/noop:tend - Infrastructure Tender

Maintain and tend to your noop-based project infrastructure. Run health checks, update dependencies, audit security, manage migrations, and ensure everything is running smoothly.

Framework Context

Quality Checklist (VERIFICATION CRITERIA)

@docs/universal-framework/CHECKLIST.md

Philosophy (PRINCIPLES TO VERIFY)

@docs/universal-framework/PHILOSOPHY.md

---

Available Tasks

Task	Description
health	Full health check of services and configuration
deps	Check and update dependencies
security	Security audit and vulnerability scan
migrations	Migration status and management
docker	Docker services health and cleanup
all	Run all maintenance tasks

Arguments

$ARGUMENTS - Task to run. Defaults to health.

---

Task: health

Comprehensive health check of the entire project.

Checks Performed

1. Configuration

   • .env file exists and has required vars
   • Config validates against Zod schema
   • No secrets in version control

2. TypeScript

   • npm run typecheck passes
   • No any types in critical paths
   • All imports have .js extensions

3. Code Quality

   • npm run lint passes
   • npm run format:check passes
   • No TODO/FIXME in production code

4. Database

   • Can connect to PostgreSQL
   • Migrations are up to date
   • Indexes exist for organization_id columns

5. Docker Services

   • Postgres container healthy
   • Redis container healthy
   • Volumes attached correctly

6. API Endpoints

   • /healthz returns 200
   • /version returns correct info

Health Report Format

Infrastructure Health Report
============================

Configuration:  ✓ OK
TypeScript:     ✓ OK
Code Quality:   ⚠ 2 warnings
Database:       ✓ OK
Docker:         ✓ OK
API:            ✓ OK

Overall: HEALTHY (with warnings)

---

Task: deps

Check for outdated and vulnerable dependencies.

Actions

1. Check outdated: npm outdated
2. Check vulnerabilities: npm audit
3. Categorize updates:
   • Safe (patch): Auto-apply with confirmation
   • Minor: Review changelog first
   • Major: Warn about breaking changes

---

Task: security

Security audit and best practices check.

Checks

1. npm audit for known vulnerabilities
2. Scan for leaked credentials in code
3. Verify parameterized SQL queries
4. Check JWT/auth handling
5. Verify CORS configuration
6. Check Helmet headers present
7. Verify input validation with Zod

Security Report Format

Security Audit Report
=====================

Vulnerabilities: 0 critical, 1 moderate
Secrets Scan:    ✓ No secrets detected
SQL Injection:   ✓ All queries parameterized
Auth Patterns:   ✓ JWT properly validated
CORS:            ⚠ localhost allowed
Rate Limiting:   ⚠ Not implemented

Recommendations:
1. Implement rate limiting
2. Remove localhost from CORS in production

---

Task: migrations

Database migration management.

Actions

1. Check migration status:

   SELECT * FROM schema_migrations ORDER BY executed_at;
   

2. List pending migrations

3. Verify all tables have organization_id

4. Check indexes exist

---

Task: docker

Docker services management.

Actions

1. Status check: docker-compose ps
2. Health verification (pg_isready, redis-cli ping)
3. Resource usage: docker stats --no-stream
4. Cleanup options (with confirmation)
5. Recent error logs

---

Task: all

Run all maintenance tasks in sequence and generate summary report:

Full Infrastructure Report
==========================
Generated: {timestamp}

Health:       HEALTHY (2 warnings)
Security:     PASS (3 recommendations)
Dependencies: 4 outdated, 0 vulnerable
Migrations:   UP TO DATE
Docker:       RUNNING

Action Items:
1. [LOW] Address TODO comments
2. [MEDIUM] Implement rate limiting
3. [LOW] Update patch dependencies