MPT-20733 expand API router usage docs

[svazquezco]

🤖 AI-generated PR — Please review carefully.

Summary

• Expand APIRouter usage documentation.
• Document authenticated context fields and request metadata available through ctx.
• Add examples for query helpers, body validation, response helpers, pagination, and error mapping.
• Preserve the existing PlugRouter documentation.

Testing

• make check

Closes MPT-20733

• Expanded APIRouter usage docs (docs/sdk_usage/api.md): documents authenticated handler context (ctx.auth, ctx.request), query helpers, body validation (BaseSchema → 422 problem-details), response helpers and envelopes (APIResponse.*, PaginatedResult), pagination (ctx.request.pagination), and error-mapping guidance (APIError subclasses, default 500 with correlation id).
• Reorganized docs/usage.md into an entry-point guide and added topic-focused SDK docs under docs/sdk_usage/ (application, contexts-and-pipelines, events, marketplace-services, plugs); updated docs/documentation.md and docs/architecture.md for documentation governance.
• Added mock API router and examples (mock_app/api/routes/api.py, mock_app/docs/example.http) demonstrating authenticated APIRouter patterns (GET/POST agreements, pagination, validation, sync flow); updated mock_app/app.py router imports.
• Renamed sync use-case: SyncAdobeAgreements → SyncAgreements with updated trace span names and logging (mock_app/sync/agreements.py).
• Demo environment update: .env.demo sets SDK_EXTENSION_ID = EXT-2345-3554 and removes SDK_EXTENSION_EXTERNAL_ID.
• Tests/CI: PR runs make check; preserves existing PlugRouter documentation.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: b81ccfa0-0202-452b-843e-2b60d03256d2

📥 Commits

Reviewing files that changed from the base of the PR and between d15f348 and b8f9b95.

📒 Files selected for processing (17)

• .env.demo
• docs/architecture.md
• docs/documentation.md
• docs/sdk_usage/api.md
• docs/sdk_usage/application.md
• docs/sdk_usage/contexts-and-pipelines.md
• docs/sdk_usage/events.md
• docs/sdk_usage/marketplace-services.md
• docs/sdk_usage/plugs.md
• docs/usage.md
• mock_app/api/api_routes.py
• mock_app/api/routes/__init__.py
• mock_app/api/routes/api.py
• mock_app/api/routes/event.py
• mock_app/app.py
• mock_app/docs/example.http
• mock_app/sync/agreements.py

✅ Files skipped from review due to trivial changes (8)

• docs/sdk_usage/application.md
• .env.demo
• docs/sdk_usage/contexts-and-pipelines.md
• docs/sdk_usage/api.md
• docs/sdk_usage/marketplace-services.md
• docs/sdk_usage/plugs.md
• docs/sdk_usage/events.md
• docs/usage.md

---

📝 Walkthrough

Walkthrough

This PR moves agreement routes into a dedicated APIRouter, adds authenticated endpoints (get, list, create, sync), renames the sync use-case to SyncAgreements, updates app wiring, and expands documentation and HTTP examples for authentication, validation, pagination, and error handling.

Changes

Authenticated API Handler Implementation and Documentation

Layer / File(s)	Summary
Sync Infrastructure Foundation mock_app/sync/agreements.py	Sync use-case class renamed from SyncAdobeAgreements to SyncAgreements; trace span names and doc/log text updated from the adobe.* namespace to the local sync_* names.
Core API Route Definitions mock_app/api/routes/api.py	New api_router = APIRouter() module defines four authenticated endpoints: GET /agreements/{id} (single with 404 handling), GET /agreements (paginated list using ctx.request.pagination, batch_size=3, total=10), POST /agreements (create with AgreementSchema validation), and POST /agreements/sync (triggers SyncAgreements().execute(ctx)); handlers use APIContext and return APIResponse variants.
Integration and Wiring mock_app/app.py, mock_app/api/api_routes.py	Import paths updated to use mock_app.api.routes.api for api_router and mock_app.api.routes.event for orders_router; deprecated routes file updated to call SyncAgreements().execute(ctx).
Configuration, Documentation, and Examples .env.demo, docs/usage.md, mock_app/docs/example.http, docs/sdk_usage/*, docs/documentation.md, docs/architecture.md	.env.demo sets SDK_EXTENSION_ID=EXT-2345-3554 and removes SDK_EXTENSION_EXTERNAL_ID; docs/usage.md shortened into a topics index and “Run An Extension” usage guide; new docs/sdk_usage/* pages added (API, application, events, plugs, contexts-and-pipelines, marketplace-services); docs/documentation.md and docs/architecture.md updated; example.http adds authenticated request examples for all endpoints.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• softwareone-platform/mpt-extension-sdk#190: Related earlier changes adding mock agreement sync routes and initial sync use-case naming used by this PR.
• softwareone-platform/mpt-extension-sdk#175: Routing refactor introducing APIRouter-based endpoints that align with this PR's new api_router.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Test Coverage Required	⚠️ Warning	PR modifies code (6 file(s)) but does not include any changes in the tests/ folder. Please consider adding or updating tests to cover your changes.	Add or update tests in the tests/ folder to cover the changes made to the 6 code files modified in this PR.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Jira Issue Key In Title	✅ Passed	✅ Found Jira issue key in the title: MPT-20733
Single Commit Required	✅ Passed	The PR contains exactly 1 commit (b8f9b95: "docs: expand API router usage"), verified via git rev-list --count HEAD returning 1.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

docs/usage.md (1)

124-125: ⚡ Quick win

Use the current router module paths in this wiring example.

This snippet still points to legacy/ambiguous imports; align it with the updated app wiring so copy-paste examples stay accurate.

Suggested doc fix

-from mock_app.api.routes import orders_router
-from mock_app.api.api_routes import api_router
+from mock_app.api.routes.event import orders_router
+from mock_app.api.routes.api import api_router

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/usage.md` around lines 124 - 125, The example imports in the docs use
outdated module paths for the routers (orders_router, api_router); update the
import lines to match the current application wiring by replacing the legacy
paths with the app's current router modules (use the same module locations where
orders_router and api_router are now defined), ensuring the example imports
reference the real symbols orders_router and api_router from their current
modules so copy-paste works for users.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@mock_app/docs/example.http`:
- Line 9: The HTTP example contains a hard-coded JWT in the Authorization header
which must be removed; replace the literal value after "Authorization: Bearer"
with a placeholder (e.g. {{BEARER_TOKEN}} or {{API_TOKEN}}) and update all other
occurrences mentioned (lines 35, 42, 49, 56, 63, 79) to use the same placeholder
so no real token is committed in mock_app/docs/example.http.

---

Nitpick comments:
In `@docs/usage.md`:
- Around line 124-125: The example imports in the docs use outdated module paths
for the routers (orders_router, api_router); update the import lines to match
the current application wiring by replacing the legacy paths with the app's
current router modules (use the same module locations where orders_router and
api_router are now defined), ensuring the example imports reference the real
symbols orders_router and api_router from their current modules so copy-paste
works for users.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 0347f17c-a8a5-4755-a231-b6e34ea6aad5

📥 Commits

Reviewing files that changed from the base of the PR and between c0150fb and c54cad3.

📒 Files selected for processing (9)

• .env.demo
• docs/usage.md
• mock_app/api/api_routes.py
• mock_app/api/routes/__init__.py
• mock_app/api/routes/api.py
• mock_app/api/routes/event.py
• mock_app/app.py
• mock_app/docs/example.http
• mock_app/sync/agreements.py

[coderabbitai]

♻️ Duplicate comments (1)

mock_app/docs/example.http (1)

1-1: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Remove the committed JWT literal from @auth_token.

The token value is still embedded in the file. Replace it with a non-secret placeholder to avoid leaking credentials in-repo.

Suggested fix

-@auth_token = eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJodHRwczovL2NsYWltcy5zb2Z0d2FyZW9uZS5jb20vZXh0ZW5zaW9uSWQiOiJFWFQtMjM0NS0zNTU0IiwiaHR0cHM6Ly9jbGFpbXMuc29mdHdhcmVvbmUuY29tL2FjY291bnRJZCI6IkFDQy0wMDAwLTM0NTMiLCJodHRwczovL2NsYWltcy5zb2Z0d2FyZW9uZS5jb20vbW9kdWxlcyI6eyJhY2Nlc3MtbWFuYWdlbWVudCI6WyJlZGl0Il0sImFjY291bnQtbWFuYWdlbWVudCI6WyJlZGl0Il0sImJpbGxpbmciOlsiZWRpdCJdfSwiaHR0cHM6Ly9jbGFpbXMuc29mdHdhcmVvbmUuY29tL2FjY291bnRUeXBlIjoiQ2xpZW50IiwiaXNzIjoiaHR0cHM6Ly9tcHQtZXh0ZW5zaW9ucy5zb2Z0d2FyZW9uZS5jb20iLCJzdWIiOiJFWFQtMjM0NS0zNTU0IiwiYXVkIjpbImh0dHBzOi8vYXBpLnB5cmFjbG91ZC5jb20vIl0sImlhdCI6MTg3NzUxMjc3OCwiZXhwIjoxODc3NTE2Mzc4fQ.
+@auth_token = <paste-non-prod-jwt-here>

As per coding guidelines: "For each subsequent commit in this PR, explicitly verify if previous review comments have been resolved".

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@mock_app/docs/example.http` at line 1, The file contains a committed JWT
literal assigned to the `@auth_token` variable; replace the literal value for
`@auth_token` in mock_app/docs/example.http with a non-secret placeholder (e.g. a
clearly named template or env variable like {{AUTH_TOKEN}} or ${AUTH_TOKEN}) and
remove the real token from the file, then commit the change and ensure you
verify this previous review comment is resolved in subsequent commits; locate
the assignment by the symbol "`@auth_token`" to update it.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Duplicate comments:
In `@mock_app/docs/example.http`:
- Line 1: The file contains a committed JWT literal assigned to the `@auth_token`
variable; replace the literal value for `@auth_token` in
mock_app/docs/example.http with a non-secret placeholder (e.g. a clearly named
template or env variable like {{AUTH_TOKEN}} or ${AUTH_TOKEN}) and remove the
real token from the file, then commit the change and ensure you verify this
previous review comment is resolved in subsequent commits; locate the assignment
by the symbol "`@auth_token`" to update it.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 920a83a7-e646-43b8-9e61-4735bba29ac0

📥 Commits

Reviewing files that changed from the base of the PR and between 20b11f5 and 252c3bc.

📒 Files selected for processing (9)

• .env.demo
• docs/usage.md
• mock_app/api/api_routes.py
• mock_app/api/routes/__init__.py
• mock_app/api/routes/api.py
• mock_app/api/routes/event.py
• mock_app/app.py
• mock_app/docs/example.http
• mock_app/sync/agreements.py

✅ Files skipped from review due to trivial changes (2)

• .env.demo
• docs/usage.md

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud