npm - @camstack/addon-pipeline-orchestrator - Versions diffs - 0.1.13 → 0.1.14 - Mend

@camstack/addon-pipeline-orchestrator 0.1.13 → 0.1.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/index.mjs CHANGED Viewed

@@ -10292,51 +10292,6 @@ const AuthResultSchema = object({
     validateToken: method(object({ token: string() }), AuthResultSchema.nullable())
   }
 });
-const AuthProviderInfoSchema = object({
-  /** Stable id matching the addon id (used for `getLoginUrl({addonId,…})`). */
-  addonId: string(),
-  /**
-   * Per-instance id when one addon registers multiple "logical"
-   * providers (e.g. OIDC with Google + Microsoft + custom). The login
-   * URL becomes `/addon/${addonId}/${instanceId}/start` — handler reads
-   * `:instanceId` from the route. Empty/unset means the addon is a
-   * single-instance provider; the URL is `/addon/${addonId}/start`.
-   */
-  instanceId: string().optional(),
-  /** Display label shown on the login button + admin row. */
-  displayName: string(),
-  /** Optional iconography hint (lucide-react icon name OR emoji). */
-  icon: string().optional(),
-  /** When true, the provider exposes a redirect-based login flow
-   *  (`getLoginUrl` returns a URL the browser navigates to). */
-  hasRedirectFlow: boolean(),
-  /** When true, the provider exposes a credential-form login flow
-   *  (`validateCredentials` accepts username + password). */
-  hasCredentialFlow: boolean(),
-  /** Provider kind, drives admin-UI hint dispatch (oidc / saml / totp / …). */
-  kind: string().optional(),
-  /** Operator-facing status string (e.g. "Connected to https://login.acme.com"). */
-  status: string().optional(),
-  /** When false, the provider is registered but disabled by config; the
-   *  UI surfaces it as inactive without enumerating it for login. */
-  enabled: boolean()
-});
-({
-  methods: {
-    /** All registered auth providers, both enabled and disabled. */
-    listProviders: method(_void(), array(AuthProviderInfoSchema).readonly()),
-    /**
-     * Toggle a provider's enabled flag. Disabled providers stay
-     * registered but aren't surfaced on the login page. The orchestrator
-     * persists the state in `addon-settings` so it survives restarts.
-     */
-    setProviderEnabled: method(
-      object({ addonId: string(), enabled: boolean() }),
-      object({ success: literal(true) }),
-      { kind: "mutation", auth: "admin" }
-    )
-  }
-});
 const NetworkEndpointSchema = object({
   url: string(),
   hostname: string(),
@@ -10368,55 +10323,13 @@ const NetworkEndpointEntrySchema = NetworkEndpointSchema.extend({
     getEndpoint: method(_void(), NetworkEndpointSchema.nullable()),
     getStatus: method(_void(), NetworkAccessStatusSchema),
     /**
-     * Enumerate every active ingress entry. Default implementation (when
-     * the provider omits this method) is derived from `getEndpoint()` —
-     * see the remote-access orchestrator for the fallback path.
+     * Enumerate every active ingress entry. Providers that expose only a
+     * single endpoint may omit this method; callers fall back to
+     * `getEndpoint()` in that case.
      */
     listEndpoints: method(_void(), array(NetworkEndpointEntrySchema).readonly())
   }
 });
-const RemoteAccessEndpointSchema = object({
-  url: string(),
-  hostname: string(),
-  port: number(),
-  protocol: _enum(["http", "https"])
-});
-const RemoteAccessProviderInfoSchema = object({
-  /** Stable id matching the addon id. */
-  addonId: string(),
-  /** Display label shown on the admin row — sourced from the addon manifest. */
-  displayName: string(),
-  /** When false, the provider is registered but disabled. */
-  enabled: boolean(),
-  /** True when the underlying tunnel/connection is up. */
-  connected: boolean(),
-  /** Public-facing endpoint, when connected. Null otherwise. */
-  endpoint: RemoteAccessEndpointSchema.nullable(),
-  /** Last error message (when connected=false), if available. */
-  error: string().optional()
-});
-({
-  methods: {
-    /** All registered remote-access providers + their live status. */
-    listProviders: method(_void(), array(RemoteAccessProviderInfoSchema).readonly()),
-    /**
-     * Start a specific provider's tunnel. Per-provider config still
-     * lives on the addon's settings panel; this is just the on/off
-     * trigger so the admin UI can manage the lifecycle from one place.
-     */
-    startProvider: method(
-      object({ addonId: string() }),
-      RemoteAccessEndpointSchema,
-      { kind: "mutation", auth: "admin" }
-    ),
-    /** Stop a specific provider's tunnel (idempotent on already-stopped). */
-    stopProvider: method(
-      object({ addonId: string() }),
-      object({ success: literal(true) }),
-      { kind: "mutation", auth: "admin" }
-    )
-  }
-});
 const TurnServerSchema = object({
   /** Single URL or list of URLs (e.g. "turn:turn.example.com:3478?transport=udp"). */
   urls: union([string(), array(string())]),
@@ -10436,45 +10349,6 @@ const TurnServerSchema = object({
     )
   }
 });
-const TurnProviderInfoSchema = object({
-  /** Stable id matching the addon id. */
-  addonId: string(),
-  /** Display label shown on the admin row — sourced from the addon manifest. */
-  displayName: string(),
-  /** When false, the provider is registered but disabled. */
-  enabled: boolean(),
-  /** Number of servers this provider is currently exposing. */
-  serverCount: number(),
-  /**
-   * Flat list of every TURN/STUN URL this provider currently exposes.
-   * One row per URL (multi-URL ICE server entries are flattened). The
-   * admin UI shows this in a compact per-provider list so operators
-   * can verify what's actually being negotiated without having to dig
-   * into the combined `getAllServers` output.
-   */
-  urls: array(string()).readonly(),
-  /** Last fetch error (when serverCount=0 due to API failure), if any. */
-  error: string().optional()
-});
-({
-  methods: {
-    /** All registered TURN providers + per-provider stats. */
-    listProviders: method(_void(), array(TurnProviderInfoSchema).readonly()),
-    /**
-     * Combined list of TURN/STUN servers from all ENABLED providers.
-     * Consumed by the WebRTC layer at session-creation time —
-     * implementations may fetch fresh short-lived credentials each
-     * call (e.g. Cloudflare API), so consumers SHOULD call per-session.
-     */
-    getAllServers: method(_void(), array(TurnServerSchema).readonly()),
-    /** Toggle a provider's enabled flag. */
-    setProviderEnabled: method(
-      object({ addonId: string(), enabled: boolean() }),
-      object({ success: literal(true) }),
-      { kind: "mutation", auth: "admin" }
-    )
-  }
-});
 const SnapshotImageSchema = object({
   base64: string(),
   contentType: string()
@@ -11942,7 +11816,7 @@ const AllowedAddressesSchema = object({
     )
   }
 });
-const MeshEndpointSchema$1 = object({
+const MeshEndpointSchema = object({
   /** Stable identifier within the provider (e.g. `mesh-ipv4`, `magicdns`, `funnel`). */
   id: string(),
   /** Operator-facing label (e.g. "Mesh IPv4", "MagicDNS"). */
@@ -12015,7 +11889,7 @@ const MeshStatusSchema = object({
   /** Number of peers visible to this host (excluding self). */
   peerCount: number(),
   /** Every endpoint this provider exposes for the current host. */
-  endpoints: array(MeshEndpointSchema$1).readonly(),
+  endpoints: array(MeshEndpointSchema).readonly(),
   /** Last error from the daemon, when not joined. */
   error: string().optional(),
   // ── Account / tenant identity (generic across providers) ────────
@@ -12178,105 +12052,6 @@ const MeshStatusSchema = object({
     // tabs driven by this cap.
   }
 });
-const MeshEndpointSchema = object({
-  id: string(),
-  label: string(),
-  scope: _enum(["mesh", "public"]),
-  url: string(),
-  hostname: string(),
-  port: number(),
-  protocol: _enum(["http", "https"])
-});
-const MeshProviderInfoSchema = object({
-  /** Stable id matching the addon id. */
-  addonId: string(),
-  /** Display label shown on the admin row — sourced from the addon manifest. */
-  displayName: string(),
-  /** True when the host is joined to this provider's mesh. */
-  joined: boolean(),
-  /** Local mesh IP (empty when not joined). */
-  meshIp: string(),
-  /** MagicDNS / mesh hostname (empty when not configured). */
-  magicDnsHostname: string(),
-  /** Peer count (excluding self). */
-  peerCount: number(),
-  /** Active endpoints (mesh IP + MagicDNS + optional public Funnel). */
-  endpoints: array(MeshEndpointSchema).readonly(),
-  /** Last error reported by the provider. */
-  error: string().optional(),
-  // ── Generic identity fields mirrored from MeshStatus ─────────────
-  /** Tenant / tailnet / network display name. Empty pre-join. */
-  tenantName: string(),
-  /** Mesh DNS suffix (e.g. tailXXXX.ts.net). Empty when not configured. */
-  magicDnsSuffix: string(),
-  /** Authenticated user / account login. Null for token-only providers. */
-  userLogin: string().nullable(),
-  /** Provider control-plane URL. */
-  controlPlaneUrl: string(),
-  /** Machine-key expiry (epoch ms). Null when keys don't rotate. */
-  keyExpiry: number().nullable()
-});
-({
-  methods: {
-    /** All registered mesh-network providers + live status. */
-    listProviders: method(_void(), array(MeshProviderInfoSchema).readonly()),
-    /**
-     * Join the mesh of a specific provider. Per-provider config still
-     * lives on its settings panel; the orchestrator forwards.
-     */
-    joinProvider: method(
-      object({
-        addonId: string(),
-        authKey: string().min(8),
-        hostname: string().optional()
-      }),
-      object({ joined: literal(true) }),
-      { kind: "mutation" }
-    ),
-    leaveProvider: method(
-      object({ addonId: string() }),
-      object({ success: literal(true) }),
-      { kind: "mutation" }
-    ),
-    /**
-     * Browser-redirect login flow. Forwards to the named provider's
-     * `mesh-network.startLogin` and returns the URL the daemon
-     * prints. UI opens it in a new tab, then polls `listProviders`
-     * for `joined: true`.
-     */
-    startLoginProvider: method(
-      object({
-        addonId: string(),
-        hostname: string().optional()
-      }),
-      object({ loginUrl: string() }),
-      { kind: "mutation" }
-    ),
-    /**
-     * Sign out of the provider's account entirely (`mesh-network.logout`).
-     * Distinct from `leaveProvider` which only takes the host off-mesh;
-     * `logoutProvider` wipes credentials so the next start requires a
-     * fresh login.
-     */
-    logoutProvider: method(
-      object({ addonId: string() }),
-      object({ loggedOut: literal(true) }),
-      { kind: "mutation" }
-    ),
-    /**
-     * Per-provider peer list. Forwards to `mesh-network.listPeers` on
-     * the addressed provider. Separate from `listProviders` because
-     * peer payloads can be large on a heavily-populated tailnet —
-     * fetch only when the operator opens the Peers tab.
-     */
-    listProviderPeers: method(
-      object({ addonId: string() }),
-      object({
-        peers: array(MeshPeerSchema).readonly()
-      })
-    )
-  }
-});
 const MethodAccessSchema = _enum(["view", "create", "delete"]);
 const AllowedProviderSchema = union([literal("*"), array(string())]);
 const AllowedDevicesSchema = record(string(), union([literal("*"), array(string())]));
@@ -13146,6 +12921,29 @@ const CustomActionInputSchema = object({
         isActive: boolean()
       })).readonly()
     ),
+    /**
+     * Toggle a single collection-cap provider on/off. Generic write-side
+     * counterpart of `listCapabilityProviders` — drives the per-provider
+     * Enable/Disable affordance in admin pages (TURN servers, etc.)
+     * without needing a bespoke orchestrator cap.
+     *
+     * Reaches the hub's `CapabilityRegistry` directly:
+     * `enableCollectionProvider` / `disableCollectionProvider` flip the
+     * registry-level `disabledProviders` set. `getCollectionEntries`
+     * already filters disabled providers out, so a disabled provider
+     * drops out of every collection aggregate immediately. Only valid
+     * for `mode: 'collection'` caps — the registry no-ops + warns for
+     * singletons.
+     */
+    setCapabilityProviderEnabled: method(
+      object({
+        capName: string().min(1),
+        addonId: string().min(1),
+        enabled: boolean()
+      }),
+      object({ success: literal(true) }),
+      { kind: "mutation", auth: "admin" }
+    ),
     /**
      * Live-update one of the framework packages marked
      * `camstack.system: true` (`@camstack/types|kernel|core|sdk|ui-library`).