@astrale-os/adapter-cloudflare 0.1.1 → 0.1.3

package/dist/astrale.d.ts

@@ -0,0 +1,27 @@
+/**
+ * `astrale(envs)` — the Astrale-managed deployment adapter.
+ *
+ * Ships the domain THROUGH the platform instead of to the author's own cloud
+ * account: `deploy` builds the same single-module workerd bundle the Cloudflare
+ * adapter ships (shared codegen + `wrangler deploy --dry-run`), then publishes
+ * it via the admin domain's catalog — `DomainPublished.register` →
+ * `::release { bundleBase64 }` (the worker stages the bytes in the platform
+ * registry) → `::install { instanceId, source: { kind: 'package' } }`, which
+ * deploys it as a host-local Service next to the target instance and installs
+ * the domain on it. No Cloudflare account, no wrangler auth — the only
+ * credential is the author's Astrale identity, supplied by the `astrale` CLI
+ * session this adapter shells out to (the same trust source as
+ * `astrale instance install`).
+ *
+ * `watch` is identical to the Cloudflare adapter's local dev (wrangler dev on
+ * localhost) — managed deploys change WHERE the worker runs, not how you
+ * iterate locally.
+ *
+ * Current limits (v1): client/ SPA assets are not shipped (managed packages
+ * serve no `/ui` yet) and no runtime secrets reach the service — the bundle
+ * must be self-contained (its signing identity is baked in by the codegen).
+ */
+import type { DomainAdapter } from '@astrale-os/devkit';
+import type { AstraleParams } from './params';
+export declare function astrale(envs: Record<string, AstraleParams>): DomainAdapter<AstraleParams>;
+//# sourceMappingURL=astrale.d.ts.map

package/dist/astrale.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"astrale.d.ts","sourceRoot":"","sources":["../src/astrale.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AAQvD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAU7C,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,GAAG,aAAa,CAAC,aAAa,CAAC,CA2FzF"}

package/dist/astrale.js

@@ -0,0 +1,163 @@
+/**
+ * `astrale(envs)` — the Astrale-managed deployment adapter.
+ *
+ * Ships the domain THROUGH the platform instead of to the author's own cloud
+ * account: `deploy` builds the same single-module workerd bundle the Cloudflare
+ * adapter ships (shared codegen + `wrangler deploy --dry-run`), then publishes
+ * it via the admin domain's catalog — `DomainPublished.register` →
+ * `::release { bundleBase64 }` (the worker stages the bytes in the platform
+ * registry) → `::install { instanceId, source: { kind: 'package' } }`, which
+ * deploys it as a host-local Service next to the target instance and installs
+ * the domain on it. No Cloudflare account, no wrangler auth — the only
+ * credential is the author's Astrale identity, supplied by the `astrale` CLI
+ * session this adapter shells out to (the same trust source as
+ * `astrale instance install`).
+ *
+ * `watch` is identical to the Cloudflare adapter's local dev (wrangler dev on
+ * localhost) — managed deploys change WHERE the worker runs, not how you
+ * iterate locally.
+ *
+ * Current limits (v1): client/ SPA assets are not shipped (managed packages
+ * serve no `/ui` yet) and no runtime secrets reach the service — the bundle
+ * must be self-contained (its signing identity is baked in by the codegen).
+ */
+import { defineAdapter } from '@astrale-os/devkit';
+import { spawn } from 'node:child_process';
+import { existsSync } from 'node:fs';
+import { readFile } from 'node:fs/promises';
+import { join } from 'node:path';
+import { logTo, prepare } from './cloudflare';
+import { runWranglerBundle, runWranglerDev } from './wrangler-cli';
+const DEFAULT_PORT = 8787;
+const DEFAULT_ADMIN_URL = 'https://admin.eu.astrale.ai/api';
+const DEFAULT_REGION = 'eu';
+const ADMIN_ORIGIN = 'admin.astrale.ai';
+export function astrale(envs) {
+    return defineAdapter({
+        name: 'astrale',
+        envs,
+        // Local dev is unchanged: wrangler dev on localhost. Managed deploys change
+        // WHERE the worker ships, not the inner loop.
+        async watch(params, ctx) {
+            const { configPath } = await prepare({ ...(params.vars ? { vars: params.vars } : {}), port: params.port ?? DEFAULT_PORT }, ctx, 'dev');
+            const handle = await runWranglerDev({
+                projectDir: ctx.projectDir,
+                configPath,
+                port: params.port ?? DEFAULT_PORT,
+                remote: false,
+                onReload: ctx.onReload,
+                onLog: logTo(),
+            });
+            return { url: handle.url, stop: handle.stop };
+        },
+        async deploy(params, ctx) {
+            const log = logTo();
+            if (ctx.clientDir) {
+                log(`client/ detected — managed deploys do not ship SPA assets yet; ` +
+                    `/ui will not serve on the managed service (functions/methods are unaffected).`);
+            }
+            // 1. Codegen + bundle: the exact worker module a Cloudflare deploy would
+            //    ship, produced locally with `wrangler deploy --dry-run` (no auth).
+            //    `clientDir` is stripped: managed packages don't ship SPA assets yet,
+            //    and leaving it in would put a dangling `assets.directory` (the
+            //    unbuilt dist-client) into the generated config.
+            const { clientDir: _omitted, ...bundleCtx } = ctx;
+            const { configPath } = await prepare({}, bundleCtx, 'dev');
+            const outDir = join(ctx.projectDir, '.astrale', 'dist-managed');
+            const bundlePath = await runWranglerBundle({
+                projectDir: ctx.projectDir,
+                configPath,
+                outDir,
+                onLog: log,
+            });
+            const bundle = await readFile(bundlePath);
+            // 2. Publish through the platform, authenticated by the author's astrale
+            //    CLI session. The release payload rides STDIN — a bundle is megabytes
+            //    of base64, far past argv limits.
+            const name = params.name ?? packageNameFor(ctx.domain.origin);
+            const adminUrl = params.adminUrl ?? DEFAULT_ADMIN_URL;
+            const version = `0.0.0-managed.${Date.now()}`;
+            log(`registering "${name}" (${ctx.domain.origin}) in the platform catalog…`);
+            await astraleCall(ctx.projectDir, params, adminUrl, {
+                path: `/${ADMIN_ORIGIN}/class.DomainPublished/register`,
+                data: { origin: ctx.domain.origin, name },
+            });
+            log(`publishing ${name}@${version} (${bundle.length} bytes)…`);
+            await astraleCall(ctx.projectDir, params, adminUrl, {
+                path: `/admin/domains/${name}::release`,
+                data: { version, bundleBase64: bundle.toString('base64'), makeCurrent: true },
+                viaStdin: true,
+            });
+            log(`installing on instance "${params.instance}"…`);
+            const installed = (await astraleCall(ctx.projectDir, params, adminUrl, {
+                path: `/admin/domains/${name}::install`,
+                data: { instanceId: params.instance, source: { kind: 'package' } },
+            }));
+            if (installed.error || installed.state !== 'installed') {
+                throw new Error(`managed install failed: state=${installed.state ?? '?'} error=${installed.error ?? '?'}`);
+            }
+            if (!installed.serviceSlug) {
+                throw new Error('managed install returned no serviceSlug — cannot derive the service URL');
+            }
+            const region = params.region ?? DEFAULT_REGION;
+            return { url: `https://${installed.serviceSlug}.svc.${region}.astrale.ai` };
+        },
+        secretsFile(params) {
+            return params.secrets;
+        },
+    });
+}
+/** Catalog package name from the origin: first DNS label (e.g. `my-notes.example.dev` → `my-notes`). */
+function packageNameFor(origin) {
+    const label = origin.split('.')[0] ?? origin;
+    return label.toLowerCase().replace(/[^a-z0-9-]+/g, '-');
+}
+/**
+ * Invoke the user's `astrale` CLI for one platform call and parse its JSON
+ * output. The CLI owns identity (IdP session, audience scoping, delegation
+ * minting) — reimplementing that here would fork the trust path.
+ */
+async function astraleCall(projectDir, params, adminUrl, call) {
+    const args = ['call', call.path, '--url', adminUrl, '--json'];
+    if (params.identity)
+        args.push('--as', params.identity);
+    const payload = JSON.stringify(call.data);
+    if (!call.viaStdin)
+        args.push('--data', payload);
+    const { code, out } = await new Promise((resolve, reject) => {
+        const child = spawn(astraleBin(projectDir), args, {
+            cwd: projectDir,
+            stdio: [call.viaStdin ? 'pipe' : 'ignore', 'pipe', 'pipe'],
+        });
+        let out = '';
+        child.stdout?.on('data', (b) => (out += b.toString()));
+        child.stderr?.on('data', (b) => (out += b.toString()));
+        child.on('exit', (c) => resolve({ code: c ?? 1, out }));
+        child.on('error', reject);
+        if (call.viaStdin) {
+            child.stdin?.write(payload);
+            child.stdin?.end();
+        }
+    });
+    if (code !== 0) {
+        throw new Error(`astrale call ${call.path} failed (exit ${code}): ${out.trim().slice(0, 500)}\n` +
+            `Is the astrale CLI installed and signed in? (astrale auth login)`);
+    }
+    try {
+        return JSON.parse(out);
+    }
+    catch {
+        throw new Error(`astrale call ${call.path}: could not parse CLI output: ${out.slice(0, 300)}`);
+    }
+}
+/** The user's astrale CLI: ~/.astrale/bin/astrale when present, else PATH. */
+function astraleBin(_projectDir) {
+    const home = process.env.HOME;
+    if (home) {
+        const installed = join(home, '.astrale', 'bin', 'astrale');
+        if (existsSync(installed))
+            return installed;
+    }
+    return 'astrale';
+}
+//# sourceMappingURL=astrale.js.map

package/dist/astrale.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"astrale.js","sourceRoot":"","sources":["../src/astrale.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAIH,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAA;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AACpC,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAA;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAIhC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAC7C,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAElE,MAAM,YAAY,GAAG,IAAI,CAAA;AACzB,MAAM,iBAAiB,GAAG,iCAAiC,CAAA;AAC3D,MAAM,cAAc,GAAG,IAAI,CAAA;AAC3B,MAAM,YAAY,GAAG,kBAAkB,CAAA;AAEvC,MAAM,UAAU,OAAO,CAAC,IAAmC;IACzD,OAAO,aAAa,CAAgB;QAClC,IAAI,EAAE,SAAS;QACf,IAAI;QAEJ,4EAA4E;QAC5E,8CAA8C;QAC9C,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,GAAG;YACrB,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,OAAO,CAClC,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,YAAY,EAAE,EACpF,GAAG,EACH,KAAK,CACN,CAAA;YACD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC;gBAClC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,UAAU;gBACV,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,YAAY;gBACjC,MAAM,EAAE,KAAK;gBACb,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,KAAK,EAAE,KAAK,EAAE;aACf,CAAC,CAAA;YACF,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAA;QAC/C,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG;YACtB,MAAM,GAAG,GAAG,KAAK,EAAE,CAAA;YACnB,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;gBAClB,GAAG,CACD,iEAAiE;oBAC/D,+EAA+E,CAClF,CAAA;YACH,CAAC;YAED,yEAAyE;YACzE,wEAAwE;YACxE,0EAA0E;YAC1E,oEAAoE;YACpE,qDAAqD;YACrD,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,SAAS,EAAE,GAAG,GAAG,CAAA;YACjD,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,KAAK,CAAC,CAAA;YAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,UAAU,EAAE,cAAc,CAAC,CAAA;YAC/D,MAAM,UAAU,GAAG,MAAM,iBAAiB,CAAC;gBACzC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,UAAU;gBACV,MAAM;gBACN,KAAK,EAAE,GAAG;aACX,CAAC,CAAA;YACF,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,UAAU,CAAC,CAAA;YAEzC,yEAAyE;YACzE,0EAA0E;YAC1E,sCAAsC;YACtC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;YAC7D,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,iBAAiB,CAAA;YACrD,MAAM,OAAO,GAAG,iBAAiB,IAAI,CAAC,GAAG,EAAE,EAAE,CAAA;YAE7C,GAAG,CAAC,gBAAgB,IAAI,MAAM,GAAG,CAAC,MAAM,CAAC,MAAM,4BAA4B,CAAC,CAAA;YAC5E,MAAM,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAClD,IAAI,EAAE,IAAI,YAAY,iCAAiC;gBACvD,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE;aAC1C,CAAC,CAAA;YAEF,GAAG,CAAC,cAAc,IAAI,IAAI,OAAO,KAAK,MAAM,CAAC,MAAM,UAAU,CAAC,CAAA;YAC9D,MAAM,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAClD,IAAI,EAAE,kBAAkB,IAAI,WAAW;gBACvC,IAAI,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE;gBAC7E,QAAQ,EAAE,IAAI;aACf,CAAC,CAAA;YAEF,GAAG,CAAC,2BAA2B,MAAM,CAAC,QAAQ,IAAI,CAAC,CAAA;YACnD,MAAM,SAAS,GAAG,CAAC,MAAM,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE;gBACrE,IAAI,EAAE,kBAAkB,IAAI,WAAW;gBACvC,IAAI,EAAE,EAAE,UAAU,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE;aACnE,CAAC,CAAoE,CAAA;YAEtE,IAAI,SAAS,CAAC,KAAK,IAAI,SAAS,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;gBACvD,MAAM,IAAI,KAAK,CACb,iCAAiC,SAAS,CAAC,KAAK,IAAI,GAAG,UAAU,SAAS,CAAC,KAAK,IAAI,GAAG,EAAE,CAC1F,CAAA;YACH,CAAC;YACD,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;gBAC3B,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAA;YAC5F,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,cAAc,CAAA;YAC9C,OAAO,EAAE,GAAG,EAAE,WAAW,SAAS,CAAC,WAAW,QAAQ,MAAM,aAAa,EAAE,CAAA;QAC7E,CAAC;QAED,WAAW,CAAC,MAAM;YAChB,OAAO,MAAM,CAAC,OAAO,CAAA;QACvB,CAAC;KACF,CAAC,CAAA;AACJ,CAAC;AAED,wGAAwG;AACxG,SAAS,cAAc,CAAC,MAAc;IACpC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAA;IAC5C,OAAO,KAAK,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,cAAc,EAAE,GAAG,CAAC,CAAA;AACzD,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,WAAW,CACxB,UAAkB,EAClB,MAAqB,EACrB,QAAgB,EAChB,IAAyD;IAEzD,MAAM,IAAI,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAA;IAC7D,IAAI,MAAM,CAAC,QAAQ;QAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAA;IACvD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACzC,IAAI,CAAC,IAAI,CAAC,QAAQ;QAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;IAEhD,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,MAAM,IAAI,OAAO,CAAgC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACzF,MAAM,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE;YAChD,GAAG,EAAE,UAAU;YACf,KAAK,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;SAC3D,CAAC,CAAA;QACF,IAAI,GAAG,GAAG,EAAE,CAAA;QACZ,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAA;QAC9D,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAA;QAC9D,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAA;QACvD,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACzB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,CAAA;YAC3B,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,CAAA;QACpB,CAAC;IACH,CAAC,CAAC,CAAA;IACF,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,gBAAgB,IAAI,CAAC,IAAI,iBAAiB,IAAI,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI;YAC9E,kEAAkE,CACrE,CAAA;IACH,CAAC;IACD,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,gBAAgB,IAAI,CAAC,IAAI,iCAAiC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAA;IAChG,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,SAAS,UAAU,CAAC,WAAmB;IACrC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAA;IAC7B,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,CAAC,CAAA;QAC1D,IAAI,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,SAAS,CAAA;IAC7C,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC"}

package/dist/client.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Build the optional client SPA (the Views' UI). Best-effort: if the project
+ * has no `client/` or no resolvable Vite, we skip — the RPC surface and inline
+ * Views still work without a built SPA.
+ */
+export declare function buildClient(clientDir: string, projectDir: string, onLog?: (line: string) => void): Promise<void>;
+//# sourceMappingURL=client.d.ts.map

package/dist/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH,wBAAsB,WAAW,CAC/B,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM,EAClB,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,GAC7B,OAAO,CAAC,IAAI,CAAC,CAkBf"}

package/dist/client.js

@@ -0,0 +1,43 @@
+/**
+ * Build the optional client SPA (the Views' UI). Best-effort: if the project
+ * has no `client/` or no resolvable Vite, we skip — the RPC surface and inline
+ * Views still work without a built SPA.
+ */
+import { spawn } from 'node:child_process';
+import { existsSync } from 'node:fs';
+import { join } from 'node:path';
+export async function buildClient(clientDir, projectDir, onLog) {
+    const viteBin = [
+        join(clientDir, 'node_modules', '.bin', 'vite'),
+        join(projectDir, 'node_modules', '.bin', 'vite'),
+    ].find((p) => existsSync(p));
+    if (!viteBin) {
+        // The project has a client/ but its deps aren't installed — wrangler would
+        // otherwise fail cryptically on the missing dist-client assets dir. Fail
+        // loud with the fix (the client is a workspace package — one install covers it).
+        throw new Error(`client build: vite not found in ${clientDir}. Run \`pnpm install\` at the project root ` +
+            `first (the client/ SPA is a workspace package).`);
+    }
+    const { code, out } = await runCapture(viteBin, ['build'], clientDir, onLog);
+    if (code !== 0) {
+        throw new Error(`client build failed (code ${code}):\n${out.slice(-1500)}`);
+    }
+}
+function runCapture(cmd, args, cwd, onLog) {
+    return new Promise((resolve, reject) => {
+        const child = spawn(cmd, args, { cwd, stdio: ['ignore', 'pipe', 'pipe'] });
+        let out = '';
+        const onData = (buf) => {
+            const text = buf.toString();
+            out += text;
+            for (const line of text.split('\n'))
+                if (line.trim())
+                    onLog?.(line);
+        };
+        child.stdout?.on('data', onData);
+        child.stderr?.on('data', onData);
+        child.on('exit', (code) => resolve({ code: code ?? 1, out }));
+        child.on('error', reject);
+    });
+}
+//# sourceMappingURL=client.js.map

package/dist/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAA;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAEhC,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,SAAiB,EACjB,UAAkB,EAClB,KAA8B;IAE9B,MAAM,OAAO,GAAG;QACd,IAAI,CAAC,SAAS,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,CAAC;QAC/C,IAAI,CAAC,UAAU,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,CAAC;KACjD,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAA;IAC5B,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,2EAA2E;QAC3E,yEAAyE;QACzE,iFAAiF;QACjF,MAAM,IAAI,KAAK,CACb,mCAAmC,SAAS,6CAA6C;YACvF,iDAAiD,CACpD,CAAA;IACH,CAAC;IACD,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,KAAK,CAAC,CAAA;IAC5E,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAC7E,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CACjB,GAAW,EACX,IAAc,EACd,GAAW,EACX,KAA8B;IAE9B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,CAAA;QAC1E,IAAI,GAAG,GAAG,EAAE,CAAA;QACZ,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;YAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAA;YAC3B,GAAG,IAAI,IAAI,CAAA;YACX,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBAAE,IAAI,IAAI,CAAC,IAAI,EAAE;oBAAE,KAAK,EAAE,CAAC,IAAI,CAAC,CAAA;QACrE,CAAC,CAAA;QACD,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QAChC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QAChC,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAA;QAC7D,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IAC3B,CAAC,CAAC,CAAA;AACJ,CAAC"}

package/dist/cloudflare.d.ts

@@ -0,0 +1,22 @@
+/**
+ * `cloudflare(envs)` — the Cloudflare deployment adapter.
+ *
+ * Owns everything target-specific: it codegens the Worker entry + wrangler
+ * config (the dev never sees a `wrangler.jsonc`), builds the optional client
+ * SPA, and shells out to `wrangler`. `watch` → `wrangler dev` (local URL);
+ * `deploy` → `wrangler deploy` (workers.dev or a custom-domain URL); secrets →
+ * `wrangler secret bulk`. Both `watch` and `deploy` return the URL the devkit
+ * prints and `astrale instance install <url>` consumes.
+ */
+import type { DeployCtx, DomainAdapter, WatchCtx } from '@astrale-os/devkit';
+import type { CloudflareParams } from './params';
+export declare function cloudflare(envs: Record<string, CloudflareParams>): DomainAdapter<CloudflareParams>;
+export declare function prepare(params: CloudflareParams, ctx: WatchCtx | DeployCtx, mode: 'dev' | 'deploy'): Promise<{
+    configPath: string;
+    fallbackConfigPath?: string;
+    port: number;
+    workerName: string;
+}>;
+export declare function workerName(params: CloudflareParams, origin: string): string;
+export declare function logTo(): (line: string) => void;
+//# sourceMappingURL=cloudflare.d.ts.map

package/dist/cloudflare.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloudflare.d.ts","sourceRoot":"","sources":["../src/cloudflare.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAA;AAM5E,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAA;AAUhD,wBAAgB,UAAU,CACxB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,GACrC,aAAa,CAAC,gBAAgB,CAAC,CAsDjC;AAID,wBAAsB,OAAO,CAC3B,MAAM,EAAE,gBAAgB,EACxB,GAAG,EAAE,QAAQ,GAAG,SAAS,EACzB,IAAI,EAAE,KAAK,GAAG,QAAQ,GACrB,OAAO,CAAC;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAAC,CA0EhG;AAoCD,wBAAgB,UAAU,CAAC,MAAM,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAsB3E;AAED,wBAAgB,KAAK,IAAI,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,CAE9C"}

package/dist/cloudflare.js

@@ -0,0 +1,186 @@
+/**
+ * `cloudflare(envs)` — the Cloudflare deployment adapter.
+ *
+ * Owns everything target-specific: it codegens the Worker entry + wrangler
+ * config (the dev never sees a `wrangler.jsonc`), builds the optional client
+ * SPA, and shells out to `wrangler`. `watch` → `wrangler dev` (local URL);
+ * `deploy` → `wrangler deploy` (workers.dev or a custom-domain URL); secrets →
+ * `wrangler secret bulk`. Both `watch` and `deploy` return the URL the devkit
+ * prints and `astrale instance install <url>` consumes.
+ */
+import { defineAdapter, hasStarModule } from '@astrale-os/devkit';
+import { mkdir, writeFile } from 'node:fs/promises';
+import { join } from 'node:path';
+import { buildClient } from './client';
+import { ensureIdentity } from './codegen/identity';
+import { generateWorkerEntry } from './codegen/worker';
+import { generateWranglerConfig } from './codegen/wrangler';
+import { bulkPutSecrets, runWranglerDeploy, runWranglerDev } from './wrangler-cli';
+const DEFAULT_PORT = 8787;
+export function cloudflare(envs) {
+    return defineAdapter({
+        name: 'cloudflare',
+        envs,
+        async watch(params, ctx) {
+            const { configPath, port } = await prepare(params, ctx, 'dev');
+            if (ctx.clientDir)
+                await buildClient(ctx.clientDir, ctx.projectDir, logTo());
+            const handle = await runWranglerDev({
+                projectDir: ctx.projectDir,
+                configPath,
+                port,
+                remote: Boolean(params.remote),
+                onReload: ctx.onReload,
+                onLog: logTo(),
+            });
+            return { url: handle.url, stop: handle.stop };
+        },
+        async deploy(params, ctx) {
+            const { configPath, fallbackConfigPath, workerName: name, } = await prepare(params, ctx, 'deploy');
+            if (ctx.clientDir)
+                await buildClient(ctx.clientDir, ctx.projectDir, logTo());
+            const { url } = await runWranglerDeploy({
+                projectDir: ctx.projectDir,
+                configPath,
+                workerName: name,
+                ...(fallbackConfigPath ? { fallbackConfigPath } : {}),
+                ...(params.route ? { route: params.route } : {}),
+                onLog: logTo(),
+            });
+            if (Object.keys(ctx.secrets).length > 0) {
+                await bulkPutSecrets({
+                    projectDir: ctx.projectDir,
+                    configPath,
+                    secrets: ctx.secrets,
+                    onLog: logTo(),
+                });
+            }
+            // A first deploy on a fresh `*.workers.dev` host can take ~30-60s to
+            // propagate; an `astrale instance install <url>` issued right away would
+            // 404 (Cloudflare 1042). Block until the URL actually serves so the
+            // install line we print is immediately actionable.
+            await waitUntilLive(url, logTo());
+            return { url };
+        },
+        secretsFile(params) {
+            return params.secrets;
+        },
+    });
+}
+// ── codegen orchestration ──────────────────────────────────────────────────
+export async function prepare(params, ctx, mode) {
+    const astraleDir = join(ctx.projectDir, '.astrale');
+    await mkdir(astraleDir, { recursive: true });
+    await ensureIdentity(astraleDir, ctx.domain.origin);
+    const name = workerName(params, ctx.domain.origin);
+    // Shared ★-files probe: must agree with the codegen's `import { views } from
+    // '../views'` resolution (folder index OR sibling file) — a folder-only
+    // existsSync would deploy a worker whose graph silently lacks a sibling-file
+    // module the diagnostic spec includes.
+    const hasViews = hasStarModule(ctx.projectDir, 'views');
+    const hasFunctions = hasStarModule(ctx.projectDir, 'functions');
+    const hasClient = Boolean(ctx.clientDir);
+    await writeFile(join(astraleDir, 'worker.gen.ts'), generateWorkerEntry({
+        origin: ctx.domain.origin,
+        ...(ctx.domain.postInstall ? { postInstall: ctx.domain.postInstall } : {}),
+        requires: ctx.domain.requires,
+        hasViews,
+        hasFunctions,
+        hasClient,
+    }));
+    // Pin the worker's canonical serving URL (its `iss` identity) for routed
+    // deploys: a routed worker may ALSO be reachable via `*.workers.dev`, so
+    // resolving the URL from the per-request Host would let `iss` drift between
+    // hostnames. Dev + workers.dev-only deploys are single-host, so the worker
+    // falls back to the per-request Host (always the canonical URL there).
+    // An explicit `vars.WORKER_URL` (e.g. a tunnel/proxy front) wins.
+    const workerUrl = mode === 'deploy' && params.route ? `https://${params.route}` : undefined;
+    // Dev injects secrets as local vars (the gitignored .astrale config never
+    // ships); deploy keeps secrets out of the config and pushes them encrypted.
+    const vars = {
+        ...(workerUrl ? { WORKER_URL: workerUrl } : {}),
+        ...(mode === 'dev' ? { ...params.vars, ...ctx.secrets } : { ...params.vars }),
+    };
+    const baseConfig = {
+        workerName: name,
+        ...(mode === 'deploy' && params.route ? { route: params.route } : {}),
+        hasClient,
+        vars,
+        // Escape hatch: extra bindings (KV/R2/D1/queues/…) deep-merged on top. Same
+        // overlay in dev and deploy — it's infra, not env-specific plumbing — and it
+        // flows into both the SELF and the SELF-less fallback config below.
+        ...(params.wrangler ? { wrangler: params.wrangler } : {}),
+    };
+    // Always self-bind: it enables autobinding (a handler calling its own domain).
+    // Locally the dev registry resolves it; on deploy the first deploy of a fresh
+    // worker can't (the script doesn't exist yet), so we also emit a SELF-less
+    // fallback config that `runWranglerDeploy` uses for a one-time two-pass deploy.
+    const configPath = join(astraleDir, 'wrangler.gen.jsonc');
+    await writeFile(configPath, generateWranglerConfig({ ...baseConfig, selfBinding: true }));
+    let fallbackConfigPath;
+    if (mode === 'deploy') {
+        fallbackConfigPath = join(astraleDir, 'wrangler.no-self.gen.jsonc');
+        await writeFile(fallbackConfigPath, generateWranglerConfig({ ...baseConfig, selfBinding: false }));
+    }
+    return {
+        configPath,
+        ...(fallbackConfigPath ? { fallbackConfigPath } : {}),
+        port: params.port ?? DEFAULT_PORT,
+        workerName: name,
+    };
+}
+/**
+ * Poll the deployed URL until the worker answers (anything but the Cloudflare
+ * 1042 "no script on this host" 404), or give up after `timeoutMs`. Resolves
+ * silently on the fast path; logs only when propagation actually makes us wait.
+ */
+async function waitUntilLive(url, onLog, timeoutMs = 90_000) {
+    const probe = new URL('/health', url);
+    const deadline = Date.now() + timeoutMs;
+    let waited = false;
+    for (;;) {
+        try {
+            const res = await fetch(probe, { redirect: 'manual' });
+            if (res.status !== 404)
+                return;
+        }
+        catch {
+            // Network hiccup — treat like "not live yet" and keep polling.
+        }
+        if (Date.now() >= deadline) {
+            onLog(`URL not reachable yet after ${Math.round(timeoutMs / 1000)}s — it may need a moment.`);
+            return;
+        }
+        if (!waited) {
+            waited = true;
+            onLog('waiting for the URL to go live (first deploys can take ~30-60s)…');
+        }
+        await new Promise((r) => setTimeout(r, 3000));
+    }
+}
+const WORKER_NAME_RE = /^[a-z0-9][a-z0-9-]*$/;
+export function workerName(params, origin) {
+    // An explicit name is the deployed worker's identity (and the SELF service
+    // target) — validate and reject an invalid one rather than silently rewriting
+    // it, so the dev fixes it instead of deploying under a surprising name.
+    if (params.workerName !== undefined) {
+        if (!WORKER_NAME_RE.test(params.workerName) || params.workerName.length > 63) {
+            throw new Error(`cloudflare adapter: invalid \`workerName\` "${params.workerName}". A Cloudflare worker ` +
+                'name must be lowercase, start with a letter or digit, contain only letters, digits and ' +
+                'dashes, and be at most 63 chars.');
+        }
+        return params.workerName;
+    }
+    // Derive from the origin: lowercase, collapse non-alphanumerics to a dash, then
+    // SLICE before trimming dashes so a cut landing mid-dash can't leave a trailing
+    // "-" (which wrangler rejects).
+    return origin
+        .toLowerCase()
+        .replace(/[^a-z0-9]+/g, '-')
+        .slice(0, 54)
+        .replace(/^-+|-+$/g, '');
+}
+export function logTo() {
+    return (line) => process.stderr.write(`\x1b[2m  ${line}\x1b[0m\n`);
+}
+//# sourceMappingURL=cloudflare.js.map

package/dist/cloudflare.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloudflare.js","sourceRoot":"","sources":["../src/cloudflare.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAIH,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AACjE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAA;AACnD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAIhC,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAA;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAA;AACtD,OAAO,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAA;AAC3D,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAElF,MAAM,YAAY,GAAG,IAAI,CAAA;AAEzB,MAAM,UAAU,UAAU,CACxB,IAAsC;IAEtC,OAAO,aAAa,CAAmB;QACrC,IAAI,EAAE,YAAY;QAClB,IAAI;QAEJ,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,GAAG;YACrB,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,MAAM,OAAO,CAAC,MAAM,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;YAC9D,IAAI,GAAG,CAAC,SAAS;gBAAE,MAAM,WAAW,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,CAAC,CAAA;YAC5E,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC;gBAClC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,UAAU;gBACV,IAAI;gBACJ,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;gBAC9B,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,KAAK,EAAE,KAAK,EAAE;aACf,CAAC,CAAA;YACF,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAA;QAC/C,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG;YACtB,MAAM,EACJ,UAAU,EACV,kBAAkB,EAClB,UAAU,EAAE,IAAI,GACjB,GAAG,MAAM,OAAO,CAAC,MAAM,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAA;YACxC,IAAI,GAAG,CAAC,SAAS;gBAAE,MAAM,WAAW,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,CAAC,CAAA;YAC5E,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,iBAAiB,CAAC;gBACtC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,UAAU;gBACV,UAAU,EAAE,IAAI;gBAChB,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,kBAAkB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrD,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAChD,KAAK,EAAE,KAAK,EAAE;aACf,CAAC,CAAA;YACF,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxC,MAAM,cAAc,CAAC;oBACnB,UAAU,EAAE,GAAG,CAAC,UAAU;oBAC1B,UAAU;oBACV,OAAO,EAAE,GAAG,CAAC,OAAO;oBACpB,KAAK,EAAE,KAAK,EAAE;iBACf,CAAC,CAAA;YACJ,CAAC;YACD,qEAAqE;YACrE,yEAAyE;YACzE,oEAAoE;YACpE,mDAAmD;YACnD,MAAM,aAAa,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,CAAA;YACjC,OAAO,EAAE,GAAG,EAAE,CAAA;QAChB,CAAC;QAED,WAAW,CAAC,MAAM;YAChB,OAAO,MAAM,CAAC,OAAO,CAAA;QACvB,CAAC;KACF,CAAC,CAAA;AACJ,CAAC;AAED,8EAA8E;AAE9E,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,MAAwB,EACxB,GAAyB,EACzB,IAAsB;IAEtB,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,CAAA;IACnD,MAAM,KAAK,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IAC5C,MAAM,cAAc,CAAC,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IAEnD,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IAClD,6EAA6E;IAC7E,wEAAwE;IACxE,6EAA6E;IAC7E,uCAAuC;IACvC,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;IACvD,MAAM,YAAY,GAAG,aAAa,CAAC,GAAG,CAAC,UAAU,EAAE,WAAW,CAAC,CAAA;IAC/D,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;IAExC,MAAM,SAAS,CACb,IAAI,CAAC,UAAU,EAAE,eAAe,CAAC,EACjC,mBAAmB,CAAC;QAClB,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,MAAM;QACzB,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ;QAC7B,QAAQ;QACR,YAAY;QACZ,SAAS;KACV,CAAC,CACH,CAAA;IAED,yEAAyE;IACzE,yEAAyE;IACzE,4EAA4E;IAC5E,2EAA2E;IAC3E,uEAAuE;IACvE,kEAAkE;IAClE,MAAM,SAAS,GAAG,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAA;IAE3F,0EAA0E;IAC1E,4EAA4E;IAC5E,MAAM,IAAI,GAAG;QACX,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/C,GAAG,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;KAC9E,CAAA;IAED,MAAM,UAAU,GAAG;QACjB,UAAU,EAAE,IAAI;QAChB,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACrE,SAAS;QACT,IAAI;QACJ,4EAA4E;QAC5E,6EAA6E;QAC7E,oEAAoE;QACpE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC1D,CAAA;IAED,+EAA+E;IAC/E,8EAA8E;IAC9E,2EAA2E;IAC3E,gFAAgF;IAChF,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAAA;IACzD,MAAM,SAAS,CAAC,UAAU,EAAE,sBAAsB,CAAC,EAAE,GAAG,UAAU,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;IAEzF,IAAI,kBAAsC,CAAA;IAC1C,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,kBAAkB,GAAG,IAAI,CAAC,UAAU,EAAE,4BAA4B,CAAC,CAAA;QACnE,MAAM,SAAS,CACb,kBAAkB,EAClB,sBAAsB,CAAC,EAAE,GAAG,UAAU,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAC9D,CAAA;IACH,CAAC;IAED,OAAO;QACL,UAAU;QACV,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,kBAAkB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACrD,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,YAAY;QACjC,UAAU,EAAE,IAAI;KACjB,CAAA;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,aAAa,CAC1B,GAAW,EACX,KAA6B,EAC7B,SAAS,GAAG,MAAM;IAElB,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAA;IACvC,IAAI,MAAM,GAAG,KAAK,CAAA;IAClB,SAAS,CAAC;QACR,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAA;YACtD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAM;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,+DAA+D;QACjE,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,QAAQ,EAAE,CAAC;YAC3B,KAAK,CAAC,+BAA+B,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,2BAA2B,CAAC,CAAA;YAC7F,OAAM;QACR,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,IAAI,CAAA;YACb,KAAK,CAAC,kEAAkE,CAAC,CAAA;QAC3E,CAAC;QACD,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;IAC/C,CAAC;AACH,CAAC;AAED,MAAM,cAAc,GAAG,sBAAsB,CAAA;AAE7C,MAAM,UAAU,UAAU,CAAC,MAAwB,EAAE,MAAc;IACjE,2EAA2E;IAC3E,8EAA8E;IAC9E,wEAAwE;IACxE,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACpC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YAC7E,MAAM,IAAI,KAAK,CACb,+CAA+C,MAAM,CAAC,UAAU,yBAAyB;gBACvF,yFAAyF;gBACzF,kCAAkC,CACrC,CAAA;QACH,CAAC;QACD,OAAO,MAAM,CAAC,UAAU,CAAA;IAC1B,CAAC;IACD,gFAAgF;IAChF,gFAAgF;IAChF,gCAAgC;IAChC,OAAO,MAAM;SACV,WAAW,EAAE;SACb,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC;SAC3B,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;SACZ,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAA;AAC5B,CAAC;AAED,MAAM,UAAU,KAAK;IACnB,OAAO,CAAC,IAAY,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,IAAI,WAAW,CAAC,CAAA;AAC5E,CAAC"}

package/dist/codegen/identity.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Ensure the domain has a stable Ed25519 signing identity at
+ * `.astrale/identity.ts`. Generated ONCE (first `dev`/`deploy` or by the
+ * scaffolder) and never regenerated — the private key IS the domain's identity,
+ * so rotating it would orphan every instance that installed the old key. The
+ * file is gitignored; for real production this key should graduate to a managed
+ * secret.
+ */
+export declare function ensureIdentity(astraleDir: string, origin: string): Promise<void>;
+//# sourceMappingURL=identity.d.ts.map

package/dist/codegen/identity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../src/codegen/identity.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAOH,wBAAsB,cAAc,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAyBtF"}

package/dist/codegen/identity.js

@@ -0,0 +1,32 @@
+/**
+ * Ensure the domain has a stable Ed25519 signing identity at
+ * `.astrale/identity.ts`. Generated ONCE (first `dev`/`deploy` or by the
+ * scaffolder) and never regenerated — the private key IS the domain's identity,
+ * so rotating it would orphan every instance that installed the old key. The
+ * file is gitignored; for real production this key should graduate to a managed
+ * secret.
+ */
+import { exportJWK, generateKeyPair } from 'jose';
+import { existsSync } from 'node:fs';
+import { mkdir, writeFile } from 'node:fs/promises';
+import { join } from 'node:path';
+export async function ensureIdentity(astraleDir, origin) {
+    const file = join(astraleDir, 'identity.ts');
+    if (existsSync(file))
+        return;
+    const { privateKey } = await generateKeyPair('EdDSA', { extractable: true });
+    const jwk = (await exportJWK(privateKey));
+    jwk.alg = 'EdDSA';
+    jwk.kid = `${origin}-key`;
+    await mkdir(astraleDir, { recursive: true });
+    await writeFile(file, `// AUTO-GENERATED stable signing identity for "${origin}" — do not edit, do not commit.\n` +
+        `export const PRIVATE_JWK = ${JSON.stringify(jwk, null, 2)} as const\n`);
+    // Loud on purpose: the file is gitignored, so a fresh clone / CI runner
+    // silently mints a NEW key — and a redeploy with a new key breaks JWKS
+    // verification on every instance that installed the old one, with no hint
+    // why. Make the lifecycle visible the one time it happens.
+    process.stderr.write(`\x1b[33m!\x1b[0m new signing identity generated at .astrale/identity.ts (kid ${String(jwk.kid)}).\n` +
+        `  This key IS "${origin}"'s identity: back it up (or move it to a managed secret) —\n` +
+        `  deploying from another machine without it re-keys the domain and breaks existing installs.\n`);
+}
+//# sourceMappingURL=identity.js.map

package/dist/codegen/identity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity.js","sourceRoot":"","sources":["../../src/codegen/identity.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,MAAM,CAAA;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAA;AACnD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAEhC,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,UAAkB,EAAE,MAAc;IACrE,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,EAAE,aAAa,CAAC,CAAA;IAC5C,IAAI,UAAU,CAAC,IAAI,CAAC;QAAE,OAAM;IAE5B,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,eAAe,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;IAC5E,MAAM,GAAG,GAAG,CAAC,MAAM,SAAS,CAAC,UAAU,CAAC,CAA4B,CAAA;IACpE,GAAG,CAAC,GAAG,GAAG,OAAO,CAAA;IACjB,GAAG,CAAC,GAAG,GAAG,GAAG,MAAM,MAAM,CAAA;IAEzB,MAAM,KAAK,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IAC5C,MAAM,SAAS,CACb,IAAI,EACJ,kDAAkD,MAAM,mCAAmC;QACzF,8BAA8B,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,aAAa,CAC1E,CAAA;IAED,wEAAwE;IACxE,uEAAuE;IACvE,0EAA0E;IAC1E,2DAA2D;IAC3D,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,gFAAgF,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM;QACnG,kBAAkB,MAAM,+DAA+D;QACvF,gGAAgG,CACnG,CAAA;AACH,CAAC"}

package/dist/codegen/merge.d.ts

@@ -0,0 +1,20 @@
+/**
+ * Deep-merge for the generated wrangler config. `base` is what the adapter
+ * generates; `overlay` is the dev's `params.wrangler` escape hatch. The merge
+ * is additive so a dev can declare extra bindings without losing the adapter's
+ * invariants:
+ *   - plain objects      → recurse
+ *   - arrays             → concat, de-duplicating BOTH primitive members and
+ *                          object bindings by an identity key (`binding` /
+ *                          `pattern` / `queue` / `name`, else structural value),
+ *                          with the overlay entry overriding a base entry of the
+ *                          same identity. So a dev overlay that re-declares the
+ *                          adapter's `SELF` service (or any binding) replaces it
+ *                          instead of emitting a duplicate wrangler rejects.
+ *   - scalars / new keys → overlay wins
+ *
+ * Protecting the load-bearing keys (`main`, `assets`, …) is policy enforced by
+ * the caller (`generateWranglerConfig`), not here — this stays a generic merge.
+ */
+export declare function deepMergeConfig(base: Record<string, unknown>, overlay: Record<string, unknown>): Record<string, unknown>;
+//# sourceMappingURL=merge.d.ts.map

package/dist/codegen/merge.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"merge.d.ts","sourceRoot":"","sources":["../../src/codegen/merge.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,eAAe,CAC7B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAazB"}