Feat/docker compose and docs

[coodos]

Description of change

add a better compose and fix documentation

Issue Number

Type of change

• Update (a change which updates existing functionality)
• Fix (a change which fixes an issue)

How the change has been tested

Tests

Change checklist

• I have ensured that the CI Checks pass locally
• I have removed any unnecessary logic
• My code is well documented
• I have signed my commits
• My code follows the pattern of the application
• I have self reviewed my code

Summary by CodeRabbit

• New Features
  • Added example GraphQL queries and mutations for easier API exploration in the playground.
  • Updated the GraphQL API to return full meta-envelope objects (not just IDs) when searching by ontology.
  • Enhanced the GraphQL playground with default example queries for quicker testing.
  • Introduced new npm scripts for development and building the eVault core service.
  • Added a new npm script to run the eVault service with Docker Compose in watch mode.
  • Added a new Docker Compose configuration with multi-service setup for eVault and Neo4j.
  • Introduced a multi-stage Dockerfile for optimized eVault core development and deployment.
• Refactor
  • Refactored server initialization into a dedicated class for improved structure and maintainability.
  • Improved internal data fetching methods to return enriched meta-envelope data with parsed payloads.
• Bug Fixes
  • Improved access control logic for meta-envelope queries.
  • Tests now use dynamic ports and provide more robust unauthorized access scenarios.
• Chores
  • Added a .dockerignore file to optimize Docker builds.
  • Removed obsolete Neo4j Docker Compose configuration.

[coderabbitai]

Walkthrough

This update introduces multiple changes across the codebase. A new .dockerignore file is added to streamline Docker builds by excluding unnecessary files and directories. The Docker Compose configuration for Neo4j is removed and replaced with a new multi-service Docker Compose setup including both evault and neo4j. The evault-core package receives new scripts and specifies the package manager version. Its main entrypoint is refactored into an EVault class for improved initialization and startup. The database service is enhanced with new and updated methods for retrieving meta-envelope data. The GraphQL schema and server are updated to support richer queries, including example queries for developers. Access guard logic is refined, and end-to-end tests are improved for dynamic port allocation and unauthorized access scenarios. A new Dockerfile for evault-core is added to support multi-stage builds.

Changes

File(s)	Change Summary
.dockerignore	Added to exclude build artifacts, dependency directories, environment files, logs, IDE configs, and OS junk from Docker context.
infrastructure/evault-core/docker-compose.yml	Removed Docker Compose configuration for Neo4j, including service, volume, and network definitions.
evault.docker-compose.yml	Added new Docker Compose file defining evault and neo4j services with build, environment, ports, volumes, networks, and development watch configurations.
docker/Dockerfile.evault	Added new multi-stage Dockerfile for evault-core with dependency caching and project pruning for optimized builds.
infrastructure/evault-core/package.json	Added build and dev scripts, specified package manager version [email protected], and added dev:evault script in root package.json.
infrastructure/evault-core/src/db/db.service.ts	Refactored constructor, added findMetaEnvelopesByIds, and updated findMetaEnvelopesByOntology to return full objects with envelopes and parsed payloads.
infrastructure/evault-core/src/evault.ts	Refactored main entrypoint into EVault class for server initialization and startup; loads environment variables from .env.
infrastructure/evault-core/src/protocol/examples/examples.ts	Added file exporting a string of example GraphQL queries and mutations for developer reference.
infrastructure/evault-core/src/protocol/graphql-server.ts	Enhanced GraphQLServer with a server property, refactored server instantiation, and set default GraphiQL query to provided examples.
infrastructure/evault-core/src/protocol/typedefs.ts	Changed findMetaEnvelopesByOntology query return type from [String!]! to [MetaEnvelope!]! in GraphQL schema.
infrastructure/evault-core/src/protocol/vault-access-guard.ts	Updated access filtering to use typed MetaEnvelope[], simplified ACL checks, and removed early return for missing user.
infrastructure/evault-core/tests/evault.spec.ts	Modified tests to use dynamic ports and added a scenario for unauthorized access with restricted ACLs.
infrastructure/evault-core/tests/utils/mock-storage.ts	Reformatted code for consistent indentation and style; no logic changes.
.env.example	Added example environment file with placeholders for Neo4j connection and eVault port.
.github/workflows/tests-evault-core.yml	Updated PR trigger paths to watch infrastructure/evault-core/** instead of infrastructure/w3id/**.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant EVault
    participant GraphQLServer
    participant DbService
    participant Neo4j

    User->>EVault: Start server
    EVault->>GraphQLServer: Initialize with DbService
    EVault->>Neo4j: Connect via driver
    User->>GraphQLServer: GraphQL Query (e.g., findMetaEnvelopesByOntology)
    GraphQLServer->>DbService: findMetaEnvelopesByOntology(ontology)
    DbService->>Neo4j: Query meta-envelopes by ontology
    Neo4j-->>DbService: Return meta-envelope records
    DbService->>GraphQLServer: Return meta-envelope objects with parsed payloads
    GraphQLServer->>User: Respond with meta-envelope data

Loading

Poem

In the garden of code, a rabbit hops near,
New scripts and classes, the changes are clear!
Docker ignores clutter, the Compose file is gone,
The Vault now starts clean, with a class to build on.
GraphQL grows smarter, with queries to try,
And tests keep us safe as the code multiplies.
🐇✨ Hooray for the vault—now let’s watch it fly!

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 298a0e6 and 6484f20.

📒 Files selected for processing (1)

• docker/Dockerfile.evault (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• docker/Dockerfile.evault

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (5)

package.json (1)

13-13: New development script added for eVault environment

The new dev:evault script provides an easy way to start the environment using Docker Compose with the watch flag.

Note: The indentation uses spaces while the rest of the file uses tabs, which creates an inconsistency in formatting.

-        "dev:evault": "docker compose -f  evault.docker-compose.yml up --watch"
+		"dev:evault": "docker compose -f evault.docker-compose.yml up --watch"

infrastructure/evault-core/package.json (1)

19-21: Consider removing redundant dependency.

You've added nodemon as a dependency, but you're not using it in any of your scripts. Instead, you're using Node.js built-in watch mode in the dev script. Consider removing this dependency to keep the package lean.

 "devDependencies": {
     "@types/json-schema": "^7.0.15",
     "@types/node": "^22.13.10",
     "dotenv": "^16.5.0",
-    "nodemon": "^3.1.9",
     "testcontainers": "^10.24.2",
     "ts-node": "^10.9.2",

infrastructure/evault-core/src/evault.ts (2)

14-16: Consider adding validation for environment variables.

For critical connection parameters like Neo4j credentials, consider adding validation to ensure they're properly set, especially in production environments.

 constructor() {
     const uri = process.env.NEO4J_URI || "bolt://localhost:7687";
     const user = process.env.NEO4J_USER || "neo4j";
     const password = process.env.NEO4J_PASSWORD || "neo4j";
+    
+    // Log configuration source for debugging
+    if (!process.env.NEO4J_URI || !process.env.NEO4J_USER || !process.env.NEO4J_PASSWORD) {
+        console.warn("Using default Neo4j connection parameters. Set NEO4J_URI, NEO4J_USER, and NEO4J_PASSWORD environment variables for custom configuration.");
+    }

---

24-30: Consider graceful shutdown handling.

The start method sets up the server nicely, but there's no corresponding method for graceful shutdown. This would be important for proper resource cleanup, especially for the Neo4j driver.

 start() {
     const port = process.env.PORT ?? 4000;
     this.server.listen(port, () => {
         console.log(`GraphQL Server started on http://localhost:${port}`);
         console.log(`Voyager started on http://localhost:${port}`);
     });
 }
+
+stop() {
+    return new Promise<void>((resolve, reject) => {
+        if (!this.server) {
+            resolve();
+            return;
+        }
+        
+        this.server.close((err) => {
+            if (err) {
+                reject(err);
+                return;
+            }
+            console.log('Server stopped gracefully');
+            resolve();
+        });
+    });
+}

infrastructure/evault-core/src/protocol/vault-access-guard.ts (1)

113-113: Remove commented-out console.log.

There's a commented-out console.log statement that should be either removed or properly implemented if it serves a debugging purpose.

-            // console.log

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6fdb407 and 2737b21.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (12)

• .dockerignore (1 hunks)
• infrastructure/evault-core/docker-compose.yml (0 hunks)
• infrastructure/evault-core/package.json (1 hunks)
• infrastructure/evault-core/src/db/db.service.ts (3 hunks)
• infrastructure/evault-core/src/evault.ts (1 hunks)
• infrastructure/evault-core/src/protocol/examples/examples.ts (1 hunks)
• infrastructure/evault-core/src/protocol/graphql-server.ts (1 hunks)
• infrastructure/evault-core/src/protocol/typedefs.ts (1 hunks)
• infrastructure/evault-core/src/protocol/vault-access-guard.ts (3 hunks)
• infrastructure/evault-core/tests/evault.spec.ts (5 hunks)
• infrastructure/evault-core/tests/utils/mock-storage.ts (1 hunks)
• package.json (1 hunks)

💤 Files with no reviewable changes (1)

• infrastructure/evault-core/docker-compose.yml

🧰 Additional context used

🧬 Code Graph Analysis (3)

infrastructure/evault-core/src/db/db.service.ts (2)

infrastructure/evault-core/src/db/types.ts (2)

• MetaEnvelopeResult (25-33)
• Envelope (14-19)

infrastructure/evault-core/src/db/schema.ts (1)

• deserializeValue (75-84)

infrastructure/evault-core/src/protocol/graphql-server.ts (4)

infrastructure/evault-core/src/db/db.service.ts (1)

• DbService (18-396)

infrastructure/evault-core/src/protocol/vault-access-guard.ts (2)

• VaultAccessGuard (10-118)
• VaultContext (6-8)

infrastructure/evault-core/src/protocol/examples/examples.ts (1)

• exampleQueries (1-112)

infrastructure/w3id/src/utils/jwt.ts (1)

• getJWTHeader (86-89)

infrastructure/evault-core/src/protocol/vault-access-guard.ts (1)

infrastructure/evault-core/src/db/types.ts (1)

• MetaEnvelope (4-9)

🔇 Additional comments (21)

.dockerignore (1)

1-40: Well-structured .dockerignore file for optimized Docker builds

This new file is appropriately configured to exclude unnecessary files and directories from the Docker build context. The organization with clear section comments (Node cruft, Dependency locks, Logs & temp, etc.) makes it easy to understand what's being excluded and why.

The exclusions will help:

• Reduce Docker image size
• Speed up build times
• Prevent sensitive files (like .env) from being included
• Handle the monorepo structure correctly by specifically excluding node_modules in apps/* and packages/*

infrastructure/evault-core/src/protocol/examples/examples.ts (1)

1-112: Excellent documentation of GraphQL API capabilities

These comprehensive example queries serve as an excellent reference for developers to understand the full capabilities of the eVault GraphQL API. The examples are:

• Well-organized with clear section headers
• Cover all CRUD operations (create, read, update, delete)
• Include descriptive comments about functionality
• Showcase proper parameter usage and expected outputs

This will significantly improve the developer experience and reduce the learning curve for working with the API.

infrastructure/evault-core/tests/utils/mock-storage.ts (1)

4-59: Consistent code formatting improvements

The changes in this file are purely formatting-related, with consistent indentation using spaces and adding trailing commas. This improves code readability and maintainability without changing any functionality.

These formatting improvements align with the broader codebase refinements seen in other files of this PR.

infrastructure/evault-core/src/protocol/typedefs.ts (1)

26-26: Enhanced API response with richer data structure

The return type for the findMetaEnvelopesByOntology query has been improved from just returning IDs ([String!]!) to returning full MetaEnvelope objects ([MetaEnvelope!]!).

This is a significant enhancement that:

• Reduces the need for additional API calls to get envelope details
• Provides more comprehensive data in a single query
• Aligns with the database service updates made elsewhere in the codebase
• Supports the example queries added in the new examples.ts file

infrastructure/evault-core/package.json (2)

8-9: Excellent addition of build and dev scripts.

The new build script provides a clear way to compile TypeScript, while the dev script leverages Node.js built-in watch mode with tsx for a better development experience.

---

11-11: Good addition of package manager specification.

Adding the packageManager field ensures consistent dependency resolution across development environments, which is particularly important for monorepo projects.

infrastructure/evault-core/tests/evault.spec.ts (4)

34-34: Good practice adding suite-level port variable.

This enables sharing the dynamic port across multiple test cases in the suite.

---

71-71: Excellent use of dynamic port allocation.

Using getFreePort() instead of hardcoded ports prevents test failures due to port conflicts, especially in CI/CD environments or when running tests in parallel.

---

82-82: Correctly updated GraphQL endpoint URL.

Good job updating the endpoint URL to use the dynamically allocated port.

---

132-152: Improved authorization test with realistic scenario.

The enhanced test for unauthorized access is much more thorough, creating a specific envelope with restricted ACL and then verifying access control with a different user. This tests the actual security logic more effectively than the previous approach.

infrastructure/evault-core/src/protocol/graphql-server.ts (5)

2-2: Appropriate addition of Server import.

Adding the Server type import from http module supports the new server property in the class.

---

9-9: Great developer experience improvement.

Importing example queries to populate the GraphiQL interface will help developers understand and use the API more effectively.

---

18-18: Good design choice to store server instance.

Adding this property enables external management of the server lifecycle, which is essential for controlled startup/shutdown and port configuration.

---

112-116: Excellent GraphiQL configuration.

Adding GraphiQL with default example queries significantly improves the developer experience. This aligns well with the PR objective of improving documentation and making the system easier to use.

---

31-146: Well-structured resolver definitions and server initialization.

The refactored code is more readable and follows a consistent formatting style. The server creation now properly stores the instance for external control.

infrastructure/evault-core/src/evault.ts (2)

10-31: Well-designed EVault class with clean separation of concerns.

The EVault class encapsulates server initialization and startup in a clean, maintainable way. Using environment variables with sensible defaults is good practice for configuration. The construction sequence for driver, service, and server is logical and well-organized.

---

8-8:

❓ Verification inconclusive

Verify that the .env path is correct for all environments.

The dotenv configuration points to a path that might not be consistent across all environments, especially in Docker.

---

🏁 Script executed:

#!/bin/bash
# Check if the .env file exists at the specified path relative to the current directory

ENV_PATH=$(node -e "console.log(require('path').resolve(__dirname, '../../../.env'))")
echo "Looking for .env file at: $ENV_PATH"

if [ -f "$ENV_PATH" ]; then
  echo "✓ .env file exists"
else
  echo "✗ .env file does not exist at the specified path"
  
  # Check if there's a .env file elsewhere in the project
  echo "Searching for .env files in the repository..."
  fd -H "\.env$"
fi

Length of output: 423

---

Ensure .env is loaded correctly across all environments

The current call

dotenv.config({ path: path.resolve(__dirname, "../../../.env") });

may resolve to /.env (or a different location) when run from the project root, after compilation (dist), or inside Docker—especially since .env is typically not committed. Please confirm that:

• The .env file is present at the resolved path in both local dev and your Docker/CI containers.
• In your Dockerfile or compose setup, you copy/mount .env into the container at the expected directory.
• At runtime, __dirname points to the same location you anticipate (e.g. dist vs. src).

Alternatively, for more predictable behavior you could:

• Rely on the default dotenv.config() (which loads from process.cwd() + '/.env'),
• Or explicitly use path.resolve(process.cwd(), '.env') instead of __dirname.

File to check:

• infrastructure/evault-core/src/evault.ts:8

infrastructure/evault-core/src/protocol/vault-access-guard.ts (1)

59-60: Good type improvement.

Replacing the generic any[] type with a more specific MetaEnvelope[] improves type safety and code clarity.

infrastructure/evault-core/src/db/db.service.ts (3)

19-26: Constructor refactoring looks good.

The refactoring of the constructor to explicitly declare and assign the driver property is a good practice for clarity and maintainability.

---

180-231: Good implementation of new method for batch retrieval.

The newly added findMetaEnvelopesByIds method is well-implemented with:

• Early return for an empty array of IDs to avoid unnecessary database operations
• Proper type parametrization
• Consistent error handling with other similar methods
• Efficient database query that handles multiple IDs in a single operation

This implementation will help improve performance when fetching multiple meta-envelopes at once.

---

289-332: Excellent enhancement of findMetaEnvelopesByOntology.

The method now returns full meta-envelope objects with parsed payloads instead of just IDs, which provides richer data to clients and reduces the need for additional database queries.

The implementation is consistent with other similar methods in the class, making the codebase more maintainable.

[coderabbitai]

Actionable comments posted: 4

♻️ Duplicate comments (1)

infrastructure/evault-core/src/evault.ts (1)

43-44: Implement proper error handling and graceful shutdown.

The server initialization and startup code lacks error handling and graceful shutdown mechanisms, which can lead to silent failures and resource leaks.

Apply this change to properly handle errors and implement graceful shutdown:

-const evault = new EVault();
-evault.start();
+async function main() {
+    try {
+        const evault = new EVault();
+        evault.start();
+        
+        // Setup graceful shutdown handlers
+        const shutdown = async () => {
+            console.log('Shutting down server...');
+            await evault.stop();
+            process.exit(0);
+        };
+        
+        process.on('SIGINT', shutdown);
+        process.on('SIGTERM', shutdown);
+    } catch (error) {
+        console.error('Failed to start EVault:', error);
+        process.exit(1);
+    }
+}
+
+main();

🧹 Nitpick comments (2)

evault.docker-compose.yml (2)

14-14: Remove trailing whitespace.

There is a trailing whitespace in the networks: line.

-    networks: 
+    networks:

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 14-14: trailing spaces

(trailing-spaces)

---

11-13: Improve environment variable handling.

The current configuration does not provide default values for Neo4j connection parameters, which could cause issues if the variables are not set in the environment.

Consider adding default values or validation for required environment variables:

    environment:
-      - NEO4J_URI=${NEO4J_URI}
-      - NEO4J_USER=${NEO4J_USER}
-      - NEO4J_PASSWORD=${NEO4J_PASSWORD}
+      - NEO4J_URI=${NEO4J_URI:-bolt://neo4j:7687}
+      - NEO4J_USER=${NEO4J_USER:-neo4j}
+      - NEO4J_PASSWORD=${NEO4J_PASSWORD:-password}

Or you could create a .env.example file in the root to document the required variables.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5c7599f and 298a0e6.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (7)

• .env.example (1 hunks)
• .github/workflows/tests-evault-core.yml (1 hunks)
• docker/Dockerfile.evault (1 hunks)
• evault.docker-compose.yml (1 hunks)
• infrastructure/evault-core/package.json (1 hunks)
• infrastructure/evault-core/src/evault.ts (1 hunks)
• infrastructure/evault-core/src/protocol/vault-access-guard.ts (3 hunks)

✅ Files skipped from review due to trivial changes (3)

• .github/workflows/tests-evault-core.yml
• .env.example
• infrastructure/evault-core/package.json

🚧 Files skipped from review as they are similar to previous changes (1)

• infrastructure/evault-core/src/protocol/vault-access-guard.ts

🧰 Additional context used

🪛 YAMLlint (1.35.1)

evault.docker-compose.yml

[error] 14-14: trailing spaces

(trailing-spaces)