@a9s/cli 0.0.1 → 0.1.0

package/dist/src/views/s3/capabilities/editCapability.js

@@ -0,0 +1,35 @@
+import { PutObjectCommand } from "@aws-sdk/client-s3";
+import { readFile } from "fs/promises";
+import { downloadObject } from "../fetcher.js";
+export function createS3EditCapability(client, getLevel) {
+    const onEdit = async (row) => {
+        const level = getLevel();
+        const type = row.meta?.type;
+        if (level.kind !== "objects" || type !== "object") {
+            return { action: "none" };
+        }
+        const filePath = await downloadObject(client, level.bucket, row.meta?.key);
+        return {
+            action: "edit",
+            filePath,
+            metadata: {
+                bucket: level.bucket,
+                key: row.meta?.key,
+            },
+        };
+    };
+    const uploadFile = async (filePath, metadata) => {
+        const bucket = metadata.bucket;
+        const key = metadata.key;
+        const fileContent = await readFile(filePath);
+        await client.send(new PutObjectCommand({
+            Bucket: bucket,
+            Key: key,
+            Body: fileContent,
+        }));
+    };
+    return {
+        onEdit,
+        uploadFile,
+    };
+}

package/dist/src/views/s3/capabilities/yankCapability.js

@@ -0,0 +1,6 @@
+import { createYankCapability } from "../../../adapters/capabilities/YankCapability.js";
+import { S3RowMetaSchema } from "../schema.js";
+import { s3YankOptions } from "./yankOptions.js";
+export function createS3YankCapability(ctx) {
+    return createYankCapability(s3YankOptions, S3RowMetaSchema, ctx);
+}

package/dist/src/views/s3/capabilities/yankOptions.js

@@ -0,0 +1,55 @@
+const isS3Navigable = (row) => row.meta.type === "bucket" || row.meta.type === "folder" || row.meta.type === "object";
+export const s3YankOptions = [
+    {
+        trigger: { type: "key", char: "k" },
+        label: "copy key/path",
+        feedback: "Copied Key",
+        headerKey: "name",
+        isRelevant: isS3Navigable,
+        resolve: async (row, ctx) => {
+            const level = ctx.getLevel();
+            const bucket = level.kind === "objects" ? level.bucket : row.id;
+            if (row.meta.type === "bucket")
+                return `s3://${row.id}`;
+            return `s3://${bucket}/${row.meta.key}`;
+        },
+    },
+    {
+        trigger: { type: "key", char: "a" },
+        label: "copy arn",
+        feedback: "Copied ARN",
+        headerKey: "name",
+        isRelevant: isS3Navigable,
+        resolve: async (row, ctx) => {
+            const level = ctx.getLevel();
+            const bucket = level.kind === "objects" ? level.bucket : row.id;
+            if (row.meta.type === "bucket")
+                return `arn:aws:s3:::${row.id}`;
+            return `arn:aws:s3:::${bucket}/${row.meta.key}`;
+        },
+    },
+    {
+        trigger: { type: "key", char: "e" },
+        label: "copy etag",
+        feedback: "Copied ETag",
+        headerKey: "name",
+        isRelevant: (row) => row.meta.type === "object",
+        resolve: async (row, ctx) => {
+            const fields = await ctx.getDetails(row);
+            const etag = fields.find((f) => f.label === "ETag")?.value ?? "";
+            return etag && etag !== "-" ? etag : null;
+        },
+    },
+    {
+        trigger: { type: "key", char: "d" },
+        label: "copy last-modified",
+        feedback: "Copied Last Modified",
+        headerKey: "lastModified",
+        isRelevant: (row) => row.meta.type === "object",
+        resolve: async (row, ctx) => {
+            const fields = await ctx.getDetails(row);
+            const lastModified = fields.find((f) => f.label === "Last Modified")?.value ?? "";
+            return lastModified && lastModified !== "-" ? lastModified : null;
+        },
+    },
+];

package/dist/src/views/s3/client.js

@@ -0,0 +1,12 @@
+import { S3Client } from "@aws-sdk/client-s3";
+export function createS3Client(endpointUrl, region) {
+    return new S3Client({
+        ...(region ? { region } : {}),
+        ...(endpointUrl
+            ? {
+                endpoint: endpointUrl,
+                forcePathStyle: true,
+            }
+            : {}),
+    });
+}

package/dist/src/views/s3/fetcher.js

@@ -0,0 +1,86 @@
+import { ListBucketsCommand, ListObjectsV2Command, GetObjectCommand, HeadObjectCommand, } from "@aws-sdk/client-s3";
+import { mkdir, stat, writeFile } from "fs/promises";
+import { tmpdir } from "os";
+import { basename, join, resolve } from "path";
+export async function fetchBuckets(client) {
+    const response = await client.send(new ListBucketsCommand({}));
+    return (response.Buckets ?? []).map((b) => ({
+        name: b.Name ?? "",
+        creationDate: b.CreationDate,
+    }));
+}
+export async function fetchObjects(client, bucket, prefix) {
+    const response = await client.send(new ListObjectsV2Command({
+        Bucket: bucket,
+        Prefix: prefix || undefined,
+        Delimiter: "/",
+    }));
+    const folders = (response.CommonPrefixes ?? []).map((cp) => ({
+        key: cp.Prefix ?? "",
+        size: undefined,
+        lastModified: undefined,
+        isFolder: true,
+    }));
+    const files = (response.Contents ?? [])
+        .filter((obj) => obj.Key !== prefix) // skip the "directory" marker itself
+        .map((obj) => ({
+        key: obj.Key ?? "",
+        size: obj.Size,
+        lastModified: obj.LastModified ?? undefined,
+        isFolder: false,
+    }));
+    return [...folders, ...files];
+}
+export async function downloadObject(client, bucket, key) {
+    const response = await client.send(new GetObjectCommand({ Bucket: bucket, Key: key }));
+    if (!response.Body)
+        throw new Error("Empty response body");
+    const bytes = await response.Body.transformToByteArray();
+    const safeName = key.replace(/\//g, "_");
+    const filePath = join(tmpdir(), `a9s_${safeName}`);
+    await writeFile(filePath, bytes);
+    return filePath;
+}
+export async function downloadObjectToPath(client, bucket, key, destinationPath, overwrite = false) {
+    const response = await client.send(new GetObjectCommand({ Bucket: bucket, Key: key }));
+    if (!response.Body)
+        throw new Error("Empty response body");
+    const bytes = await response.Body.transformToByteArray();
+    const rawTarget = destinationPath.trim();
+    const absTarget = resolve(rawTarget);
+    const fileName = basename(key);
+    const endsWithSlash = rawTarget.endsWith("/") || rawTarget.endsWith("\\");
+    let finalPath = absTarget;
+    if (endsWithSlash) {
+        await mkdir(absTarget, { recursive: true });
+        finalPath = join(absTarget, fileName);
+    }
+    else {
+        const targetStat = await stat(absTarget).catch(() => null);
+        if (targetStat?.isDirectory()) {
+            finalPath = join(absTarget, fileName);
+        }
+        else if (targetStat?.isFile()) {
+            finalPath = absTarget;
+            if (!overwrite) {
+                throw new Error(`EEXIST_FILE:${finalPath}`);
+            }
+        }
+    }
+    await mkdir(resolve(finalPath, ".."), { recursive: true });
+    await writeFile(finalPath, bytes);
+    return finalPath;
+}
+export async function headObject(client, bucket, key) {
+    const res = await client.send(new HeadObjectCommand({ Bucket: bucket, Key: key }));
+    return {
+        contentType: res.ContentType,
+        contentLength: res.ContentLength?.toString(),
+        etag: res.ETag?.replace(/"/g, ""),
+        lastModified: res.LastModified?.toISOString().replace("T", " ").slice(0, 19),
+        storageClass: res.StorageClass ?? "STANDARD",
+        versionId: res.VersionId,
+        serverSideEncryption: res.ServerSideEncryption,
+        ...Object.fromEntries(Object.entries(res.Metadata ?? {}).map(([k, v]) => [`meta:${k}`, v])),
+    };
+}

package/dist/src/views/s3/schema.js

@@ -0,0 +1,6 @@
+import { z } from "zod";
+export const S3RowMetaSchema = z.discriminatedUnion("type", [
+    z.object({ type: z.literal("bucket") }),
+    z.object({ type: z.literal("folder"), key: z.string() }),
+    z.object({ type: z.literal("object"), key: z.string() }),
+]);

package/dist/src/views/s3/utils.js

@@ -0,0 +1,19 @@
+export function formatSize(bytes) {
+    if (bytes === undefined)
+        return "-";
+    if (bytes < 1024)
+        return `${bytes} B`;
+    if (bytes < 1024 * 1024)
+        return `${(bytes / 1024).toFixed(1)} KB`;
+    if (bytes < 1024 * 1024 * 1024)
+        return `${(bytes / 1024 / 1024).toFixed(1)} MB`;
+    return `${(bytes / 1024 / 1024 / 1024).toFixed(1)} GB`;
+}
+export function toParentPrefix(spec) {
+    if (!spec)
+        return "";
+    if (spec.endsWith("/"))
+        return spec;
+    const idx = spec.lastIndexOf("/");
+    return idx >= 0 ? spec.slice(0, idx + 1) : "";
+}

package/dist/src/views/secretsmanager/adapter.js

@@ -0,0 +1,188 @@
+import { textCell, secretCell } from "../../types.js";
+import { runAwsJsonAsync } from "../../utils/aws.js";
+import { atom } from "jotai";
+import { getDefaultStore } from "jotai";
+import { revealSecretsAtom } from "../../state/atoms.js";
+import { createSecretsManagerDetailCapability } from "./capabilities/detailCapability.js";
+import { createSecretsManagerYankCapability } from "./capabilities/yankCapability.js";
+import { createSecretsManagerActionCapability } from "./capabilities/actionCapability.js";
+import { createSecretsManagerEditCapability } from "./capabilities/editCapability.js";
+export const secretLevelAtom = atom({ kind: "secrets" });
+export const secretBackStackAtom = atom([]);
+function tryParseFields(secretString) {
+    try {
+        const parsed = JSON.parse(secretString);
+        if (typeof parsed === "object" && parsed !== null && !Array.isArray(parsed)) {
+            return Object.fromEntries(Object.entries(parsed).map(([k, v]) => [k, String(v)]));
+        }
+    }
+    catch {
+        // Not JSON
+    }
+    return null;
+}
+export function createSecretsManagerServiceAdapter(endpointUrl, region) {
+    const store = getDefaultStore();
+    const regionArgs = region ? ["--region", region] : [];
+    // Getters and setters for level/backStack from atoms
+    const getLevel = () => store.get(secretLevelAtom);
+    const setLevel = (level) => store.set(secretLevelAtom, level);
+    const getBackStack = () => store.get(secretBackStackAtom);
+    const setBackStack = (stack) => store.set(secretBackStackAtom, stack);
+    const setReveal = (reveal) => store.set(revealSecretsAtom, reveal);
+    const getColumns = () => {
+        const level = getLevel();
+        if (level.kind === "secrets") {
+            return [
+                { key: "name", label: "Name" },
+                { key: "description", label: "Description", width: 30 },
+                { key: "lastChanged", label: "Last Changed", width: 22 },
+                { key: "rotation", label: "Rotation", width: 10 },
+            ];
+        }
+        // secret-fields level
+        return [
+            { key: "key", label: "Key" },
+            { key: "value", label: "Value", width: 50 },
+        ];
+    };
+    const getRows = async () => {
+        const level = getLevel();
+        if (level.kind === "secrets") {
+            const data = await runAwsJsonAsync([
+                "secretsmanager",
+                "list-secrets",
+                ...regionArgs,
+            ]);
+            return (data.SecretList ?? []).map((secret) => ({
+                id: secret.ARN,
+                cells: {
+                    name: textCell(secret.Name),
+                    description: textCell(secret.Description ?? ""),
+                    lastChanged: textCell(secret.LastChangedDate
+                        ? new Date(secret.LastChangedDate).toISOString().replace("T", " ").slice(0, 19)
+                        : "-"),
+                    rotation: textCell(secret.RotationEnabled ? "✓" : "-"),
+                },
+                meta: {
+                    type: "secret",
+                    name: secret.Name,
+                    arn: secret.ARN,
+                    description: secret.Description ?? "",
+                },
+            }));
+        }
+        // secret-fields level
+        const { secretArn, secretName } = level;
+        try {
+            const secretData = await runAwsJsonAsync([
+                "secretsmanager",
+                "get-secret-value",
+                "--secret-id",
+                secretArn,
+                ...regionArgs,
+            ]);
+            const secretString = secretData.SecretString || "";
+            const fields = [];
+            // Always add $RAW field (the whole secret value)
+            fields.push({ key: "$RAW", value: secretString });
+            // If JSON, also add parsed fields
+            const parsed = tryParseFields(secretString);
+            if (parsed) {
+                Object.entries(parsed).forEach(([key, value]) => {
+                    fields.push({ key, value });
+                });
+            }
+            // Store raw values; formatting happens at display time based on reveal state
+            return fields.map(({ key, value }) => ({
+                id: key,
+                cells: {
+                    key: textCell(key),
+                    value: secretCell(value), // Raw value - will be formatted at display time
+                },
+                meta: {
+                    type: "secret-field",
+                    key,
+                    value, // Raw value stored in metadata too
+                    secretArn,
+                    secretName,
+                },
+            }));
+        }
+        catch {
+            return [];
+        }
+    };
+    const onSelect = async (row) => {
+        const level = getLevel();
+        const backStack = getBackStack();
+        const meta = row.meta;
+        if (level.kind === "secrets") {
+            if (!meta || meta.type !== "secret") {
+                return { action: "none" };
+            }
+            // Always navigate to level 2 (which includes $RAW field)
+            const newStack = [...backStack, { level: level, selectedIndex: 0 }];
+            setBackStack(newStack);
+            setLevel({
+                kind: "secret-fields",
+                secretArn: meta.arn,
+                secretName: meta.name,
+            });
+            // Reset reveal state when entering a secret (security: always start hidden)
+            setReveal(false);
+            return { action: "navigate" };
+        }
+        // secret-fields level: do nothing (use "e" key to edit)
+        return { action: "none" };
+    };
+    const canGoBack = () => getBackStack().length > 0;
+    const goBack = () => {
+        const backStack = getBackStack();
+        if (backStack.length > 0) {
+            const newStack = backStack.slice(0, -1);
+            const frame = backStack[backStack.length - 1];
+            setBackStack(newStack);
+            setLevel(frame.level);
+        }
+    };
+    const getPath = () => {
+        const level = getLevel();
+        if (level.kind === "secrets")
+            return "secrets://";
+        return `secrets://${level.secretName}`;
+    };
+    const getContextLabel = () => {
+        const level = getLevel();
+        if (level.kind === "secrets")
+            return "🔑 Secrets Manager";
+        return `🔑 Secret: ${level.secretName}`;
+    };
+    // Compose capabilities
+    const detailCapability = createSecretsManagerDetailCapability(region, getLevel);
+    const editCapability = createSecretsManagerEditCapability(region, getLevel);
+    const yankCapability = createSecretsManagerYankCapability(region, getLevel);
+    const actionCapability = createSecretsManagerActionCapability(region, getLevel);
+    return {
+        id: "secretsmanager",
+        label: "Secrets Manager",
+        hudColor: { bg: "blue", fg: "white" },
+        getColumns,
+        getRows,
+        onSelect,
+        canGoBack,
+        goBack,
+        getPath,
+        getContextLabel,
+        reset() {
+            setLevel({ kind: "secrets" });
+            setBackStack([]);
+        },
+        capabilities: {
+            edit: editCapability,
+            detail: detailCapability,
+            yank: yankCapability,
+            actions: actionCapability,
+        },
+    };
+}

package/dist/src/views/secretsmanager/capabilities/actionCapability.js

@@ -0,0 +1,193 @@
+import { runAwsJsonAsync } from "../../../utils/aws.js";
+import { writeFile, stat, mkdir } from "fs/promises";
+import { resolve, join } from "path";
+function toErrorMessage(error) {
+    if (error instanceof Error)
+        return error.message;
+    return String(error);
+}
+function hasCode(error, code) {
+    return Boolean(typeof error === "object" &&
+        error !== null &&
+        "code" in error &&
+        error.code === code);
+}
+export function createSecretsManagerActionCapability(region, getLevel) {
+    const regionArgs = region ? ["--region", region] : [];
+    const getKeybindings = () => [
+        {
+            trigger: { type: "key", char: "f" },
+            actionId: "fetch",
+            label: "Fetch / save to file",
+            shortLabel: "save file",
+            scope: "navigate",
+            adapterId: "secrets-manager",
+        },
+    ];
+    const executeAction = async (actionId, context) => {
+        const level = getLevel?.();
+        if (actionId === "fetch") {
+            // Start fetch flow: prompt for path
+            if (!context.row)
+                return { type: "error", message: "No row selected" };
+            const meta = context.row.meta;
+            if (!meta) {
+                return { type: "error", message: "No item selected" };
+            }
+            const isValidLevel = (level?.kind === "secrets" && meta.type === "secret") ||
+                (level?.kind === "secret-fields" && meta.type === "secret-field");
+            if (!isValidLevel) {
+                return { type: "error", message: "Fetch is not available for this item" };
+            }
+            const promptLabel = level?.kind === "secrets" ? "Fetch secret to:" : "Fetch field to:";
+            return {
+                type: "prompt",
+                label: promptLabel,
+                defaultValue: "",
+                nextActionId: "fetch:submit",
+            };
+        }
+        if (actionId === "fetch:submit") {
+            // User entered a path; try to write the secret/field
+            if (!context.row || !context.data?.path) {
+                return { type: "error", message: "Invalid path" };
+            }
+            const meta = context.row.meta;
+            if (!meta) {
+                return { type: "error", message: "No item selected" };
+            }
+            let content = "";
+            let defaultFileName = "data.txt";
+            try {
+                if (level?.kind === "secrets" && meta.type === "secret") {
+                    // Fetch secret value
+                    const secretData = await runAwsJsonAsync([
+                        "secretsmanager",
+                        "get-secret-value",
+                        "--secret-id",
+                        meta.arn,
+                        ...regionArgs,
+                    ]);
+                    content =
+                        secretData.SecretString ||
+                            (secretData.SecretBinary
+                                ? Buffer.from(secretData.SecretBinary, "base64").toString()
+                                : "");
+                    defaultFileName = `${meta.name}.txt`;
+                }
+                else if (level?.kind === "secret-fields" && meta.type === "secret-field") {
+                    // Use field value directly
+                    content = meta.value || "";
+                    defaultFileName = `${meta.key}.txt`;
+                }
+                else {
+                    return { type: "error", message: "Invalid item type" };
+                }
+                const destinationPath = context.data.path;
+                // Handle destination path
+                const rawTarget = destinationPath.trim();
+                const absTarget = resolve(rawTarget);
+                const endsWithSlash = rawTarget.endsWith("/") || rawTarget.endsWith("\\");
+                let finalPath = absTarget;
+                if (endsWithSlash) {
+                    await mkdir(absTarget, { recursive: true });
+                    finalPath = join(absTarget, defaultFileName);
+                }
+                else {
+                    const targetStat = await stat(absTarget).catch(() => null);
+                    if (targetStat?.isDirectory()) {
+                        finalPath = join(absTarget, defaultFileName);
+                    }
+                    else if (targetStat?.isFile()) {
+                        finalPath = absTarget;
+                        throw new Error("EEXIST_FILE:" + finalPath);
+                    }
+                }
+                // Ensure parent directory exists
+                await mkdir(resolve(finalPath, ".."), { recursive: true });
+                await writeFile(finalPath, content, { mode: 0o600 });
+                return {
+                    type: "feedback",
+                    message: `Saved to ${finalPath}`,
+                };
+            }
+            catch (err) {
+                // Check for file exists error
+                if (hasCode(err, "EEXIST")) {
+                    const destinationPath = context.data.path;
+                    return {
+                        type: "confirm",
+                        message: `File exists. Overwrite ${destinationPath}?`,
+                        nextActionId: "fetch:overwrite",
+                        data: { path: destinationPath },
+                    };
+                }
+                if (err instanceof Error && err.message.includes("EEXIST_FILE")) {
+                    const filePath = err.message.replace("EEXIST_FILE:", "");
+                    return {
+                        type: "confirm",
+                        message: `File exists. Overwrite ${filePath}?`,
+                        nextActionId: "fetch:overwrite",
+                        data: { path: filePath },
+                    };
+                }
+                return {
+                    type: "error",
+                    message: `Fetch failed: ${toErrorMessage(err)}`,
+                };
+            }
+        }
+        if (actionId === "fetch:overwrite") {
+            // User confirmed overwrite
+            if (!context.row || !context.data?.path) {
+                return { type: "error", message: "Invalid path" };
+            }
+            const meta = context.row.meta;
+            if (!meta) {
+                return { type: "error", message: "No item selected" };
+            }
+            const destinationPath = context.data.path;
+            try {
+                let content = "";
+                if (level?.kind === "secrets" && meta.type === "secret") {
+                    // Fetch secret value
+                    const secretData = await runAwsJsonAsync([
+                        "secretsmanager",
+                        "get-secret-value",
+                        "--secret-id",
+                        meta.arn,
+                        ...regionArgs,
+                    ]);
+                    content =
+                        secretData.SecretString ||
+                            (secretData.SecretBinary
+                                ? Buffer.from(secretData.SecretBinary, "base64").toString()
+                                : "");
+                }
+                else if (level?.kind === "secret-fields" && meta.type === "secret-field") {
+                    // Use field value directly
+                    content = meta.value || "";
+                }
+                else {
+                    return { type: "error", message: "Invalid item type" };
+                }
+                await writeFile(destinationPath, content, { mode: 0o600 });
+                return {
+                    type: "feedback",
+                    message: `Saved to ${destinationPath}`,
+                };
+            }
+            catch (err) {
+                return {
+                    type: "error",
+                    message: `Fetch failed: ${toErrorMessage(err)}`,
+                };
+            }
+        }
+        return { type: "none" };
+    };
+    return {
+        getKeybindings,
+        executeAction,
+    };
+}

package/dist/src/views/secretsmanager/capabilities/detailCapability.js

@@ -0,0 +1,46 @@
+import { runAwsJsonAsync } from "../../../utils/aws.js";
+export function createSecretsManagerDetailCapability(region, getLevel) {
+    const regionArgs = region ? ["--region", region] : [];
+    const getDetails = async (row) => {
+        const meta = row.meta;
+        if (!meta) {
+            return [];
+        }
+        const level = getLevel?.();
+        // Level 1: Secret details
+        if (level?.kind === "secrets" && meta.type === "secret") {
+            const data = await runAwsJsonAsync([
+                "secretsmanager",
+                "describe-secret",
+                "--secret-id",
+                meta.arn,
+                ...regionArgs,
+            ]);
+            const fields = [
+                { label: "Name", value: String(data.Name ?? "-") },
+                { label: "ARN", value: String(data.ARN ?? "-") },
+                { label: "Description", value: String(data.Description ?? "-") },
+                { label: "Last Changed", value: String(data.LastChangedDate ?? "-") },
+                { label: "Last Rotated", value: String(data.LastRotatedDate ?? "-") },
+                { label: "Rotation Enabled", value: data.RotationEnabled ? "Yes" : "No" },
+                { label: "KMS Key ID", value: String(data.KmsKeyId ?? "-") },
+                {
+                    label: "Tags",
+                    value: data.Tags && data.Tags.length > 0 ? `${data.Tags.length} tag(s)` : "-",
+                },
+            ];
+            return fields;
+        }
+        // Level 2: Field details
+        if (level?.kind === "secret-fields" && meta.type === "secret-field") {
+            const fields = [
+                { label: "Field Key", value: String(meta.key ?? "-") },
+                { label: "Secret Name", value: String(meta.secretName ?? "-") },
+                { label: "Value", value: String(meta.value ?? "-") },
+            ];
+            return fields;
+        }
+        return [];
+    };
+    return { getDetails };
+}