Kiro Power added

Author: Abir Ganguly

powers/README.md

@@ -0,0 +1,63 @@
+# ARC by SourceLoop - Kiro Powers
+
+This directory contains [Kiro Powers](https://kiro.dev/powers/) for the ARC microservice catalog. Each power provides specialized context and tools to Kiro agents for working with SourceLoop services.
+
+## Available Powers
+
+| Power | Description |
+|-------|-------------|
+| [`sourceloop`](./sourceloop/) | Core ARC framework, CLI scaffolding, and LoopBack 4 patterns |
+| [`sourceloop-authentication-service`](./sourceloop-authentication-service/) | Multi-tenant authentication with OAuth, MFA, SAML, JWT |
+| [`sourceloop-oidc-service`](./sourceloop-oidc-service/) | OpenID Connect identity server |
+| [`sourceloop-audit-service`](./sourceloop-audit-service/) | Audit logging with S3 archival |
+| [`sourceloop-notification-service`](./sourceloop-notification-service/) | Multi-channel notifications (email, SMS, push, WebSocket) |
+| [`sourceloop-chat-service`](./sourceloop-chat-service/) | Real-time chat messaging with groups |
+| [`sourceloop-in-mail-service`](./sourceloop-in-mail-service/) | Incoming email management |
+| [`sourceloop-video-conferencing-service`](./sourceloop-video-conferencing-service/) | Video conferencing with Vonage and Twilio |
+| [`sourceloop-payment-service`](./sourceloop-payment-service/) | Payments via PayPal, Stripe, Razorpay |
+| [`sourceloop-bpmn-service`](./sourceloop-bpmn-service/) | BPMN workflows with Camunda |
+| [`sourceloop-task-service`](./sourceloop-task-service/) | Event-driven task management (Kafka/SQS/HTTP) |
+| [`sourceloop-scheduler-service`](./sourceloop-scheduler-service/) | Job scheduling and cron tasks |
+| [`sourceloop-search-service`](./sourceloop-search-service/) | Full-text search and filtering |
+| [`sourceloop-survey-service`](./sourceloop-survey-service/) | Surveys, questionnaires, and feedback |
+| [`sourceloop-feature-toggle-service`](./sourceloop-feature-toggle-service/) | Feature flags and toggles |
+| [`sourceloop-user-tenant-service`](./sourceloop-user-tenant-service/) | User and tenant management with RBAC |
+| [`sourceloop-reporting-service`](./sourceloop-reporting-service/) | Report generation with S3 export |
+
+## Installing a Power
+
+In Kiro IDE:
+
+1. Open the Powers panel
+2. Click **Add power from Local Path**
+3. Select the power directory
+
+## Power Structure
+
+Each power contains:
+
+```
+power-name/
+├── POWER.md    # Metadata, documentation, and agent guidance
+└── mcp.json    # MCP server configuration (points to @sourceloop/cli)
+```
+
+The core `sourceloop` power also includes steering files:
+
+```
+sourceloop/
+├── POWER.md
+├── mcp.json
+└── steering/
+    ├── loopback4-patterns.md   # LoopBack 4 conventions and patterns
+    └── cli-usage.md            # ARC CLI command reference
+```
+
+## MCP Server
+
+All powers reference the `@sourceloop/cli` MCP server, which provides tools for:
+
+- Scaffolding monorepos and microservices
+- Adding AWS CDK deployment support
+- Generating Angular and React frontends
+- Updating project dependencies

powers/sourceloop-audit-service/POWER.md

@@ -0,0 +1,246 @@
+---
+name: 'sourceloop-audit-service'
+displayName: 'SourceLoop Audit Service'
+description: 'Track and record user actions with audit logging - inserts, updates, deletes with S3 archival and CSV export capabilities'
+keywords:
+  [
+    'audit',
+    'logging',
+    'audit-trail',
+    'compliance',
+    'tracking',
+    'sourceloop',
+    's3-archival',
+  ]
+author: 'SourceFuse'
+---
+
+# SourceLoop Audit Service
+
+## Overview
+
+A LoopBack 4 microservice for audit logging that tracks and records user actions including inserts, updates, and deletes. Supports S3 archival for long-term storage and CSV export capabilities.
+
+**Key capabilities:**
+
+- **Action Tracking**: Record inserts, updates, and deletes across services
+- **S3 Archival**: Archive audit logs to AWS S3 for compliance
+- **CSV Export**: Export audit data as CSV via ExcelJS
+- **Repository Mixin**: Drop-in audit logging for any repository
+- **Multi-source Retrieval**: Query from both database and archive
+
+## Available MCP Servers
+
+### sourceloop-cli
+
+**Package:** `@sourceloop/cli`
+**Connection:** Local stdio via npx
+
+Use the `microservice` tool with `--baseOnService --baseService=audit-service` to scaffold a new audit service instance.
+
+## Installation
+
+```typescript
+import {AuditServiceComponent} from '@sourceloop/audit-service';
+import {BootMixin} from '@loopback/boot';
+import {ApplicationConfig} from '@loopback/core';
+import {RestApplication} from '@loopback/rest';
+
+export class MyApplication extends BootMixin(RestApplication) {
+  constructor(options: ApplicationConfig = {}) {
+    super(options);
+
+    // Validate required environment variables
+    this.validateAuditEnv();
+
+    try {
+      this.component(AuditServiceComponent);
+      console.log('✅ Audit service loaded successfully');
+    } catch (error) {
+      console.error('❌ Failed to initialize audit service:', error.message);
+      throw error;
+    }
+  }
+
+  private validateAuditEnv() {
+    const required = ['DB_HOST', 'DB_PORT', 'DB_DATABASE'];
+    const missing = required.filter(env => !process.env[env]);
+    if (missing.length > 0) {
+      throw new Error(
+        `Missing required environment variables: ${missing.join(', ')}`,
+      );
+    }
+
+    // Validate S3 config if archival is enabled
+    if (process.env.ENABLE_ARCHIVAL === 'true') {
+      const s3Required = [
+        'AWS_ACCESS_KEY_ID',
+        'AWS_SECRET_ACCESS_KEY',
+        'S3_BUCKET_NAME',
+      ];
+      const s3Missing = s3Required.filter(env => !process.env[env]);
+      if (s3Missing.length > 0) {
+        throw new Error(
+          `S3 archival enabled but missing: ${s3Missing.join(', ')}`,
+        );
+      }
+    }
+  }
+}
+```
+
+## Key Models
+
+- **AuditLog** - Core audit log entry with action, actor, timestamp, before/after data
+- **CustomFilter** - Custom query filters for audit retrieval
+- **MappingLog** - Entity mapping audit records
+- **Job** - Background archival job tracking
+
+## Key Controllers
+
+- **AuditController** - CRUD operations for audit logs, export, archival
+
+## Common Workflows
+
+### Workflow 1: Setup Audit Service
+
+```bash
+npx @sourceloop/cli microservice my-audit \
+  --baseOnService \
+  --baseService=audit-service \
+  --datasourceName=auditdb \
+  --datasourceType=postgresql \
+  --includeMigrations
+
+# After scaffolding, add these verification steps:
+cd my-audit
+
+# Test database connection
+npm run db:ping
+
+# Run migrations and verify
+npm run db:migrate
+npm run db:migrate:status
+
+# Verify service starts
+npm run build
+npm start &
+curl http://localhost:3000/ping
+```
+
+**Critical validation checklist:**
+
+- ✅ Database connectivity verified
+- ✅ All migrations applied successfully
+- ✅ Service starts without errors
+- ✅ Health endpoint responds
+
+### Workflow 2: Add Audit Logging to a Repository
+
+Use the audit mixin from `@sourceloop/audit-log`:
+
+```typescript
+import {AuditRepositoryMixin} from '@sourceloop/audit-log';
+
+export class MyEntityRepository extends AuditRepositoryMixin<
+  MyEntity,
+  typeof MyEntity.prototype.id,
+  MyEntityRelations
+>(DefaultCrudRepository) {
+  constructor(@inject('datasources.db') dataSource: DataSource) {
+    super(MyEntity, dataSource);
+  }
+}
+```
+
+## Best Practices
+
+### Do:
+
+- Archive old audit logs to S3 for cost-effective long-term storage
+- Use the repository mixin for automatic audit logging
+- Index audit logs by actor, action type, and timestamp
+- Configure retention policies for compliance requirements
+
+### Don't:
+
+- Store sensitive data (passwords, tokens) in audit log details
+- Skip audit logging for delete operations
+- Query large audit datasets without filters - use pagination
+
+## Testing
+
+### Unit Tests
+
+```typescript
+import {createStubInstance, expect} from '@loopback/testlab';
+import {AuditLogRepository} from '../repositories';
+import {MyEntityRepository} from '../repositories';
+
+describe('AuditRepositoryMixin', () => {
+  let repository: MyEntityRepository;
+  let auditRepo: sinon.SinonStubbedInstance<AuditLogRepository>;
+
+  beforeEach(() => {
+    auditRepo = createStubInstance(AuditLogRepository);
+    repository = new MyEntityRepository(dataSource, auditRepo);
+  });
+
+  it('should create audit log on entity creation', async () => {
+    const entity = {name: 'Test Entity'};
+    await repository.create(entity);
+    
+    sinon.assert.calledOnce(auditRepo.create);
+    sinon.assert.calledWith(auditRepo.create, sinon.match({
+      action: 'CREATE',
+      entityName: 'MyEntity',
+    }));
+  });
+});
+```
+
+### Integration Tests
+
+```typescript
+import {Client, expect} from '@loopback/testlab';
+import {AuditApplication} from '../application';
+
+describe('Audit Logs API', () => {
+  let app: AuditApplication;
+  let client: Client;
+
+  before('setupApplication', async () => {
+    ({app, client} = await setupApplication());
+  });
+
+  it('GET /audit-logs returns paginated results', async () => {
+    const res = await client.get('/audit-logs').expect(200);
+    
+    expect(res.body).to.be.Array();
+    expect(res.headers).to.have.property('x-total-count');
+  });
+});
+```
+
+### Testing Best Practices
+
+- Test audit log creation for all CRUD operations
+- Verify audit logs capture user identity (actedBy field)
+- Test audit log queries with pagination and filters
+- Ensure sensitive data is not logged in before/after fields
+- Test audit log retention and archival processes
+
+## Database
+
+Requires PostgreSQL. Run migrations:
+
+```bash
+npx db-migrate up --config database.json --migrations-dir migrations
+```
+
+## Dependencies
+
+- `@sourceloop/core`
+- `@sourceloop/audit-log`
+- `exceljs` (CSV export)
+- `csvtojson`

powers/sourceloop-audit-service/mcp.json

@@ -0,0 +1,9 @@
+{
+  "mcpServers": {
+    "sourceloop-cli": {
+      "command": "npx",
+      "args": ["-y", "@sourceloop/cli", "mcp"],
+      "env": {}
+    }
+  }
+}