@aifabrix/builder 2.44.5 → 2.45.0

package/lib/utils/infra-optional-service-flags.js

@@ -0,0 +1,69 @@
+/**
+ * Optional infra compose flags (Traefik, pgAdmin, Redis Commander) for config.yaml ↔ startInfra.
+ *
+ * @fileoverview Effective flag resolution + backfill missing keys after up-infra / setup
+ * @author AI Fabrix Team
+ * @version 1.0.0
+ */
+
+'use strict';
+
+const config = require('../core/config');
+
+/**
+ * Resolves effective boolean from CLI option vs config.
+ * @param {*} optValue - options.traefik | options.pgAdmin | options.redisAdmin
+ * @param {*} cfgValue - cfg.traefik | cfg.pgadmin | cfg.redisCommander
+ * @param {boolean} defaultWhenUndef - Default when config value is undefined
+ * @returns {boolean}
+ */
+function resolveInfraOptionalFlag(optValue, cfgValue, defaultWhenUndef = true) {
+  if (optValue === true) return true;
+  if (optValue === false) return false;
+  return cfgValue !== false && (cfgValue === true || defaultWhenUndef);
+}
+
+/**
+ * Effective optional infra service flags (same resolution as up-infra → startInfra).
+ *
+ * @param {Object} cfg - Config from {@link config.getConfig}
+ * @param {Object} [options] - Commander options (omit for setup-modes)
+ * @returns {{ traefik: boolean, pgadmin: boolean, redisCommander: boolean }}
+ */
+function computeEffectiveInfraOptionalFlags(cfg, options = {}) {
+  return {
+    traefik: resolveInfraOptionalFlag(options.traefik, cfg.traefik, false),
+    pgadmin: resolveInfraOptionalFlag(options.pgAdmin, cfg.pgadmin, true),
+    redisCommander: resolveInfraOptionalFlag(options.redisAdmin, cfg.redisCommander, true)
+  };
+}
+
+/**
+ * Writes `traefik` / `pgadmin` / `redisCommander` when missing so config matches compose defaults.
+ *
+ * @param {Object} cfg - Mutable config (updated when save runs)
+ * @param {{ traefik: boolean, pgadmin: boolean, redisCommander: boolean }} effective
+ * @returns {Promise<void>}
+ */
+async function persistMissingInfraOptionalServiceFlags(cfg, effective) {
+  const keys = ['traefik', 'pgadmin', 'redisCommander'];
+  const merged = { ...cfg };
+  let dirty = false;
+  for (const k of keys) {
+    if (typeof merged[k] === 'undefined') {
+      merged[k] = effective[k];
+      dirty = true;
+    }
+  }
+  if (!dirty) {
+    return;
+  }
+  await config.saveConfig(merged);
+  Object.assign(cfg, merged);
+}
+
+module.exports = {
+  resolveInfraOptionalFlag,
+  computeEffectiveInfraOptionalFlags,
+  persistMissingInfraOptionalServiceFlags
+};

package/lib/utils/installation-log-core.js

@@ -0,0 +1,282 @@
+/**
+ * Shared helpers for installation.log (no append I/O).
+ *
+ * @fileoverview installation log core utilities
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+'use strict';
+
+const fsSync = require('fs');
+const path = require('path');
+const paths = require('./paths');
+const { maskSensitiveData } = require('./log-redaction');
+const { loadConfigFile } = require('./config-format');
+const { resolveDockerImageRef } = require('./resolve-docker-image-ref');
+const { parseImageOptions } = require('../commands/up-miso');
+
+let opCounter = 0;
+let opDay = '';
+
+let cachedCliVersion = null;
+
+/**
+ * @returns {string}
+ */
+function getCliVersion() {
+  if (cachedCliVersion) {
+    return cachedCliVersion;
+  }
+  try {
+    const pkgPath = path.join(__dirname, '..', '..', 'package.json');
+    const raw = fsSync.readFileSync(pkgPath, 'utf8');
+    const pkg = JSON.parse(raw);
+    cachedCliVersion = typeof pkg.version === 'string' ? pkg.version : 'unknown';
+  } catch {
+    cachedCliVersion = 'unknown';
+  }
+  return cachedCliVersion;
+}
+
+/**
+ * @returns {string} e.g. op_20260513_001
+ */
+function createOperationId() {
+  const d = new Date();
+  const day = d.toISOString().slice(0, 10).replace(/-/g, '');
+  if (day !== opDay) {
+    opDay = day;
+    opCounter = 0;
+  }
+  opCounter += 1;
+  return `op_${day}_${String(opCounter).padStart(3, '0')}`;
+}
+
+/**
+ * @param {string} ref
+ * @returns {string}
+ */
+function stripDockerDigest(ref) {
+  if (!ref || typeof ref !== 'string') {
+    return ref;
+  }
+  return ref.replace(/@sha256:[a-f0-9]+$/i, '');
+}
+
+/**
+ * @param {string|undefined} url
+ * @returns {string|undefined}
+ */
+function sanitizeUrl(url) {
+  if (!url || typeof url !== 'string') {
+    return undefined;
+  }
+  try {
+    const u = new URL(url);
+    u.username = '';
+    u.password = '';
+    let s = u.toString();
+    if (s.endsWith('/')) {
+      s = s.slice(0, -1);
+    }
+    return s;
+  } catch {
+    return maskSensitiveData(url);
+  }
+}
+
+/**
+ * @param {Object} [options]
+ * @returns {'interactive'|'automation'}
+ */
+function resolveLogMode(options = {}) {
+  const assume =
+    options.yes === true ||
+    options.assumeYes === true ||
+    process.env.CI === 'true' ||
+    process.env.CI === '1';
+  if (assume) {
+    return 'automation';
+  }
+  if (process.stdin && process.stdin.isTTY && process.stdout && process.stdout.isTTY) {
+    return 'interactive';
+  }
+  return 'automation';
+}
+
+/**
+ * @param {boolean|undefined} optVal
+ * @returns {boolean}
+ */
+function cliBoolExplicit(optVal) {
+  return optVal === true || optVal === false;
+}
+
+/**
+ * @param {string} label
+ * @param {boolean} value
+ * @param {boolean} fromCli
+ * @returns {string}
+ */
+function infraLine(label, value, fromCli) {
+  const src = fromCli ? 'cli override' : 'config';
+  return `  ${label}: ${value} (${src})`;
+}
+
+/**
+ * @param {Object} cfg
+ * @param {Object} options
+ * @returns {{ lines: string[] }}
+ */
+function buildInfraSectionLines(cfg, options = {}) {
+  const { computeEffectiveInfraOptionalFlags } = require('./infra-optional-service-flags');
+  const effective = computeEffectiveInfraOptionalFlags(cfg, options);
+  const tls = cfg.tlsEnabled === true;
+  const tlsFromCli = cliBoolExplicit(options.tls);
+  const lines = [
+    'Infra',
+    infraLine('traefik', effective.traefik, cliBoolExplicit(options.traefik)),
+    infraLine('tlsEnabled', tls, tlsFromCli),
+    infraLine('pgAdmin', effective.pgadmin, cliBoolExplicit(options.pgAdmin)),
+    infraLine('redisCommander', effective.redisCommander, cliBoolExplicit(options.redisAdmin))
+  ];
+  return { lines };
+}
+
+/**
+ * @param {string} appName
+ * @returns {Object|null}
+ */
+function loadBuilderAppVariables(appName) {
+  try {
+    const dir = paths.getBuilderPath(appName);
+    if (!fsSync.existsSync(dir)) {
+      return null;
+    }
+    const configPath = paths.resolveApplicationConfigPath(dir);
+    return loadConfigFile(configPath) || {};
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * @param {string} appName
+ * @param {Object} map
+ * @param {Object} runOpts
+ * @returns {void}
+ */
+function applyParsedImageMapToRunOpts(appName, map, runOpts) {
+  if (appName === 'keycloak' && map.keycloak) {
+    runOpts.image = map.keycloak;
+  }
+  if (appName === 'miso-controller' && map['miso-controller']) {
+    runOpts.image = map['miso-controller'];
+  }
+  if (appName === 'dataplane' && map.dataplane) {
+    runOpts.image = map.dataplane;
+  }
+}
+
+/**
+ * @param {string} appName
+ * @param {Object} options
+ * @returns {Object}
+ */
+function buildImageResolveOpts(appName, options) {
+  const runOpts = {
+    registry: options.registry || undefined,
+    base: options.base !== false
+  };
+  const imageList = options.image;
+  if (Array.isArray(imageList)) {
+    applyParsedImageMapToRunOpts(appName, parseImageOptions(imageList), runOpts);
+  } else if (typeof imageList === 'string' && imageList.trim()) {
+    const t = imageList.trim();
+    if (!t.includes('=') && appName === 'dataplane') {
+      runOpts.image = t;
+    } else if (t.includes('=')) {
+      applyParsedImageMapToRunOpts(appName, parseImageOptions([t]), runOpts);
+    }
+  }
+  return runOpts;
+}
+
+/**
+ * @param {string} imageRef
+ * @returns {string}
+ */
+function imageRefForLog(imageRef) {
+  return stripDockerDigest(String(imageRef).trim());
+}
+
+/**
+ * @param {string} appName
+ * @param {Object} options
+ * @returns {string}
+ */
+function resolveAppImageDisplay(appName, options) {
+  const variables = loadBuilderAppVariables(appName);
+  if (!variables) {
+    return 'unknown';
+  }
+  try {
+    const runOpts = buildImageResolveOpts(appName, options);
+    const { imageName, imageTag } = resolveDockerImageRef(appName, variables, runOpts);
+    return imageRefForLog(`${imageName}:${imageTag}`);
+  } catch {
+    return 'unknown';
+  }
+}
+
+/**
+ * @param {string[]} appNames
+ * @param {Object} options
+ * @returns {Record<string,string>}
+ */
+function collectPlatformAppImages(appNames, options = {}) {
+  /** @type {Record<string,string>} */
+  const out = {};
+  for (const app of appNames) {
+    out[app] = resolveAppImageDisplay(app, options);
+  }
+  return out;
+}
+
+/**
+ * @param {Record<string,string>} platformApps
+ * @returns {string}
+ */
+function derivePlatformVersion(platformApps) {
+  const tags = new Set();
+  for (const ref of Object.values(platformApps)) {
+    if (!ref || ref === 'unknown') {
+      continue;
+    }
+    const noDig = stripDockerDigest(ref);
+    const idx = noDig.lastIndexOf(':');
+    if (idx <= 0 || idx >= noDig.length - 1) {
+      continue;
+    }
+    const tag = noDig.slice(idx + 1);
+    if (!tag.includes('/')) {
+      tags.add(tag);
+    }
+  }
+  if (tags.size === 0) {
+    return 'unknown';
+  }
+  return [...tags].sort().join('|');
+}
+
+module.exports = {
+  getCliVersion,
+  createOperationId,
+  stripDockerDigest,
+  sanitizeUrl,
+  resolveLogMode,
+  buildInfraSectionLines,
+  collectPlatformAppImages,
+  derivePlatformVersion
+};

package/lib/utils/installation-log-record.js

@@ -0,0 +1,237 @@
+/**
+ * Build deterministic installation.log record lines (no I/O).
+ *
+ * @fileoverview installation record body formatting
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+'use strict';
+
+const config = require('../core/config');
+const { maskSensitiveData } = require('./log-redaction');
+const {
+  createOperationId,
+  getCliVersion,
+  collectPlatformAppImages,
+  derivePlatformVersion,
+  buildInfraSectionLines,
+  resolveLogMode,
+  sanitizeUrl
+} = require('./installation-log-core');
+
+/**
+ * @param {string[]} lines
+ * @param {string} isoHeader
+ * @returns {void}
+ */
+function pushTopBanner(lines, isoHeader) {
+  lines.push('='.repeat(80));
+  lines.push(`INSTALLATION ${isoHeader}`);
+  lines.push('-'.repeat(80));
+}
+
+/**
+ * @param {string[]} lines
+ * @param {Object} payload
+ * @param {Object} identity
+ * @returns {void}
+ */
+function pushIdentityCore(lines, payload, identity) {
+  const { startedAt, completedAt, developerId, mode, platformVersion, durationSec } = identity;
+  lines.push('recordVersion: 1');
+  lines.push(`operationId: ${createOperationId()}`);
+  lines.push(`command: ${payload.command}`);
+  lines.push(`outcome: ${payload.outcome}`);
+  lines.push(`durationSec: ${durationSec}`);
+  lines.push(`cliVersion: ${getCliVersion()}`);
+  lines.push(`platformVersion: ${platformVersion}`);
+  lines.push(`developerId: ${developerId}`);
+  lines.push(`mode: ${mode}`);
+  lines.push(`startedAt: ${startedAt.toISOString()}`);
+  lines.push(`completedAt: ${completedAt.toISOString()}`);
+
+  if (payload.setupMode) {
+    lines.push(`setupMode: ${payload.setupMode}`);
+  }
+  if (payload.upPlatformForce) {
+    lines.push('upPlatformForce: true');
+  }
+  lines.push('');
+}
+
+/**
+ * @param {string[]} lines
+ * @param {Object} payload
+ * @param {Object} identity
+ * @param {Date} identity.startedAt
+ * @param {Date} identity.completedAt
+ * @param {string} identity.developerId
+ * @param {string} identity.mode
+ * @param {string} identity.platformVersion
+ * @returns {void}
+ */
+function pushHeaderAndIdentity(lines, payload, identity) {
+  const { startedAt, completedAt } = identity;
+  const durationSec = Math.round(
+    Math.max(0, completedAt.getTime() - startedAt.getTime()) / 1000
+  );
+  const isoHeader = completedAt.toISOString();
+  pushTopBanner(lines, isoHeader);
+  pushIdentityCore(lines, payload, { ...identity, durationSec });
+}
+
+/**
+ * @param {string[]} lines
+ * @param {Object} payload
+ * @returns {void}
+ */
+function pushInfraBlock(lines, payload) {
+  if (!payload.infra || !payload.infra.cfg) {
+    return;
+  }
+  const { lines: infraLines } = buildInfraSectionLines(payload.infra.cfg, payload.infra.options || {});
+  lines.push(...infraLines);
+  lines.push('');
+}
+
+/**
+ * @param {string[]} lines
+ * @param {Record<string,string>|undefined} platformApps
+ * @returns {void}
+ */
+function pushPlatformAppsBlock(lines, platformApps) {
+  if (!platformApps || Object.keys(platformApps).length === 0) {
+    return;
+  }
+  lines.push('Platform Apps');
+  for (const key of Object.keys(platformApps).sort()) {
+    lines.push(`  ${key}: ${platformApps[key]}`);
+  }
+  lines.push('');
+}
+
+/**
+ * @param {string[]} lines
+ * @param {Object} payload
+ * @returns {void}
+ */
+function pushConfigBlock(lines, payload) {
+  const cfgExtra = payload.configExtra || {};
+  const hasConfig =
+    cfgExtra.controllerUrl ||
+    cfgExtra.adminEmail === 'set' ||
+    cfgExtra.adminEmail === 'unset';
+  if (!hasConfig) {
+    return;
+  }
+  lines.push('Config');
+  if (cfgExtra.controllerUrl) {
+    lines.push(`  controllerUrl: ${sanitizeUrl(cfgExtra.controllerUrl)}`);
+  }
+  if (cfgExtra.adminEmail === 'set' || cfgExtra.adminEmail === 'unset') {
+    lines.push(`  adminEmail: ${cfgExtra.adminEmail}`);
+  }
+  lines.push('');
+}
+
+/**
+ * @param {string[]} lines
+ * @param {Object} payload
+ * @returns {void}
+ */
+function pushCleanupBlock(lines, payload) {
+  const cleanup = payload.cleanup;
+  if (!cleanup || typeof cleanup !== 'object' || Object.keys(cleanup).length === 0) {
+    return;
+  }
+  lines.push('Cleanup');
+  if (cleanup.volumesRemoved !== undefined) {
+    lines.push(`  volumesRemoved: ${cleanup.volumesRemoved}`);
+  }
+  if (cleanup.configPreserved !== undefined) {
+    lines.push(`  configPreserved: ${cleanup.configPreserved}`);
+  }
+  if (Array.isArray(cleanup.cleanedAppKeys) && cleanup.cleanedAppKeys.length > 0) {
+    lines.push(`  cleanedAppKeys: ${cleanup.cleanedAppKeys.sort().join(', ')}`);
+  }
+  lines.push('');
+}
+
+/**
+ * @param {string[]} lines
+ * @param {Object} payload
+ * @returns {void}
+ */
+function pushErrorSection(lines, payload) {
+  if (payload.outcome !== 'failure' || !payload.error) {
+    return;
+  }
+  const msg =
+    typeof payload.error.message === 'string'
+      ? payload.error.message
+      : String(payload.error);
+  lines.push('Error');
+  lines.push(`  message: ${maskSensitiveData(msg)}`);
+  if (payload.errorCode) {
+    lines.push(`  code: ${maskSensitiveData(String(payload.errorCode))}`);
+  }
+  lines.push('');
+}
+
+/**
+ * @param {Object} payload
+ * @returns {Promise<Object>}
+ */
+async function resolvePlatformContextForRecord(payload) {
+  const completedAt = payload.completedAt || new Date();
+  const startedAt = payload.startedAt || completedAt;
+  const options = payload.options || {};
+  const mode = resolveLogMode(options);
+
+  let developerId = 'unknown';
+  try {
+    const id = await config.getDeveloperId();
+    developerId = id === null || id === undefined ? 'unknown' : String(id);
+  } catch {
+    // ignore
+  }
+
+  let platformApps = payload.platformApps;
+  if (!platformApps && Array.isArray(payload.platformAppList) && payload.platformAppList.length > 0) {
+    platformApps = collectPlatformAppImages(payload.platformAppList, options);
+  }
+  const platformVersion =
+    payload.platformVersion ||
+    (platformApps ? derivePlatformVersion(platformApps) : 'unknown');
+
+  return { completedAt, startedAt, mode, developerId, platformApps, platformVersion };
+}
+
+/**
+ * @param {Object} payload
+ * @returns {Promise<string[]>}
+ */
+async function buildInstallationRecordLines(payload) {
+  const ctx = await resolvePlatformContextForRecord(payload);
+  const lines = [];
+  pushHeaderAndIdentity(lines, payload, {
+    startedAt: ctx.startedAt,
+    completedAt: ctx.completedAt,
+    developerId: ctx.developerId,
+    mode: ctx.mode,
+    platformVersion: ctx.platformVersion
+  });
+  pushInfraBlock(lines, payload);
+  pushPlatformAppsBlock(lines, ctx.platformApps);
+  pushConfigBlock(lines, payload);
+  pushCleanupBlock(lines, payload);
+  pushErrorSection(lines, payload);
+  lines.push('='.repeat(80));
+  lines.push('');
+  return lines;
+}
+
+module.exports = {
+  buildInstallationRecordLines
+};

package/lib/utils/installation-log.js

@@ -0,0 +1,123 @@
+/**
+ * Append-only operational log for platform install / infra commands.
+ * One record per top-level CLI command; no secrets; deterministic section order.
+ *
+ * @fileoverview installation.log writer beside config.yaml
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+'use strict';
+
+const fs = require('fs').promises;
+const path = require('path');
+const paths = require('./paths');
+const config = require('../core/config');
+const logger = require('./logger');
+const { buildInstallationRecordLines } = require('./installation-log-record');
+const { sanitizeUrl } = require('./installation-log-core');
+
+const INSTALLATION_LOG = 'installation.log';
+/** Rotate when log exceeds this size; keep .1 and .2 backups. */
+const MAX_LOG_BYTES = 10 * 1024 * 1024;
+
+/**
+ * @param {string} logPath
+ * @param {number} [maxBytes]
+ * @returns {Promise<void>}
+ */
+async function rotateInstallationLogIfNeeded(logPath, maxBytes = MAX_LOG_BYTES) {
+  let st;
+  try {
+    st = await fs.stat(logPath);
+  } catch (e) {
+    if (e && e.code === 'ENOENT') {
+      return;
+    }
+    throw e;
+  }
+  if (st.size < maxBytes) {
+    return;
+  }
+  const dir = path.dirname(logPath);
+  const base = path.basename(logPath);
+  const p2 = path.join(dir, `${base}.2`);
+  const p1 = path.join(dir, `${base}.1`);
+  try {
+    await fs.unlink(p2);
+  } catch {
+    // ignore
+  }
+  try {
+    await fs.rename(p1, p2);
+  } catch {
+    // ignore
+  }
+  try {
+    await fs.rename(logPath, p1);
+  } catch {
+    // ignore
+  }
+}
+
+/**
+ * @param {Object} payload
+ * @returns {Promise<void>}
+ */
+async function appendInstallationRecord(payload) {
+  const lines = await buildInstallationRecordLines(payload);
+  const body = lines.join('\n');
+  const logDir = paths.getAifabrixSystemDir();
+  const logPath = path.join(logDir, INSTALLATION_LOG);
+
+  try {
+    await fs.mkdir(logDir, { recursive: true });
+    await rotateInstallationLogIfNeeded(logPath);
+    await fs.appendFile(logPath, body, 'utf8');
+  } catch (err) {
+    logger.warn(`installation.log: could not append (${err && err.message ? err.message : err})`);
+  }
+}
+
+/**
+ * @returns {Promise<string|undefined>}
+ */
+async function resolveControllerUrlForLog() {
+  try {
+    const { resolveControllerUrl } = require('./controller-url');
+    const u = await resolveControllerUrl();
+    return sanitizeUrl(u);
+  } catch {
+    return undefined;
+  }
+}
+
+/**
+ * @returns {Promise<'set'|'unset'>}
+ */
+async function resolveAdminEmailPresence() {
+  try {
+    const e = await config.getAdminEmail();
+    return e && String(e).trim() ? 'set' : 'unset';
+  } catch {
+    return 'unset';
+  }
+}
+
+const core = require('./installation-log-core');
+
+module.exports = {
+  appendInstallationRecord,
+  createOperationId: core.createOperationId,
+  stripDockerDigest: core.stripDockerDigest,
+  collectPlatformAppImages: core.collectPlatformAppImages,
+  derivePlatformVersion: core.derivePlatformVersion,
+  resolveControllerUrlForLog,
+  resolveAdminEmailPresence,
+  buildInfraSectionLines: core.buildInfraSectionLines,
+  resolveLogMode: core.resolveLogMode,
+  getCliVersion: core.getCliVersion,
+  rotateInstallationLogIfNeeded,
+  INSTALLATION_LOG,
+  MAX_LOG_BYTES
+};