Merge pull request #26 from navapbc/fg/migrate-postgres-storage

feat: migrate memory and traces to postgresstore

Author: fg-nava

mastra-test-app/package.json

@@ -6,8 +6,7 @@
     "test": "echo \"Error: no test specified\" && exit 1",
     "dev": "mastra dev",
     "dev:pretty": "mastra dev --inspect | npx pino-pretty",
-    "build": "mastra build && npm run build:prisma",
-    "build:prisma": "cp -r prisma .mastra/output/ && cd .mastra/output && npm pkg set scripts.postinstall='prisma generate' && npm pkg set dependencies.prisma='6.12.0' && pnpm install",
+    "build": "mastra build",
     "postinstall": "prisma generate",
     "start": "mastra start",
     "seed": "tsx src/seed.ts",
@@ -30,12 +29,12 @@
     "@ai-sdk/google": "^1.2.22",
     "@ai-sdk/openai": "^1.3.23",
     "@inquirer/prompts": "^7.7.1",
-    "@mastra/auth": "^0.1.1",
-    "@mastra/core": "^0.11.1",
-    "@mastra/libsql": "^0.11.2",
-    "@mastra/loggers": "^0.10.4",
-    "@mastra/mcp": "^0.10.7",
-    "@mastra/memory": "^0.11.5",
+    "@mastra/core": "^0.13.2",
+    "@mastra/libsql": "^0.13.2",
+    "@mastra/loggers": "^0.10.6",
+    "@mastra/mcp": "^0.10.11",
+    "@mastra/memory": "^0.12.2",
+    "@mastra/pg": "^0.13.3",
     "@prisma/client": "^6.12.0",
     "@types/jsonwebtoken": "^9.0.10",
     "csv-parse": "^6.1.0",

mastra-test-app/pnpm-lock.yaml

@@ -3,24 +3,13 @@ import jwt from 'jsonwebtoken';
 const JWT_SECRET = process.env.MASTRA_JWT_SECRET!;
 const APP_PASSWORD = process.env.MASTRA_APP_PASSWORD!;
 
-if (!JWT_SECRET) {
-  throw new Error('MASTRA_JWT_SECRET environment variable is required');
-}
-
-if (!APP_PASSWORD) {
-  throw new Error('MASTRA_APP_PASSWORD environment variable is required');
-}
 
-/**
- * Validates the provided password against the configured app password
- */
+//Validates the provided password against the configured app password
 export function validatePassword(password: string): boolean {
   return password === APP_PASSWORD;
 }
 
-/**
- * Generates a JWT token for authenticated sessions
- */
+//Generates a JWT token for authenticated sessions
 export function generateAuthToken(): string {
   return jwt.sign(
     { 
@@ -35,9 +24,7 @@ export function generateAuthToken(): string {
   );
 }
 
-/**
- * Verifies a JWT token
- */
+//Verifies a JWT token
 export function verifyAuthToken(token: string): boolean {
   try {
     jwt.verify(token, JWT_SECRET);
@@ -47,19 +34,15 @@ export function verifyAuthToken(token: string): boolean {
   }
 }
 
-/**
- * Extracts token from Authorization header
- */
+//Extracts token from Authorization header
 export function extractTokenFromHeader(authHeader: string | undefined): string | null {
   if (!authHeader || !authHeader.startsWith('Bearer ')) {
     return null;
   }
   return authHeader.substring(7); // Remove 'Bearer ' prefix
 }
 
-/**
- * Creates a simple HTML login page
- */
+//Creates a simple HTML login page
 export function createLoginPage(errorMessage?: string): string {
   return `
 <!DOCTYPE html>

mastra-test-app/src/auth-utils.ts

@@ -0,0 +1,54 @@
+import { Agent } from '@mastra/core/agent';
+import { openai } from '@ai-sdk/openai';
+import { anthropic } from '@ai-sdk/anthropic';
+import { google } from '@ai-sdk/google';
+import { databaseTools } from '../tools/database-tools';
+import { storageTools } from '../tools/storage-tools';
+
+export const dataOpsAgent = new Agent({
+  name: 'Data Ops Agent',
+  description: 'Agent specialized in database and Mastra storage queries (participants, threads, messages, traces).',
+  instructions: `
+    You are a concise data operations assistant. Use the provided tools to:
+    - Query and manage participants/household records
+    - Inspect Mastra threads, messages, and traces
+    - Return small, readable result sets
+  `,
+//   model: google('gemini-2.5-pro'),
+  model: anthropic('claude-sonnet-4-20250514'),
+  tools: {
+    ...Object.fromEntries(databaseTools.map(t => [t.id, t])),
+    ...Object.fromEntries(storageTools.map(t => [t.id, t])),
+  },
+
+  defaultStreamOptions: {
+    maxSteps: 50,
+    maxRetries: 3,
+    temperature: 0.1,
+    telemetry: {
+      isEnabled: true,
+      functionId: 'dataOpsAgent.stream',
+      recordInputs: true,
+      recordOutputs: true,
+      metadata: {
+        agentId: 'dataOpsAgent',
+        agentName: 'Data Ops Agent',
+      },
+    },
+  },
+  defaultGenerateOptions: {
+    maxSteps: 50,
+    maxRetries: 3,
+    temperature: 0.1,
+    telemetry: {
+      isEnabled: true,
+      functionId: 'dataOpsAgent.generate',
+      recordInputs: true,
+      recordOutputs: true,
+      metadata: {
+        agentId: 'dataOpsAgent',
+        agentName: 'Data Ops Agent',
+      },
+    },
+  },
+});

mastra-test-app/src/mastra/agents/data-ops-agent.ts

@@ -1,4 +1,4 @@
-import { LibSQLStore, LibSQLVector } from '@mastra/libsql';
+import { postgresStore, pgVector } from '../storage';
 import { exaMCP, playwrightMCP } from '../mcp';
 
 import { Agent } from '@mastra/core/agent';
@@ -8,16 +8,9 @@ import { databaseTools } from '../tools/database-tools';
 import { google } from '@ai-sdk/google';
 import { openai } from '@ai-sdk/openai';
 
-// Path is relative to .mastra/output/ when bundled
-const storage = new LibSQLStore({
-  url: "file:../mastra.db",
-});
+const storage = postgresStore;
 
-// Initialize vector store for semantic search
-const vectorStore = new LibSQLVector({
-  connectionUrl: "file:../mastra.db",
-});
-// Create a memory instance with workingMemory enabled
+const vectorStore = pgVector;
 const memory = new Memory({
   storage: storage,
   vector: vectorStore,
@@ -155,11 +148,10 @@ export const webAutomationAgent = new Agent({
     )
   },
   memory: memory,
-  // Set default options to handle step limits better
   defaultStreamOptions: {
-    maxSteps: 50, // Increased from default 5
+    maxSteps: 50,
     maxRetries: 3,
-    temperature: 0.1, // Lower temperature for more focused responses
+    temperature: 0.1,
     telemetry: {
       isEnabled: true,
       functionId: 'webAutomationAgent.stream',
@@ -172,7 +164,7 @@ export const webAutomationAgent = new Agent({
     },
   },
   defaultGenerateOptions: {
-    maxSteps: 50, // Increased from default 5
+    maxSteps: 50,
     maxRetries: 3,
     temperature: 0.1,
     telemetry: {

mastra-test-app/src/mastra/agents/web-automation-agent.ts

@@ -1,35 +1,23 @@
-import { LibSQLStore } from '@mastra/libsql';
+import { postgresStore } from './storage';
 import { Mastra } from '@mastra/core/mastra';
 import { PinoLogger } from '@mastra/loggers';
-import memoryAgent from './agents/memory-agent';
-import { weatherAgent } from './agents/weather-agent';
-import { weatherWorkflow } from './workflows/weather-workflow';
 import { webAutomationAgent } from './agents/web-automation-agent';
 import { webAutomationWorkflow } from './workflows/web-automation-workflow';
-import { 
-  validatePassword, 
-  generateAuthToken, 
-  verifyAuthToken, 
-  extractTokenFromHeader, 
-  createLoginPage 
-} from '../auth-utils';
+import { dataOpsAgent } from './agents/data-ops-agent';
+import { serverMiddleware } from './middleware';
 
 export const mastra = new Mastra({
   workflows: { 
-    weatherWorkflow,
     webAutomationWorkflow
   },
   agents: { 
-    weatherAgent,
     webAutomationAgent,
-    memoryAgent,
+    dataOpsAgent,
   },
-  storage: new LibSQLStore({
-    url: "file:../mastra.db",
-  }),
+  storage: postgresStore,
   logger: new PinoLogger({
     name: 'Mastra',
-    level: 'info', // Changed from 'info' to 'debug' to capture more error details
+    level: 'debug', // Change from 'info' to 'debug' to capture more error details
   }),
 
   telemetry: {
@@ -46,124 +34,17 @@ export const mastra = new Mastra({
   server: {
     host: '0.0.0.0', // Allow external connections
     port: 4111,
+    cors: {
+      origin: ['http://localhost:4111', 'http://0.0.0.0:4111', '*'],
+      allowMethods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
+      allowHeaders: ['Content-Type', 'Authorization', 'x-mastra-dev-playground'],
+      credentials: true,
+    },
     build: {
       swaggerUI: true,     // Enable Swagger UI in production
       openAPIDocs: true,   // Enable OpenAPI docs in production
     },
-    // Disabled JWT auth since we're using session-based auth for the entire playground
-    // experimental_auth: new MastraJwtAuth({
-    //   secret: process.env.MASTRA_JWT_SECRET!
-    // }),
-    middleware: [
-      // Login route - handles password authentication
-      {
-        handler: async (c, next) => {
-          const url = new URL(c.req.url);
-          
-          // Handle login page GET request
-          if (url.pathname === '/auth/login' && c.req.method === 'GET') {
-            return new Response(createLoginPage(), {
-              headers: { 'Content-Type': 'text/html' }
-            });
-          }
-          
-          // Handle login form POST request
-          if (url.pathname === '/auth/login' && c.req.method === 'POST') {
-            try {
-              const formData = await c.req.formData();
-              const password = formData.get('password') as string;
-              
-              if (validatePassword(password)) {
-                const token = generateAuthToken();
-                
-                // Set cookie and redirect to playground
-                return new Response(null, {
-                  status: 302,
-                  headers: {
-                    'Location': '/agents/webAutomationAgent/chat/',
-                    'Set-Cookie': `mastra_token=${token}; Path=/; HttpOnly; Max-Age=86400; SameSite=Strict`
-                  }
-                });
-              } else {
-                return new Response(createLoginPage('Invalid password. Please try again.'), {
-                  headers: { 'Content-Type': 'text/html' }
-                });
-              }
-            } catch (error) {
-              return new Response(createLoginPage('An error occurred. Please try again.'), {
-                headers: { 'Content-Type': 'text/html' }
-              });
-            }
-          }
-          
-          await next();
-        },
-        path: '/auth/*',
-      },
-      // Protection middleware for playground and API routes
-      {
-        handler: async (c, next) => {
-          const url = new URL(c.req.url);
-          
-          // Allow Playground system requests to pass (telemetry/memory/etc.)
-          // The Playground adds this header on its internal API calls
-          const isDevPlayground = c.req.header('x-mastra-dev-playground') === 'true';
-          if (isDevPlayground) {
-            await next();
-            return;
-          }
 
-          // Skip auth for login routes
-          if (url.pathname.startsWith('/auth/')) {
-            await next();
-            return;
-          }
-          
-          // Check for authentication token in cookie or header
-          let token: string | null = null;
-          
-          // First try cookie
-          const cookies = c.req.header('Cookie');
-          if (cookies) {
-            const tokenMatch = cookies.match(/mastra_token=([^;]+)/);
-            if (tokenMatch) {
-              token = tokenMatch[1];
-            }
-          }
-          
-          // Fallback to Authorization header
-          if (!token) {
-            token = extractTokenFromHeader(c.req.header('Authorization'));
-          }
-          
-          // Verify token
-          if (!token || !verifyAuthToken(token)) {
-            return new Response(null, {
-              status: 302,
-              headers: { 'Location': '/auth/login' }
-            });
-          }
-          
-          await next();
-        },
-        path: '/*', // Protect all routes except auth
-      },
-      // Root redirect middleware
-      {
-        handler: async (c, next) => {
-          const url = new URL(c.req.url);
-          
-          if (url.pathname === '/') {
-            return new Response(null, {
-              status: 302,
-              headers: { 'Location': '/auth/login' }
-            });
-          }
-          
-          await next();
-        },
-        path: '/',
-      }
-    ],
+    middleware: serverMiddleware,
   },
 });