@aifabrix/builder 2.0.0 → 2.0.3

package/lib/generator.js

@@ -14,6 +14,278 @@ const path = require('path');
 const yaml = require('js-yaml');
 const _secrets = require('./secrets');
 const _keyGenerator = require('./key-generator');
+const _validator = require('./validator');
+
+/**
+ * Loads variables.yaml file
+ * @param {string} variablesPath - Path to variables.yaml
+ * @returns {Object} Parsed variables
+ * @throws {Error} If file not found or invalid YAML
+ */
+function loadVariables(variablesPath) {
+  if (!fs.existsSync(variablesPath)) {
+    throw new Error(`variables.yaml not found: ${variablesPath}`);
+  }
+
+  const variablesContent = fs.readFileSync(variablesPath, 'utf8');
+  try {
+    return { content: variablesContent, parsed: yaml.load(variablesContent) };
+  } catch (error) {
+    throw new Error(`Invalid YAML syntax in variables.yaml: ${error.message}`);
+  }
+}
+
+/**
+ * Loads env.template file
+ * @param {string} templatePath - Path to env.template
+ * @returns {string} Template content
+ * @throws {Error} If file not found
+ */
+function loadEnvTemplate(templatePath) {
+  if (!fs.existsSync(templatePath)) {
+    throw new Error(`env.template not found: ${templatePath}`);
+  }
+  return fs.readFileSync(templatePath, 'utf8');
+}
+
+/**
+ * Loads rbac.yaml file if it exists
+ * @param {string} rbacPath - Path to rbac.yaml
+ * @returns {Object|null} Parsed RBAC configuration or null
+ * @throws {Error} If file exists but has invalid YAML
+ */
+function loadRbac(rbacPath) {
+  if (!fs.existsSync(rbacPath)) {
+    return null;
+  }
+
+  const rbacContent = fs.readFileSync(rbacPath, 'utf8');
+  try {
+    return yaml.load(rbacContent);
+  } catch (error) {
+    throw new Error(`Invalid YAML syntax in rbac.yaml: ${error.message}`);
+  }
+}
+
+/**
+ * Filters configuration based on registry mode
+ * When registryMode is "external", only DOCKER_REGISTRY_SERVER_* variables are allowed
+ * @function filterConfigurationByRegistryMode
+ * @param {Array} configuration - Environment configuration
+ * @param {string} registryMode - Registry mode ('external' or 'internal')
+ * @returns {Array} Filtered configuration
+ */
+function filterConfigurationByRegistryMode(configuration, registryMode) {
+  if (registryMode !== 'external') {
+    return configuration;
+  }
+
+  const allowedDockerRegistryVars = [
+    'DOCKER_REGISTRY_SERVER_URL',
+    'DOCKER_REGISTRY_SERVER_USERNAME',
+    'DOCKER_REGISTRY_SERVER_PASSWORD'
+  ];
+  return configuration.filter(config => allowedDockerRegistryVars.includes(config.name));
+}
+
+/**
+ * Builds base deployment structure
+ * @function buildBaseDeployment
+ * @param {string} appName - Application name
+ * @param {Object} variables - Variables configuration
+ * @param {Array} filteredConfiguration - Filtered environment configuration
+ * @returns {Object} Base deployment structure
+ */
+function buildBaseDeployment(appName, variables, filteredConfiguration) {
+  const requires = variables.requires || {};
+  return {
+    key: variables.app?.key || appName,
+    displayName: variables.app?.displayName || appName,
+    description: variables.app?.description || '',
+    type: variables.app?.type || 'webapp',
+    image: buildImageReference(variables),
+    registryMode: variables.image?.registryMode || 'external',
+    port: variables.port || 3000,
+    requiresDatabase: requires.database || false,
+    requiresRedis: requires.redis || false,
+    requiresStorage: requires.storage || false,
+    databases: requires.databases || (requires.database ? [{ name: variables.app?.key || 'app' }] : []),
+    configuration: filteredConfiguration
+  };
+}
+
+/**
+ * Builds authentication configuration from variables or RBAC
+ * @function buildAuthenticationConfig
+ * @param {Object} variables - Variables configuration
+ * @param {Object|null} rbac - RBAC configuration
+ * @returns {Object} Authentication configuration
+ */
+function buildAuthenticationConfig(variables, rbac) {
+  if (variables.authentication) {
+    const auth = {
+      type: variables.authentication.type || 'azure',
+      enableSSO: variables.authentication.enableSSO !== undefined ? variables.authentication.enableSSO : true,
+      requiredRoles: variables.authentication.requiredRoles || []
+    };
+    if (variables.authentication.endpoints) {
+      auth.endpoints = variables.authentication.endpoints;
+    }
+    return auth;
+  }
+  return buildAuthentication(rbac);
+}
+
+/**
+ * Validates and transforms repository configuration
+ * @function validateRepositoryConfig
+ * @param {Object} repository - Repository configuration
+ * @returns {Object|null} Validated repository config or null
+ */
+function validateRepositoryConfig(repository) {
+  if (!repository || (!repository.enabled && !repository.repositoryUrl)) {
+    return null;
+  }
+
+  if (repository.repositoryUrl && repository.repositoryUrl.trim()) {
+    return {
+      enabled: repository.enabled || false,
+      repositoryUrl: repository.repositoryUrl
+    };
+  }
+
+  if (repository.enabled) {
+    return { enabled: true };
+  }
+
+  return null;
+}
+
+/**
+ * Validates and transforms build fields
+ * @function validateBuildFields
+ * @param {Object} build - Build configuration
+ * @returns {Object|null} Validated build config or null
+ */
+function validateBuildFields(build) {
+  if (!build) {
+    return null;
+  }
+
+  const buildConfig = {};
+  if (build.envOutputPath) {
+    buildConfig.envOutputPath = build.envOutputPath;
+  }
+  if (build.secrets && typeof build.secrets === 'string') {
+    buildConfig.secrets = build.secrets;
+  }
+  if (build.dockerfile && build.dockerfile.trim()) {
+    buildConfig.dockerfile = build.dockerfile;
+  }
+
+  return Object.keys(buildConfig).length > 0 ? buildConfig : null;
+}
+
+/**
+ * Validates and transforms deployment fields
+ * @function validateDeploymentFields
+ * @param {Object} deployment - Deployment configuration
+ * @returns {Object|null} Validated deployment config or null
+ */
+function validateDeploymentFields(deployment) {
+  if (!deployment) {
+    return null;
+  }
+
+  const deploymentConfig = {};
+  if (deployment.controllerUrl && deployment.controllerUrl.trim() && deployment.controllerUrl.startsWith('https://')) {
+    deploymentConfig.controllerUrl = deployment.controllerUrl;
+  }
+  if (deployment.clientId && deployment.clientId.trim()) {
+    deploymentConfig.clientId = deployment.clientId;
+  }
+  if (deployment.clientSecret && deployment.clientSecret.trim()) {
+    deploymentConfig.clientSecret = deployment.clientSecret;
+  }
+
+  return Object.keys(deploymentConfig).length > 0 ? deploymentConfig : null;
+}
+
+/**
+ * Adds optional fields to deployment manifest
+ * @function buildOptionalFields
+ * @param {Object} deployment - Deployment manifest
+ * @param {Object} variables - Variables configuration
+ * @param {Object|null} rbac - RBAC configuration
+ * @returns {Object} Deployment manifest with optional fields
+ */
+function buildOptionalFields(deployment, variables, rbac) {
+  if (variables.healthCheck) {
+    deployment.healthCheck = buildHealthCheck(variables);
+  }
+
+  deployment.authentication = buildAuthenticationConfig(variables, rbac);
+
+  // Add roles and permissions (from variables.yaml or rbac.yaml)
+  // Priority: variables.yaml > rbac.yaml
+  if (variables.roles) {
+    deployment.roles = variables.roles;
+  } else if (rbac && rbac.roles) {
+    deployment.roles = rbac.roles;
+  }
+
+  if (variables.permissions) {
+    deployment.permissions = variables.permissions;
+  } else if (rbac && rbac.permissions) {
+    deployment.permissions = rbac.permissions;
+  }
+
+  const repository = validateRepositoryConfig(variables.repository);
+  if (repository) {
+    deployment.repository = repository;
+  }
+
+  const build = validateBuildFields(variables.build);
+  if (build) {
+    deployment.build = build;
+  }
+
+  const deploymentConfig = validateDeploymentFields(variables.deployment);
+  if (deploymentConfig) {
+    deployment.deployment = deploymentConfig;
+  }
+
+  if (variables.startupCommand) {
+    deployment.startupCommand = variables.startupCommand;
+  }
+  if (variables.runtimeVersion) {
+    deployment.runtimeVersion = variables.runtimeVersion;
+  }
+  if (variables.scaling) {
+    deployment.scaling = variables.scaling;
+  }
+  if (variables.frontDoorRouting) {
+    deployment.frontDoorRouting = variables.frontDoorRouting;
+  }
+
+  return deployment;
+}
+
+/**
+ * Builds deployment manifest structure
+ * @param {string} appName - Application name
+ * @param {Object} variables - Variables configuration
+ * @param {string} deploymentKey - Deployment key
+ * @param {Array} configuration - Environment configuration
+ * @param {Object|null} rbac - RBAC configuration
+ * @returns {Object} Deployment manifest
+ */
+function buildManifestStructure(appName, variables, deploymentKey, configuration, rbac) {
+  const registryMode = variables.image?.registryMode || 'external';
+  const filteredConfiguration = filterConfigurationByRegistryMode(configuration, registryMode);
+  const deployment = buildBaseDeployment(appName, variables, filteredConfiguration);
+  return buildOptionalFields(deployment, variables, rbac);
+}
 
 /**
  * Generates deployment JSON from application configuration files
@@ -40,36 +312,10 @@ async function generateDeployJson(appName) {
   const rbacPath = path.join(builderPath, 'rbac.yaml');
   const jsonPath = path.join(builderPath, 'aifabrix-deploy.json');
 
-  // Load variables.yaml
-  if (!fs.existsSync(variablesPath)) {
-    throw new Error(`variables.yaml not found: ${variablesPath}`);
-  }
-
-  const variablesContent = fs.readFileSync(variablesPath, 'utf8');
-  let variables;
-  try {
-    variables = yaml.load(variablesContent);
-  } catch (error) {
-    throw new Error(`Invalid YAML syntax in variables.yaml: ${error.message}`);
-  }
-
-  // Load env.template
-  if (!fs.existsSync(templatePath)) {
-    throw new Error(`env.template not found: ${templatePath}`);
-  }
-
-  const envTemplate = fs.readFileSync(templatePath, 'utf8');
-
-  // Load rbac.yaml (optional)
-  let rbac = null;
-  if (fs.existsSync(rbacPath)) {
-    const rbacContent = fs.readFileSync(rbacPath, 'utf8');
-    try {
-      rbac = yaml.load(rbacContent);
-    } catch (error) {
-      throw new Error(`Invalid YAML syntax in rbac.yaml: ${error.message}`);
-    }
-  }
+  // Load configuration files
+  const { content: variablesContent, parsed: variables } = loadVariables(variablesPath);
+  const envTemplate = loadEnvTemplate(templatePath);
+  const rbac = loadRbac(rbacPath);
 
   // Generate deployment key
   const deploymentKey = _keyGenerator.generateDeploymentKeyFromContent(variablesContent);
@@ -78,24 +324,13 @@ async function generateDeployJson(appName) {
   const configuration = parseEnvironmentVariables(envTemplate);
 
   // Build deployment manifest
-  const deployment = {
-    key: variables.app?.key || appName,
-    displayName: variables.app?.displayName || appName,
-    description: variables.app?.description || '',
-    type: variables.app?.type || 'webapp',
-    image: buildImageReference(variables),
-    port: variables.port || 3000,
-    deploymentKey,
-    configuration,
-    healthCheck: buildHealthCheck(variables),
-    requires: buildRequirements(variables),
-    authentication: buildAuthentication(rbac)
-  };
+  const deployment = buildManifestStructure(appName, variables, deploymentKey, configuration, rbac);
 
-  // Add roles and permissions if RBAC is configured
-  if (rbac) {
-    deployment.roles = rbac.roles || [];
-    deployment.permissions = rbac.permissions || [];
+  // Validate deployment JSON against schema
+  const validation = _validator.validateDeploymentJson(deployment);
+  if (!validation.valid) {
+    const errorMessages = validation.errors.join('\n');
+    throw new Error(`Generated deployment JSON does not match schema:\n${errorMessages}`);
   }
 
   // Write deployment JSON
@@ -105,14 +340,6 @@ async function generateDeployJson(appName) {
   return jsonPath;
 }
 
-/**
- * Parses environment variables from env.template
- * Converts kv:// references to KeyVault configuration
- *
- * @function parseEnvironmentVariables
- * @param {string} envTemplate - Environment template content
- * @returns {Array} Array of configuration objects
- */
 function parseEnvironmentVariables(envTemplate) {
   const configuration = [];
   const lines = envTemplate.split('\n');
@@ -164,14 +391,6 @@ function parseEnvironmentVariables(envTemplate) {
   return configuration;
 }
 
-/**
- * Builds image reference from variables configuration
- * Handles registry, name, and tag formatting
- *
- * @function buildImageReference
- * @param {Object} variables - Variables configuration
- * @returns {string} Complete image reference
- */
 function buildImageReference(variables) {
   const imageName = variables.image?.name || variables.app?.key || 'app';
   const registry = variables.image?.registry;
@@ -184,31 +403,29 @@ function buildImageReference(variables) {
   return `${imageName}:${tag}`;
 }
 
-/**
- * Builds health check configuration from variables
- * Provides default health check settings
- *
- * @function buildHealthCheck
- * @param {Object} variables - Variables configuration
- * @returns {Object} Health check configuration
- */
 function buildHealthCheck(variables) {
-  return {
+  const healthCheck = {
     path: variables.healthCheck?.path || '/health',
-    interval: variables.healthCheck?.interval || 30,
-    timeout: variables.healthCheck?.timeout || 10,
-    retries: variables.healthCheck?.retries || 3
+    interval: variables.healthCheck?.interval || 30
   };
+
+  // Add optional probe fields if present
+  if (variables.healthCheck?.probePath) {
+    healthCheck.probePath = variables.healthCheck.probePath;
+  }
+  if (variables.healthCheck?.probeRequestType) {
+    healthCheck.probeRequestType = variables.healthCheck.probeRequestType;
+  }
+  if (variables.healthCheck?.probeProtocol) {
+    healthCheck.probeProtocol = variables.healthCheck.probeProtocol;
+  }
+  if (variables.healthCheck?.probeIntervalInSeconds) {
+    healthCheck.probeIntervalInSeconds = variables.healthCheck.probeIntervalInSeconds;
+  }
+
+  return healthCheck;
 }
 
-/**
- * Builds requirements configuration from variables
- * Maps database, Redis, and storage requirements
- *
- * @function buildRequirements
- * @param {Object} variables - Variables configuration
- * @returns {Object} Requirements configuration
- */
 function buildRequirements(variables) {
   const requires = variables.requires || {};
 
@@ -221,126 +438,27 @@ function buildRequirements(variables) {
   };
 }
 
-/**
- * Builds authentication configuration from RBAC
- * Configures authentication settings for the application
- *
- * @function buildAuthentication
- * @param {Object} rbac - RBAC configuration (optional)
- * @returns {Object} Authentication configuration
- */
 function buildAuthentication(rbac) {
   if (!rbac) {
     return {
-      enabled: false,
-      type: 'none'
+      type: 'none',
+      enableSSO: false,
+      requiredRoles: []
     };
   }
 
   return {
-    enabled: true,
-    type: 'keycloak', // Default to Keycloak
-    sso: true,
-    requiredRoles: rbac.roles?.map(role => role.value) || [],
-    permissions: rbac.permissions?.map(perm => perm.name) || []
-  };
-}
-
-/**
- * Validates deployment JSON before writing
- * Ensures all required fields are present and valid
- *
- * @function validateDeploymentJson
- * @param {Object} deployment - Deployment configuration object
- * @returns {Object} Validation result
- */
-function validateDeploymentJson(deployment) {
-  const errors = [];
-  const warnings = [];
-
-  // Required fields validation
-  if (!deployment.key) {
-    errors.push('Missing required field: key');
-  }
-
-  if (!deployment.displayName) {
-    errors.push('Missing required field: displayName');
-  }
-
-  if (!deployment.image) {
-    errors.push('Missing required field: image');
-  }
-
-  if (!deployment.port || deployment.port < 1 || deployment.port > 65535) {
-    errors.push('Invalid port: must be between 1 and 65535');
-  }
-
-  if (!deployment.deploymentKey) {
-    errors.push('Missing required field: deploymentKey');
-  }
-
-  // Validate deployment key format
-  if (deployment.deploymentKey && !_keyGenerator.validateDeploymentKey(deployment.deploymentKey)) {
-    errors.push('Invalid deployment key format');
-  }
-
-  // Configuration validation
-  if (!deployment.configuration || !Array.isArray(deployment.configuration)) {
-    errors.push('Missing or invalid configuration array');
-  }
-
-  // Health check validation
-  if (deployment.healthCheck) {
-    if (deployment.healthCheck.path && !deployment.healthCheck.path.startsWith('/')) {
-      warnings.push('Health check path should start with /');
-    }
-
-    if (deployment.healthCheck.interval && (deployment.healthCheck.interval < 5 || deployment.healthCheck.interval > 300)) {
-      warnings.push('Health check interval should be between 5 and 300 seconds');
-    }
-  }
-
-  // Authentication validation
-  if (deployment.authentication?.enabled) {
-    if (!deployment.roles || deployment.roles.length === 0) {
-      warnings.push('Authentication enabled but no roles defined');
-    }
-
-    if (!deployment.permissions || deployment.permissions.length === 0) {
-      warnings.push('Authentication enabled but no permissions defined');
-    }
-  }
-
-  return {
-    valid: errors.length === 0,
-    errors,
-    warnings
+    type: 'azure', // Default to azure (enum: azure, local, none)
+    enableSSO: true,
+    requiredRoles: rbac.roles?.map(role => role.value) || []
   };
 }
 
-/**
- * Generates deployment JSON with validation
- * Validates configuration before writing the file
- *
- * @async
- * @function generateDeployJsonWithValidation
- * @param {string} appName - Name of the application
- * @returns {Promise<Object>} Generation result with validation info
- * @throws {Error} If generation fails
- *
- * @example
- * const result = await generateDeployJsonWithValidation('myapp');
- * // Returns: { success: true, path: './builder/myapp/aifabrix-deploy.json', validation: {...} }
- */
 async function generateDeployJsonWithValidation(appName) {
   const jsonPath = await generateDeployJson(appName);
-
-  // Read back the generated file for validation
   const jsonContent = fs.readFileSync(jsonPath, 'utf8');
   const deployment = JSON.parse(jsonContent);
-
-  const validation = validateDeploymentJson(deployment);
-
+  const validation = _validator.validateDeploymentJson(deployment);
   return {
     success: validation.valid,
     path: jsonPath,
@@ -356,6 +474,5 @@ module.exports = {
   buildImageReference,
   buildHealthCheck,
   buildRequirements,
-  buildAuthentication,
-  validateDeploymentJson
+  buildAuthentication
 };

package/lib/github-generator.js

@@ -6,9 +6,42 @@
  */
 
 const fs = require('fs').promises;
+const fsSync = require('fs');
 const path = require('path');
 const Handlebars = require('handlebars');
 
+// Register Handlebars helper for checking array contains
+Handlebars.registerHelper('contains', (array, value) => {
+  return array && array.includes(value);
+});
+
+/**
+ * Load extra workflow step templates from files
+ * @param {string[]} stepNames - Array of step names to load
+ * @returns {Promise<Object>} Object mapping step names to their compiled content
+ */
+async function loadStepTemplates(stepNames = []) {
+  const stepsDir = path.join(__dirname, '..', 'templates', 'github', 'steps');
+  const stepTemplates = {};
+
+  for (const stepName of stepNames) {
+    const stepPath = path.join(stepsDir, `${stepName}.hbs`);
+
+    if (fsSync.existsSync(stepPath)) {
+      try {
+        const stepContent = await fs.readFile(stepPath, 'utf8');
+        stepTemplates[stepName] = Handlebars.compile(stepContent);
+      } catch (error) {
+        throw new Error(`Failed to load step template '${stepName}': ${error.message}`);
+      }
+    } else {
+      throw new Error(`Step template '${stepName}' not found at ${stepPath}`);
+    }
+  }
+
+  return stepTemplates;
+}
+
 /**
  * Generate GitHub Actions workflow files from templates
  * @param {string} appPath - Path to application directory
@@ -22,8 +55,13 @@ async function generateGithubWorkflows(appPath, config, options = {}) {
     const workflowsDir = path.join(appPath, '.github', 'workflows');
     await fs.mkdir(workflowsDir, { recursive: true });
 
+    // Load step templates if githubSteps are provided
+    const stepTemplates = options.githubSteps && options.githubSteps.length > 0
+      ? await loadStepTemplates(options.githubSteps)
+      : {};
+
     // Get template context
-    const templateContext = getTemplateContext(config, options);
+    const templateContext = await getTemplateContext(config, options, stepTemplates);
 
     // Load and compile templates
     const templatesDir = path.join(__dirname, '..', 'templates', 'github');
@@ -62,24 +100,40 @@ async function generateGithubWorkflows(appPath, config, options = {}) {
  * Get template context from config
  * @param {Object} config - Application configuration
  * @param {Object} options - Additional options
- * @returns {Object} Template context
+ * @param {Object} stepTemplates - Compiled step templates
+ * @returns {Promise<Object>} Template context
  */
-function getTemplateContext(config, options = {}) {
-  return {
+async function getTemplateContext(config, options = {}, stepTemplates = {}) {
+  const githubSteps = options.githubSteps || [];
+
+  // Render step templates with the base context
+  const renderedSteps = {};
+  const baseContext = {
     appName: config.appName || 'myapp',
     mainBranch: options.mainBranch || 'main',
     language: config.language || 'typescript',
     fileExtension: config.language === 'python' ? 'py' : 'js',
     sourceDir: config.language === 'python' ? 'src' : 'lib',
     buildCommand: options.buildCommand || 'npm run build',
-    uploadCoverage: options.uploadCoverage !== false,
-    publishToNpm: options.publishToNpm || false,
     port: config.port || 3000,
     database: config.database || false,
     redis: config.redis || false,
     storage: config.storage || false,
     authentication: config.authentication || false
   };
+
+  for (const [stepName, template] of Object.entries(stepTemplates)) {
+    renderedSteps[stepName] = template(baseContext);
+  }
+
+  return {
+    ...baseContext,
+    uploadCoverage: options.uploadCoverage !== false,
+    githubSteps: githubSteps,
+    stepContent: renderedSteps,
+    hasSteps: githubSteps.length > 0,
+    hasNpmStep: githubSteps.includes('npm')
+  };
 }
 
 /**
@@ -103,8 +157,13 @@ async function generateWorkflowFile(appPath, templateName, config, options = {})
     // Compile template
     const template = Handlebars.compile(templateContent);
 
+    // Load step templates if githubSteps are provided
+    const stepTemplates = options.githubSteps && options.githubSteps.length > 0
+      ? await loadStepTemplates(options.githubSteps)
+      : {};
+
     // Get template context
-    const templateContext = getTemplateContext(config, options);
+    const templateContext = await getTemplateContext(config, options, stepTemplates);
 
     // Generate content
     const generatedContent = template(templateContext);
@@ -214,6 +273,7 @@ async function generateWorkflowsWithValidation(appPath, config, options = {}) {
 module.exports = {
   generateGithubWorkflows,
   getTemplateContext,
+  loadStepTemplates,
   generateWorkflowFile,
   validateWorkflowConfig,
   generateWorkflowsWithValidation