaml down
+```
+
+### View logs:
+```bash
+# All services
+docker compose -f dev-docker-compose.yaml logs -f
+
+# Specific service
+docker compose -f dev-docker-compose.yaml logs -f registry
+```
+
+## Environment Variables
+
+Create a `.env` file in the project root with your configuration:
+
+```env
+# Registry
+REGISTRY_SHARED_SECRET=your-secret-here
+PUBLIC_REGISTRY_URL=http://localhost:4321
+
+# Database URLs (optional - defaults are provided)
+REGISTRY_DATABASE_URL=postgresql://postgres:postgres@postgres:5432/registry
+NEO4J_URI=bolt://neo4j:7687
+NEO4J_USER=neo4j
+NEO4J_PASSWORD=neo4j
+```
+
+## Notes
+
+- All services mount the source code for hot-reload development
+- Node modules are stored in Docker volumes to avoid host conflicts
+- PostgreSQL automatically creates all required databases on first startup
+- Services wait for database health checks before starting
+
+