Stage 0 Status¶
Stage 0 Complete
Infrastructure proof is complete. All core infrastructure components are working end-to-end.
What Stage 0 Proved¶
| Component | Status | Notes |
|---|---|---|
| CI/CD Pipeline | Working | GitHub Actions builds, tests, deploys |
| Docker Build | Working | Multi-stage build, pushes to ECR |
| App Runner | Working | Container runs, auto-scales |
| Database | Working | RDS SQL Server connectivity verified |
| Cloudflare Access | Working | Zero Trust authentication |
| Health Endpoint | Working | Returns database status |
Live Environment¶
URL: luminarium-proof-dev.luminarium.ai
Access: Requires Cloudflare Access authentication (@luminarium.ai or @fastmarkets.com email)
Key Learnings¶
Issues discovered and resolved during Stage 0:
1. VPC Egress Blocking¶
Problem: App Runner VPC connector blocks outbound internet access.
Solution: Cloudflare public keys are fetched at build time and embedded in the application via scripts/fetch-cf-keys.mjs.
2. SQL Server TLS¶
Problem: RDS requires CA certificates for TLS verification.
Solution: Use trustServerCertificate=false in production with proper CA chain.
3. Database Naming¶
Problem: SQL Server Express doesn't allow creating databases via connection string.
Solution: Use master database initially. Create named database via Prisma migrations in later stages.
4. JWT Validation¶
Problem: Need to validate Cloudflare Access tokens without internet access.
Solution: src/middleware.ts validates JWTs using embedded public keys. /api/health is excluded from validation for CI health checks.
Stage 0 Architecture¶
Files Changed in Stage 0¶
| File | Purpose |
|---|---|
src/app/api/health/route.ts | Health check endpoint |
src/lib/db.ts | Prisma client singleton |
src/middleware.ts | Cloudflare JWT validation |
prisma/schema.prisma | Database config |
infra/app/*.tf | Terraform infrastructure |
.github/workflows/deploy.yml | CI/CD pipeline |
Dockerfile | Container build |
What's Next¶
Stage 0 infrastructure is proven. Future stages will build on this foundation:
- Stage 1 - React Admin, NextAuth.js authentication, database models
- Stage 2 - End-to-end price capture and assessment flow with AI
- Stage 3 - Human-in-the-loop review workflows
- Stage 4+ - Iteration and refinement