Kiro Power added

Author: Abir Ganguly

.gitignore

@@ -18,4 +18,5 @@ dist
 /docs/services/
 
 ## Compiled export script
-export-typedocs.js
+export-typedocs.js
+CLAUDE.md

powers/README.md

@@ -0,0 +1,69 @@
+# ARC by SourceLoop - Kiro Powers
+
+This directory contains [Kiro Powers](https://kiro.dev/powers/) for the ARC microservice catalog. Each power provides specialized context and tools to Kiro agents for working with SourceLoop services.
+
+## Available Powers
+
+| Power | Description |
+|-------|-------------|
+| [`sourceloop`](./sourceloop/) | Core ARC framework, CLI scaffolding, and LoopBack 4 patterns |
+| [`sourceloop-authentication-service`](./sourceloop-authentication-service/) | Multi-tenant authentication with OAuth, MFA, SAML, JWT |
+| [`sourceloop-oidc-service`](./sourceloop-oidc-service/) | OpenID Connect identity server |
+| [`sourceloop-audit-service`](./sourceloop-audit-service/) | Audit logging with S3 archival |
+| [`sourceloop-notification-service`](./sourceloop-notification-service/) | Multi-channel notifications (email, SMS, push, WebSocket) |
+| [`sourceloop-chat-service`](./sourceloop-chat-service/) | Real-time chat messaging with groups |
+| [`sourceloop-in-mail-service`](./sourceloop-in-mail-service/) | Incoming email management |
+| [`sourceloop-video-conferencing-service`](./sourceloop-video-conferencing-service/) | Video conferencing with Vonage and Twilio |
+| [`sourceloop-payment-service`](./sourceloop-payment-service/) | Payments via PayPal, Stripe, Razorpay |
+| [`sourceloop-bpmn-service`](./sourceloop-bpmn-service/) | BPMN workflows with Camunda |
+| [`sourceloop-task-service`](./sourceloop-task-service/) | Event-driven task management (Kafka/SQS/HTTP) |
+| [`sourceloop-scheduler-service`](./sourceloop-scheduler-service/) | Job scheduling and cron tasks |
+| [`sourceloop-search-service`](./sourceloop-search-service/) | Full-text search and filtering |
+| [`sourceloop-survey-service`](./sourceloop-survey-service/) | Surveys, questionnaires, and feedback |
+| [`sourceloop-feature-toggle-service`](./sourceloop-feature-toggle-service/) | Feature flags and toggles |
+| [`sourceloop-user-tenant-service`](./sourceloop-user-tenant-service/) | User and tenant management with RBAC |
+| [`sourceloop-reporting-service`](./sourceloop-reporting-service/) | Report generation with S3 export |
+
+## Installing a Power
+
+In Kiro IDE:
+
+1. Open the Powers panel
+2. Click **Add power from GitHub**
+3. Enter the repository URL with the subdirectory path (e.g., `https://github.com/sourcefuse/loopback4-microservice-catalog/powers/sourceloop-authentication-service`)
+
+For local development:
+
+1. Open the Powers panel
+2. Click **Add power from Local Path**
+3. Select the power directory
+
+## Power Structure
+
+Each power contains:
+
+```
+power-name/
+├── POWER.md    # Metadata, documentation, and agent guidance
+└── mcp.json    # MCP server configuration (points to @sourceloop/cli)
+```
+
+The core `sourceloop` power also includes steering files:
+
+```
+sourceloop/
+├── POWER.md
+├── mcp.json
+└── steering/
+    ├── loopback4-patterns.md   # LoopBack 4 conventions and patterns
+    └── cli-usage.md            # ARC CLI command reference
+```
+
+## MCP Server
+
+All powers reference the `@sourceloop/cli` MCP server, which provides tools for:
+
+- Scaffolding monorepos and microservices
+- Adding AWS CDK deployment support
+- Generating Angular and React frontends
+- Updating project dependencies

powers/sourceloop-audit-service/POWER.md

@@ -0,0 +1,162 @@
+---
+name: 'sourceloop-audit-service'
+displayName: 'SourceLoop Audit Service'
+description: 'Track and record user actions with audit logging - inserts, updates, deletes with S3 archival and CSV export capabilities'
+keywords:
+  [
+    'audit',
+    'logging',
+    'audit-trail',
+    'compliance',
+    'tracking',
+    'sourceloop',
+    's3-archival',
+  ]
+author: 'SourceFuse'
+---
+
+# SourceLoop Audit Service
+
+## Overview
+
+A LoopBack 4 microservice for audit logging that tracks and records user actions including inserts, updates, and deletes. Supports S3 archival for long-term storage and CSV export capabilities.
+
+**Key capabilities:**
+
+- **Action Tracking**: Record inserts, updates, and deletes across services
+- **S3 Archival**: Archive audit logs to AWS S3 for compliance
+- **CSV Export**: Export audit data as CSV via ExcelJS
+- **Repository Mixin**: Drop-in audit logging for any repository
+- **Multi-source Retrieval**: Query from both database and archive
+
+## Available MCP Servers
+
+### sourceloop-cli
+
+**Package:** `@sourceloop/cli`
+**Connection:** Local stdio via npx
+
+Use the `microservice` tool with `--baseOnService --baseService=audit-service` to scaffold a new audit service instance.
+
+## Installation
+
+```typescript
+import {AuditServiceComponent} from '@sourceloop/audit-service';
+import {BootMixin} from '@loopback/boot';
+import {ApplicationConfig} from '@loopback/core';
+import {RestApplication} from '@loopback/rest';
+
+export class MyApplication extends BootMixin(RestApplication) {
+  constructor(options: ApplicationConfig = {}) {
+    super(options);
+
+    // Validate required environment variables
+    this.validateAuditEnv();
+
+    try {
+      this.component(AuditServiceComponent);
+      console.log('✅ Audit service loaded successfully');
+    } catch (error) {
+      console.error('❌ Failed to initialize audit service:', error.message);
+      throw error;
+    }
+  }
+
+  private validateAuditEnv() {
+    const required = ['DB_HOST', 'DB_PORT', 'DB_DATABASE'];
+    const missing = required.filter(env => !process.env[env]);
+    if (missing.length > 0) {
+      throw new Error(
+        `Missing required environment variables: ${missing.join(', ')}`,
+      );
+    }
+
+    // Validate S3 config if archival is enabled
+    if (process.env.ENABLE_ARCHIVAL === 'true') {
+      const s3Required = [
+        'AWS_ACCESS_KEY_ID',
+        'AWS_SECRET_ACCESS_KEY',
+        'S3_BUCKET_NAME',
+      ];
+      const s3Missing = s3Required.filter(env => !process.env[env]);
+      if (s3Missing.length > 0) {
+        throw new Error(
+          `S3 archival enabled but missing: ${s3Missing.join(', ')}`,
+        );
+      }
+    }
+  }
+}
+```
+
+## Key Models
+
+- **AuditLog** - Core audit log entry with action, actor, timestamp, before/after data
+- **CustomFilter** - Custom query filters for audit retrieval
+- **MappingLog** - Entity mapping audit records
+- **Job** - Background archival job tracking
+
+## Key Controllers
+
+- **AuditController** - CRUD operations for audit logs, export, archival
+
+## Common Workflows
+
+### Workflow 1: Setup Audit Service
+
+```bash
+npx @sourceloop/cli microservice my-audit \
+  --baseOnService \
+  --baseService=audit-service \
+  --datasourceName=auditdb \
+  --datasourceType=postgresql \
+  --includeMigrations
+```
+
+### Workflow 2: Add Audit Logging to a Repository
+
+Use the audit mixin from `@sourceloop/audit-log`:
+
+```typescript
+import {AuditRepositoryMixin} from '@sourceloop/audit-log';
+
+export class MyEntityRepository extends AuditRepositoryMixin<
+  MyEntity,
+  typeof MyEntity.prototype.id,
+  MyEntityRelations
+>(DefaultCrudRepository) {
+  constructor(@inject('datasources.db') dataSource: DataSource) {
+    super(MyEntity, dataSource);
+  }
+}
+```
+
+## Best Practices
+
+### Do:
+
+- Archive old audit logs to S3 for cost-effective long-term storage
+- Use the repository mixin for automatic audit logging
+- Index audit logs by actor, action type, and timestamp
+- Configure retention policies for compliance requirements
+
+### Don't:
+
+- Store sensitive data (passwords, tokens) in audit log details
+- Skip audit logging for delete operations
+- Query large audit datasets without filters - use pagination
+
+## Database
+
+Requires PostgreSQL. Run migrations:
+
+```bash
+npx db-migrate up --config database.json --migrations-dir migrations
+```
+
+## Dependencies
+
+- `@sourceloop/core`
+- `@sourceloop/audit-log`
+- `exceljs` (CSV export)
+- `csvtojson`

powers/sourceloop-audit-service/mcp.json

@@ -0,0 +1,9 @@
+{
+  "mcpServers": {
+    "sourceloop-cli": {
+      "command": "npx",
+      "args": ["-y", "@sourceloop/cli", "mcp"],
+      "env": {}
+    }
+  }
+}