ICPI Minimum Shared Shell
Goal
This document defines the smallest realistic shared shell ICPI would still need if lifted out of svc-tenders without changing current gateway behavior or current auth behavior.
Minimum Shared Shell Inventory
| Shared dependency | Why it is needed now | After extraction verdict | Later direction | Notes |
| --- | --- | --- | --- | --- |
| API gateway proxy in services/api/src/routes/icpi.ts | Keeps public /icpi/* gateway surface stable while routing to the current ICPI host | should remain shared | keep as a narrow HTTP contract | Current seam already supports ICPI_SERVICE_URL ?? TENDERS_SERVICE_URL |
| Gateway auth middleware requireGatewayAuth | Protects POST /icpi/upsert before proxying | should remain shared | keep shared as backbone auth middleware | This is gateway-level behavior, not ICPI domain logic |
| Service-side auth ingress | Preserves current bearer-token and principal-resolution behavior for | can be wrapped behind a narrow contract | re-home into an ICPI-local hosting shell later | Auth behavior stays unchanged in current runtime |
| Auth service resolution path | Supplies principal resolution behind service auth ingress | should remain shared | keep shared as auth/identity service contract | This is a Kvary-wide identity dependency |
| Express/runtime bootstrap | Needed only because ICPI is currently hosted inside | should be removed before extraction | replace with ICPI-owned runtime bootstrap | This is hosting, not domain ownership |
| ICPI query parsing in | Normalizes ICPI request values | should move with ICPI | already ICPI-owned | No reason for this to stay shared |
| and ICPI contracts/validation | Own ICPI persistence and route-facing data shapes | should move with ICPI | move as extraction core | These are now ICPI-owned surfaces |
| Web/client ICPI request-response expectations | UI depends on current API shape | should remain contract-compatible | reduce duplication later | Shape stability matters more than package placement right now |