[comp] Production Deploy

apps/api/package.json

@@ -162,7 +162,12 @@
         "testEnvironment": "node",
         "moduleNameMapper": {
             "^@db$": "<rootDir>/../prisma/index",
-            "^@/(.*)$": "<rootDir>/$1"
+            "^@/(.*)$": "<rootDir>/$1",
+            "^@trycompai/auth$": "<rootDir>/../../../packages/auth/src/index.ts",
+            "^@trycompai/company$": "<rootDir>/../../../packages/company/src/index.ts",
+            "^@trycompai/db$": "@prisma/client",
+            "^@trycompai/email$": "<rootDir>/../../../packages/email/index.ts",
+            "^@trycompai/integration-platform$": "<rootDir>/../../../packages/integration-platform/src/index.ts"
         }
     },
     "license": "UNLICENSED",

apps/api/scripts/audit-openapi-summaries.ts

@@ -0,0 +1,62 @@
+import { readFileSync } from 'node:fs';
+import path from 'node:path';
+
+interface Operation {
+  summary?: string;
+  description?: string;
+  operationId?: string;
+  tags?: string[];
+}
+
+const openapiPath = path.join(__dirname, '../../../packages/docs/openapi.json');
+const doc = JSON.parse(readFileSync(openapiPath, 'utf8')) as {
+  paths: Record<string, Record<string, Operation>>;
+};
+
+type Row = {
+  method: string;
+  path: string;
+  summary: string;
+  operationId: string;
+  tag: string;
+  flag: string;
+};
+
+const rows: Row[] = [];
+
+for (const [routePath, methods] of Object.entries(doc.paths)) {
+  for (const [method, op] of Object.entries(methods)) {
+    if (typeof op !== 'object' || !op) continue;
+    const summary = op.summary ?? '';
+    const operationId = op.operationId ?? '';
+    const tag = op.tags?.[0] ?? '(no tag)';
+
+    let flag = '';
+    if (!summary) flag = 'MISSING';
+    else if (
+      /^(Get|Post|Put|Patch|Delete)\b.*v1/i.test(summary) ||
+      summary === operationId ||
+      /Controller_/.test(summary)
+    ) {
+      flag = 'AUTO_GEN';
+    }
+
+    rows.push({ method: method.toUpperCase(), path: routePath, summary, operationId, tag, flag });
+  }
+}
+
+rows.sort((a, b) => (a.tag + a.path).localeCompare(b.tag + b.path));
+
+const flagged = rows.filter((r) => r.flag);
+console.log(`Total operations: ${rows.length}`);
+console.log(`Flagged: ${flagged.length}`);
+console.log();
+
+let currentTag = '';
+for (const r of flagged) {
+  if (r.tag !== currentTag) {
+    currentTag = r.tag;
+    console.log(`\n## ${currentTag}`);
+  }
+  console.log(`  [${r.flag.padEnd(9)}] ${r.method.padEnd(6)} ${r.path}  —  "${r.summary}"`);
+}

apps/api/src/admin-organizations/admin-context.controller.ts

@@ -11,14 +11,15 @@ import {
   UsePipes,
   ValidationPipe,
 } from '@nestjs/common';
-import { ApiOperation, ApiTags } from '@nestjs/swagger';
+import { ApiExcludeController, ApiOperation, ApiTags } from '@nestjs/swagger';
 import { Throttle } from '@nestjs/throttler';
 import { PlatformAdminGuard } from '../auth/platform-admin.guard';
 import { ContextService } from '../context/context.service';
 import { CreateContextDto } from '../context/dto/create-context.dto';
 import { UpdateContextDto } from '../context/dto/update-context.dto';
 import { AdminAuditLogInterceptor } from './admin-audit-log.interceptor';
 
+@ApiExcludeController()
 @ApiTags('Admin - Context')
 @Controller({ path: 'admin/organizations', version: '1' })
 @UseGuards(PlatformAdminGuard)

apps/api/src/admin-organizations/admin-evidence.controller.ts

@@ -8,7 +8,7 @@ import {
   UseInterceptors,
   BadRequestException,
 } from '@nestjs/common';
-import { ApiOperation, ApiTags } from '@nestjs/swagger';
+import { ApiExcludeController, ApiOperation, ApiTags } from '@nestjs/swagger';
 import { Throttle } from '@nestjs/throttler';
 import { PlatformAdminGuard } from '../auth/platform-admin.guard';
 import { EvidenceFormsService } from '../evidence-forms/evidence-forms.service';
@@ -18,6 +18,7 @@ import {
   buildPlatformAdminAuthContext,
 } from './platform-admin-auth-context';
 
+@ApiExcludeController()
 @ApiTags('Admin - Evidence')
 @Controller({ path: 'admin/organizations', version: '1' })
 @UseGuards(PlatformAdminGuard)

apps/api/src/admin-organizations/admin-findings.controller.ts

@@ -13,7 +13,7 @@ import {
   ValidationPipe,
   BadRequestException,
 } from '@nestjs/common';
-import { ApiOperation, ApiTags } from '@nestjs/swagger';
+import { ApiExcludeController, ApiOperation, ApiTags } from '@nestjs/swagger';
 import { Throttle } from '@nestjs/throttler';
 import { FindingStatus } from '@db';
 import { PlatformAdminGuard } from '../auth/platform-admin.guard';
@@ -23,6 +23,7 @@ import { UpdateFindingDto } from '../findings/dto/update-finding.dto';
 import { AdminAuditLogInterceptor } from './admin-audit-log.interceptor';
 import type { AdminRequest } from './platform-admin-auth-context';
 
+@ApiExcludeController()
 @ApiTags('Admin - Findings')
 @Controller({ path: 'admin/organizations', version: '1' })
 @UseGuards(PlatformAdminGuard)

apps/api/src/admin-organizations/admin-organizations.controller.ts

@@ -13,13 +13,14 @@ import {
   UsePipes,
   ValidationPipe,
 } from '@nestjs/common';
-import { ApiOperation, ApiQuery, ApiTags } from '@nestjs/swagger';
+import { ApiExcludeController, ApiOperation, ApiQuery, ApiTags } from '@nestjs/swagger';
 import { Throttle } from '@nestjs/throttler';
 import { PlatformAdminGuard } from '../auth/platform-admin.guard';
 import { AdminOrganizationsService } from './admin-organizations.service';
 import { AdminAuditLogInterceptor } from './admin-audit-log.interceptor';
 import { InviteMemberDto } from './dto/invite-member.dto';
 
+@ApiExcludeController()
 @ApiTags('Admin - Organizations')
 @Controller({ path: 'admin/organizations', version: '1' })
 @UseGuards(PlatformAdminGuard)

apps/api/src/admin-organizations/admin-policies.controller.ts

@@ -11,7 +11,7 @@ import {
   ValidationPipe,
   BadRequestException,
 } from '@nestjs/common';
-import { ApiOperation, ApiTags } from '@nestjs/swagger';
+import { ApiExcludeController, ApiOperation, ApiTags } from '@nestjs/swagger';
 import { Throttle } from '@nestjs/throttler';
 import { db } from '@db';
 import {
@@ -32,6 +32,7 @@ interface UpdatePolicyBody {
   frequency?: string | null;
 }
 
+@ApiExcludeController()
 @ApiTags('Admin - Policies')
 @Controller({ path: 'admin/organizations', version: '1' })
 @UseGuards(PlatformAdminGuard)

apps/api/src/admin-organizations/admin-tasks.controller.ts

@@ -12,7 +12,7 @@ import {
   ValidationPipe,
   BadRequestException,
 } from '@nestjs/common';
-import { ApiOperation, ApiTags } from '@nestjs/swagger';
+import { ApiExcludeController, ApiOperation, ApiTags } from '@nestjs/swagger';
 import { Throttle } from '@nestjs/throttler';
 import {
   TaskStatus,
@@ -36,6 +36,7 @@ interface UpdateTaskBody {
   frequency?: string | null;
 }
 
+@ApiExcludeController()
 @ApiTags('Admin - Tasks')
 @Controller({ path: 'admin/organizations', version: '1' })
 @UseGuards(PlatformAdminGuard)

apps/api/src/admin-organizations/admin-vendors.controller.ts

@@ -12,7 +12,7 @@ import {
   ValidationPipe,
   BadRequestException,
 } from '@nestjs/common';
-import { ApiOperation, ApiTags } from '@nestjs/swagger';
+import { ApiExcludeController, ApiOperation, ApiTags } from '@nestjs/swagger';
 import { Throttle } from '@nestjs/throttler';
 import { VendorCategory, VendorStatus } from '@db';
 import { PlatformAdminGuard } from '../auth/platform-admin.guard';
@@ -26,6 +26,7 @@ interface UpdateVendorBody {
   category?: string;
 }
 
+@ApiExcludeController()
 @ApiTags('Admin - Vendors')
 @Controller({ path: 'admin/organizations', version: '1' })
 @UseGuards(PlatformAdminGuard)

apps/api/src/auth/auth.controller.ts

@@ -8,7 +8,7 @@ import {
   Param,
   UseGuards,
 } from '@nestjs/common';
-import { ApiOperation, ApiParam, ApiSecurity, ApiTags } from '@nestjs/swagger';
+import { ApiExcludeController, ApiOperation, ApiParam, ApiSecurity, ApiTags } from '@nestjs/swagger';
 import { db } from '@db';
 import { OrganizationId } from './auth-context.decorator';
 import { PermissionGuard } from './permission.guard';
@@ -18,6 +18,7 @@ import { HybridAuthGuard } from './hybrid-auth.guard';
 import { SkipOrgCheck } from './skip-org-check.decorator';
 import type { AuthContext as AuthContextType } from './types';
 
+@ApiExcludeController()
 @ApiTags('Auth')
 @Controller({ path: 'auth', version: '1' })
 @UseGuards(HybridAuthGuard)

apps/api/src/cloud-security/cloud-security.controller.ts

@@ -12,6 +12,7 @@ import {
   UseGuards,
   Req,
 } from '@nestjs/common';
+import { ApiOperation } from '@nestjs/swagger';
 import { SkipThrottle } from '@nestjs/throttler';
 import { HybridAuthGuard } from '../auth/hybrid-auth.guard';
 import { PermissionGuard } from '../auth/permission.guard';
@@ -49,6 +50,7 @@ export class CloudSecurityController {
   @SkipThrottle()
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'read')
+  @ApiOperation({ summary: 'List recent cloud security activity' })
   async getActivity(
     @Query('connectionId') connectionId: string,
     @Query('take') take: string | undefined,
@@ -78,6 +80,7 @@ export class CloudSecurityController {
   @SkipThrottle()
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'read')
+  @ApiOperation({ summary: 'List supported cloud providers' })
   async getProviders(@OrganizationId() organizationId: string) {
     const providers = await this.queryService.getProviders(organizationId);
     return { data: providers, count: providers.length };
@@ -87,6 +90,7 @@ export class CloudSecurityController {
   @SkipThrottle()
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'read')
+  @ApiOperation({ summary: 'List cloud security findings' })
   async getFindings(@OrganizationId() organizationId: string) {
     const findings = await this.queryService.getFindings(organizationId);
     return { data: findings, count: findings.length };
@@ -95,6 +99,7 @@ export class CloudSecurityController {
   @Post('scan/:connectionId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'update')
+  @ApiOperation({ summary: 'Trigger a security scan for a connection' })
   async scan(
     @Param('connectionId') connectionId: string,
     @OrganizationId() organizationId: string,
@@ -165,6 +170,7 @@ export class CloudSecurityController {
   @Post('detect-services/:connectionId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'read')
+  @ApiOperation({ summary: 'Detect available cloud services for a connection' })
   async detectServices(
     @Param('connectionId') connectionId: string,
     @OrganizationId() organizationId: string,
@@ -188,6 +194,7 @@ export class CloudSecurityController {
   @Post('detect-gcp-org/:connectionId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'read')
+  @ApiOperation({ summary: 'Detect the GCP organization for a connection' })
   async detectGcpOrg(
     @Param('connectionId') connectionId: string,
     @OrganizationId() organizationId: string,
@@ -262,6 +269,7 @@ export class CloudSecurityController {
   @Post('select-gcp-projects/:connectionId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'update')
+  @ApiOperation({ summary: 'Select GCP projects for a connection' })
   async selectGcpProjects(
     @Param('connectionId') connectionId: string,
     @Body()
@@ -306,6 +314,7 @@ export class CloudSecurityController {
   @Post('setup-gcp/:connectionId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'update')
+  @ApiOperation({ summary: 'Set up GCP for a connection' })
   async setupGcp(
     @Param('connectionId') connectionId: string,
     @Body() body: { projectId?: string },
@@ -341,6 +350,7 @@ export class CloudSecurityController {
   @Post('setup-gcp/:connectionId/resolve-step')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'update')
+  @ApiOperation({ summary: 'Resolve a GCP setup step' })
   async resolveGcpSetupStep(
     @Param('connectionId') connectionId: string,
     @Body() body: { stepId: GcpSetupStepId },
@@ -475,6 +485,7 @@ export class CloudSecurityController {
   @Post('setup-azure/:connectionId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'update')
+  @ApiOperation({ summary: 'Set up Azure for a connection' })
   async setupAzure(
     @Param('connectionId') connectionId: string,
     @OrganizationId() organizationId: string,
@@ -638,6 +649,7 @@ export class CloudSecurityController {
   @Post('validate-azure/:connectionId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'read')
+  @ApiOperation({ summary: 'Validate Azure credentials for a connection' })
   async validateAzure(
     @Param('connectionId') connectionId: string,
     @OrganizationId() organizationId: string,
@@ -749,6 +761,7 @@ export class CloudSecurityController {
   @Post('trigger/:connectionId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'update')
+  @ApiOperation({ summary: 'Trigger a cloud security run for a connection' })
   async triggerScan(
     @Param('connectionId') connectionId: string,
     @OrganizationId() organizationId: string,
@@ -773,6 +786,7 @@ export class CloudSecurityController {
   @Get('runs/:runId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'read')
+  @ApiOperation({ summary: 'Get a cloud security scan run by ID' })
   async getRunStatus(
     @Param('runId') runId: string,
     @Query('connectionId') connectionId: string,
@@ -804,6 +818,7 @@ export class CloudSecurityController {
   @Post('legacy/connect')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'create')
+  @ApiOperation({ summary: 'Create a legacy cloud integration' })
   async connectLegacy(
     @OrganizationId() organizationId: string,
     @Body()
@@ -823,6 +838,7 @@ export class CloudSecurityController {
   @Post('legacy/validate-aws')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'read')
+  @ApiOperation({ summary: 'Validate legacy AWS credentials' })
   async validateAwsCredentials(
     @Body() body: { accessKeyId: string; secretAccessKey: string },
   ) {
@@ -840,6 +856,7 @@ export class CloudSecurityController {
   @Delete('legacy/:integrationId')
   @UseGuards(HybridAuthGuard, PermissionGuard)
   @RequirePermission('integration', 'delete')
+  @ApiOperation({ summary: 'Delete a legacy cloud integration' })
   async disconnectLegacy(
     @Param('integrationId') integrationId: string,
     @OrganizationId() organizationId: string,