@blogic-cz/agent-tools 0.14.29 → 0.14.31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -240,6 +240,10 @@
|
|
|
240
240
|
"description": "Optional timeout for establishing a tunnel, in milliseconds.",
|
|
241
241
|
"type": "number"
|
|
242
242
|
},
|
|
243
|
+
"apiProbeTimeoutMs": {
|
|
244
|
+
"description": "Timeout in milliseconds for the Kubernetes API-server reachability probe run before a tunnel attempt. Lets the direct (no-VPN) attempt fail fast instead of waiting out tunnelTimeoutMs when the API server is unreachable. Set to 0 to disable. Defaults to 2000.",
|
|
245
|
+
"type": "number"
|
|
246
|
+
},
|
|
243
247
|
"remotePort": {
|
|
244
248
|
"description": "Optional remote database port used by the tunnel.",
|
|
245
249
|
"type": "number"
|
package/src/config/types.ts
CHANGED
|
@@ -103,6 +103,15 @@ export type DatabaseConfig = ProfilePrerequisites & {
|
|
|
103
103
|
service?: string;
|
|
104
104
|
};
|
|
105
105
|
tunnelTimeoutMs?: number;
|
|
106
|
+
/**
|
|
107
|
+
* Timeout in milliseconds for the cheap Kubernetes API-server reachability probe
|
|
108
|
+
* run before attempting a tunnel. When the API server is unreachable (VPN down and
|
|
109
|
+
* not on the office network) `kubectl port-forward` hangs silently on TCP connect, so
|
|
110
|
+
* a short probe lets the direct (no-VPN) attempt fail fast and fall back to connecting
|
|
111
|
+
* the VPN instead of waiting out `tunnelTimeoutMs`. Set to 0 to disable the probe.
|
|
112
|
+
* Defaults to 2000.
|
|
113
|
+
*/
|
|
114
|
+
apiProbeTimeoutMs?: number;
|
|
106
115
|
remotePort?: number;
|
|
107
116
|
};
|
|
108
117
|
|
package/src/db-tool/service.ts
CHANGED
|
@@ -51,6 +51,27 @@ export function resolveDbAccessMode(
|
|
|
51
51
|
};
|
|
52
52
|
}
|
|
53
53
|
|
|
54
|
+
/**
|
|
55
|
+
* Build the kubectl args for the lightweight API-server reachability probe.
|
|
56
|
+
* Hitting `/version` via `--raw` is the cheapest authenticated round-trip; `--request-timeout`
|
|
57
|
+
* bounds it so an unreachable server (VPN down, off the office network) fails fast instead of
|
|
58
|
+
* letting a subsequent `kubectl port-forward` hang on a silent TCP connect.
|
|
59
|
+
*/
|
|
60
|
+
export function buildApiProbeArgs(
|
|
61
|
+
kubeconfig: string | undefined,
|
|
62
|
+
context: string,
|
|
63
|
+
timeoutMs: number,
|
|
64
|
+
): string[] {
|
|
65
|
+
return [
|
|
66
|
+
...(kubeconfig ? ["--kubeconfig", kubeconfig] : []),
|
|
67
|
+
"--context",
|
|
68
|
+
context,
|
|
69
|
+
"get",
|
|
70
|
+
"--raw=/version",
|
|
71
|
+
`--request-timeout=${timeoutMs}ms`,
|
|
72
|
+
];
|
|
73
|
+
}
|
|
74
|
+
|
|
54
75
|
export class DbService extends Context.Service<
|
|
55
76
|
DbService,
|
|
56
77
|
{
|
|
@@ -89,6 +110,7 @@ export class DbService extends Context.Service<
|
|
|
89
110
|
const kubectlNamespace = dbConfig.kubectl?.namespace;
|
|
90
111
|
const kubectlService = dbConfig.kubectl?.service ?? "postgresql";
|
|
91
112
|
const tunnelTimeoutMs = dbConfig.tunnelTimeoutMs ?? 5000;
|
|
113
|
+
const apiProbeTimeoutMs = dbConfig.apiProbeTimeoutMs ?? 2000;
|
|
92
114
|
const remotePort = dbConfig.remotePort ?? 5432;
|
|
93
115
|
|
|
94
116
|
const zshrcEnvCache = yield* Ref.make<Record<string, string> | null>(null);
|
|
@@ -326,6 +348,35 @@ export class DbService extends Context.Service<
|
|
|
326
348
|
return proc;
|
|
327
349
|
});
|
|
328
350
|
|
|
351
|
+
/**
|
|
352
|
+
* Cheap pre-flight check: is the Kubernetes API server reachable right now?
|
|
353
|
+
* Returns true when the probe is disabled (apiProbeTimeoutMs <= 0) or no context is
|
|
354
|
+
* configured, so behaviour is unchanged unless a probe can meaningfully run. A false
|
|
355
|
+
* result lets the direct (no-VPN) tunnel attempt bail fast and fall back to the VPN
|
|
356
|
+
* prerequisite instead of waiting out tunnelTimeoutMs on a silently hanging port-forward.
|
|
357
|
+
*/
|
|
358
|
+
const probeApiServerReachable = Effect.fn("DbService.probeApiServerReachable")(function* (
|
|
359
|
+
config: DbConfig,
|
|
360
|
+
) {
|
|
361
|
+
if (!kubectlContext || apiProbeTimeoutMs <= 0) {
|
|
362
|
+
return true;
|
|
363
|
+
}
|
|
364
|
+
|
|
365
|
+
const kubeconfig = yield* resolveKubeconfig(config.port).pipe(
|
|
366
|
+
Effect.orElseSucceed(() => undefined),
|
|
367
|
+
);
|
|
368
|
+
|
|
369
|
+
const result = yield* executeShellCommand(
|
|
370
|
+
ChildProcess.make(
|
|
371
|
+
"kubectl",
|
|
372
|
+
buildApiProbeArgs(kubeconfig, kubectlContext, apiProbeTimeoutMs),
|
|
373
|
+
{ stdout: "pipe", stderr: "pipe" },
|
|
374
|
+
),
|
|
375
|
+
).pipe(Effect.catch(() => Effect.succeed({ stdout: "", stderr: "", exitCode: 1 })));
|
|
376
|
+
|
|
377
|
+
return result.exitCode === 0;
|
|
378
|
+
});
|
|
379
|
+
|
|
329
380
|
const buildPsqlCommand = (
|
|
330
381
|
config: DbConfig,
|
|
331
382
|
sql: string,
|
|
@@ -434,7 +485,8 @@ export class DbService extends Context.Service<
|
|
|
434
485
|
startTimeMs: number,
|
|
435
486
|
applyTransform = false,
|
|
436
487
|
) {
|
|
437
|
-
const
|
|
488
|
+
const selectSql = sql.trim().replace(/;\s*$/, "");
|
|
489
|
+
const wrappedSql = `SELECT json_agg(t) FROM (${selectSql}) t;`;
|
|
438
490
|
const command = buildPsqlCommand(config, wrappedSql, password, true);
|
|
439
491
|
const result = yield* executeShellCommand(command);
|
|
440
492
|
const endTime = yield* Clock.currentTimeMillis;
|
|
@@ -605,6 +657,14 @@ export class DbService extends Context.Service<
|
|
|
605
657
|
|
|
606
658
|
return Effect.scoped(
|
|
607
659
|
Effect.gen(function* () {
|
|
660
|
+
const reachable = yield* probeApiServerReachable(config);
|
|
661
|
+
if (!reachable) {
|
|
662
|
+
return yield* new DbTunnelError({
|
|
663
|
+
message: `Kubernetes API server not reachable within ${apiProbeTimeoutMs}ms; skipping tunnel attempt (VPN likely not connected and not on the office network).`,
|
|
664
|
+
port: config.port,
|
|
665
|
+
});
|
|
666
|
+
}
|
|
667
|
+
|
|
608
668
|
const tunnelProc = yield* startTunnelProcess(config).pipe(
|
|
609
669
|
Effect.mapError(
|
|
610
670
|
(platformError) =>
|
|
@@ -31,6 +31,20 @@ const filterBySource = (summaries: MessageSummary[], source: string): MessageSum
|
|
|
31
31
|
return summaries.filter((s) => s.source === (source as SessionSource));
|
|
32
32
|
};
|
|
33
33
|
|
|
34
|
+
const latestSessionSummaries = (summaries: MessageSummary[]): MessageSummary[] => {
|
|
35
|
+
const bySession = new Map<string, MessageSummary>();
|
|
36
|
+
|
|
37
|
+
for (const summary of summaries) {
|
|
38
|
+
const key = `${summary.source}:${summary.sessionID}`;
|
|
39
|
+
const previous = bySession.get(key);
|
|
40
|
+
if (previous === undefined || summary.created > previous.created) {
|
|
41
|
+
bySession.set(key, summary);
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
return [...bySession.values()].toSorted((left, right) => right.created - left.created);
|
|
46
|
+
};
|
|
47
|
+
|
|
34
48
|
const buildScopeLabel = (searchAll: boolean, currentDir: string) => {
|
|
35
49
|
if (searchAll) {
|
|
36
50
|
return "all projects";
|
|
@@ -100,7 +114,7 @@ const listCommand = Command.make(
|
|
|
100
114
|
}
|
|
101
115
|
|
|
102
116
|
const allSummaries = yield* sessionService.getMessageSummaries(sessionFilter);
|
|
103
|
-
const summaries = filterBySource(allSummaries, source);
|
|
117
|
+
const summaries = latestSessionSummaries(filterBySource(allSummaries, source));
|
|
104
118
|
const results = summaries.slice(0, limit).map((summary) => ({
|
|
105
119
|
created: formatDate(summary.created),
|
|
106
120
|
sessionID: summary.sessionID,
|