@celilo/cli 0.1.4 → 0.1.6

package/src/cli/commands/module-import.ts

@@ -2,42 +2,51 @@
  * Module import command
  */
 
-import { resolve } from 'node:path';
+import { unlink } from 'node:fs/promises';
+import { tmpdir } from 'node:os';
+import { join, resolve } from 'node:path';
 import { getModuleStoragePath, shortenPath } from '../../config/paths';
 import { getDb } from '../../db/client';
 import { importModule } from '../../module/import';
-import { getArg, getFlag, validateRequiredArgs } from '../parser';
+import { RegistryClient } from '../../registry/client';
+import { getArg, getFlag } from '../parser';
 import type { CommandResult } from '../types';
 import { generateTypesForImportedModule } from './module-types';
 
+const USAGE = `Usage:
+  celilo module import file <path>              Import from local filesystem
+  celilo module import public-registry <name>   Import from celilo.computer registry`;
+
 /**
  * Handle module import command
  *
- * Usage: celilo module import <path> [--target <path>]
- *
- * @param args - Command arguments
- * @param flags - Command flags
- * @returns Command result
+ * Usage: celilo module import file <path> [--target <path>]
+ *        celilo module import public-registry <name>
+ *        celilo module import <path>  (alias for "file", kept for compatibility)
  */
 export async function handleModuleImport(
   args: string[],
   flags: Record<string, string | boolean>,
 ): Promise<CommandResult> {
-  // Validate arguments
-  const error = validateRequiredArgs(args, 1);
-  if (error) {
-    return {
-      success: false,
-      error: `${error}\n\nUsage: celilo module import <path> [--target <path>]`,
-    };
+  const subcommand = getArg(args, 0);
+
+  if (!subcommand) {
+    return { success: false, error: `Subcommand required.\n\n${USAGE}` };
+  }
+
+  if (subcommand === 'public-registry') {
+    const moduleName = getArg(args, 1);
+    if (!moduleName) {
+      return { success: false, error: `Module name required.\n\n${USAGE}` };
+    }
+    return handlePublicRegistryImport(moduleName, flags);
   }
 
-  const sourcePath = getArg(args, 0);
+  // Resolve the source path: "file <path>" or bare "<path>" alias
+  const sourcePath = subcommand === 'file' ? getArg(args, 1) : subcommand;
+
   if (!sourcePath) {
-    return {
-      success: false,
-      error: 'Source path is required',
-    };
+    return { success: false, error: `Path required.\n\n${USAGE}` };
   }
 
   // Resolve paths
@@ -62,9 +71,6 @@ export async function handleModuleImport(
     };
   }
 
-  // Belt-and-suspenders: regenerate the module's celilo/types.d.ts so
-  // the imported module can never have stale types. Non-fatal on error —
-  // a codegen failure should not abort a successful import.
   const typesPath = await generateTypesForImportedModule(result.targetPath);
   const typesMessage = typesPath ? `\nGenerated types: ${shortenPath(typesPath)}` : '';
 
@@ -78,3 +84,81 @@ export async function handleModuleImport(
     },
   };
 }
+
+async function handlePublicRegistryImport(
+  name: string,
+  flags: Record<string, string | boolean>,
+): Promise<CommandResult> {
+  const registryUrl = getFlag(flags, 'registry', '');
+  const client = new RegistryClient(registryUrl || undefined);
+
+  // Look up module in the sparse index
+  let entries: Awaited<ReturnType<typeof client.getIndex>>;
+  try {
+    entries = await client.getIndex(name);
+  } catch (err) {
+    return {
+      success: false,
+      error: `Failed to reach registry: ${err instanceof Error ? err.message : String(err)}`,
+    };
+  }
+
+  if (entries.length === 0) {
+    return { success: false, error: `Module '${name}' not found in registry` };
+  }
+
+  const latest = client.latestVersion(entries);
+  if (!latest) {
+    return { success: false, error: `All versions of '${name}' are yanked` };
+  }
+
+  // Download the .netapp
+  const tmpPath = join(tmpdir(), `${name}-${latest.vers}-${Date.now()}.netapp`);
+  try {
+    const pkgData = await client.download(name, latest.vers);
+    await Bun.write(tmpPath, pkgData);
+  } catch (err) {
+    return {
+      success: false,
+      error: `Download failed: ${err instanceof Error ? err.message : String(err)}`,
+    };
+  }
+
+  try {
+    const targetBasePath = getFlag(flags, 'target', getModuleStoragePath());
+    const resolvedTargetBasePath = resolve(targetBasePath);
+    const importFlags = { ...flags, 'skip-verify': true };
+
+    const db = getDb();
+    const result = await importModule({
+      sourcePath: tmpPath,
+      targetBasePath: resolvedTargetBasePath,
+      db,
+      flags: importFlags,
+    });
+
+    if (!result.success) {
+      return { success: false, error: result.error, details: result.details };
+    }
+
+    const typesPath = await generateTypesForImportedModule(result.targetPath);
+    const typesMessage = typesPath ? `\nGenerated types: ${shortenPath(typesPath)}` : '';
+
+    return {
+      success: true,
+      message: `Imported ${result.moduleId}@${latest.vers}\nFiles: ${shortenPath(result.targetPath)}${typesMessage}`,
+      data: {
+        moduleId: result.moduleId,
+        version: latest.vers,
+        targetPath: result.targetPath,
+        typesPath: typesPath ?? undefined,
+      },
+    };
+  } finally {
+    try {
+      await unlink(tmpPath);
+    } catch {}
+  }
+}
+
+export { handlePublicRegistryImport };

package/src/cli/commands/module-publish.test.ts

@@ -0,0 +1,235 @@
+/**
+ * Tests for handleModulePublish.
+ *
+ * Coverage:
+ *   - Validation error paths (no args, no token, bad --revision)
+ *   - Manifest reading failures
+ *   - Revision auto-detection algorithm
+ *
+ * The full build+publish flow is covered by integration tests. Here we focus
+ * on the logic that runs before buildModule is called, which is where the
+ * most subtle bugs live (revision calculation, version assembly).
+ */
+
+import { afterEach, beforeEach, describe, expect, test } from 'bun:test';
+import { mkdir, rm, writeFile } from 'node:fs/promises';
+import { join } from 'node:path';
+import type { IndexEntry } from '../../registry/client';
+import { handleModulePublish, validateCapabilityVersions } from './module-publish';
+
+const TEST_DIR = `/tmp/test-module-publish-${Date.now()}`;
+
+beforeEach(async () => {
+  await mkdir(TEST_DIR, { recursive: true });
+});
+
+afterEach(async () => {
+  await rm(TEST_DIR, { recursive: true, force: true });
+});
+
+// ── Validation error paths ────────────────────────────────────────────────────
+
+describe('handleModulePublish — validation', () => {
+  test('missing module dir returns usage error', async () => {
+    const result = await handleModulePublish([], {});
+    expect(result.success).toBe(false);
+    if (!result.success) expect(result.error).toContain('Module directory required');
+  });
+
+  test('missing token returns error', async () => {
+    const origToken = process.env.CELILO_PUBLISH_TOKEN;
+    process.env.CELILO_PUBLISH_TOKEN = undefined;
+    try {
+      const result = await handleModulePublish([TEST_DIR], {});
+      expect(result.success).toBe(false);
+      if (!result.success) expect(result.error).toContain('Publish token required');
+    } finally {
+      if (origToken !== undefined) process.env.CELILO_PUBLISH_TOKEN = origToken;
+    }
+  });
+
+  test('--revision 0 is rejected', async () => {
+    const result = await handleModulePublish([TEST_DIR], { token: 'tok', revision: '0' });
+    expect(result.success).toBe(false);
+    if (!result.success) expect(result.error).toContain('--revision must be a positive integer');
+  });
+
+  test('--revision -1 is rejected', async () => {
+    const result = await handleModulePublish([TEST_DIR], { token: 'tok', revision: '-1' });
+    expect(result.success).toBe(false);
+    if (!result.success) expect(result.error).toContain('--revision must be a positive integer');
+  });
+
+  test('--revision non-integer string is rejected', async () => {
+    const result = await handleModulePublish([TEST_DIR], { token: 'tok', revision: 'abc' });
+    expect(result.success).toBe(false);
+    if (!result.success) expect(result.error).toContain('--revision must be a positive integer');
+  });
+});
+
+// ── Manifest reading ──────────────────────────────────────────────────────────
+
+describe('handleModulePublish — manifest reading', () => {
+  test('missing manifest.yml returns error', async () => {
+    const result = await handleModulePublish([TEST_DIR], { token: 'tok', revision: '1' });
+    expect(result.success).toBe(false);
+    if (!result.success) expect(result.error).toContain('Could not read manifest.yml');
+  });
+
+  test('manifest missing id returns error', async () => {
+    await writeFile(join(TEST_DIR, 'manifest.yml'), 'version: "1.0.0"\n');
+    const result = await handleModulePublish([TEST_DIR], { token: 'tok', revision: '1' });
+    expect(result.success).toBe(false);
+    if (!result.success) expect(result.error).toContain('manifest.yml missing id or version');
+  });
+
+  test('manifest missing version returns error', async () => {
+    await writeFile(join(TEST_DIR, 'manifest.yml'), 'id: my-module\n');
+    const result = await handleModulePublish([TEST_DIR], { token: 'tok', revision: '1' });
+    expect(result.success).toBe(false);
+    if (!result.success) expect(result.error).toContain('manifest.yml missing id or version');
+  });
+});
+
+// ── Revision auto-detection algorithm ────────────────────────────────────────
+//
+// This mirrors the exact logic in handleModulePublish. Tested here as a pure
+// function so regressions are caught without needing a running registry.
+
+function computeNextRevision(entries: IndexEntry[], baseVersion: string): number {
+  const existingRevs = entries
+    .filter((e) => e.vers.startsWith(`${baseVersion}+`))
+    .map((e) => Number(e.vers.split('+')[1]))
+    .filter((n) => Number.isInteger(n));
+  return existingRevs.length > 0 ? Math.max(...existingRevs) + 1 : 1;
+}
+
+function entry(vers: string): IndexEntry {
+  return { name: 'test', vers, deps: [], cksum: '', yanked: false };
+}
+
+describe('revision auto-detection algorithm', () => {
+  test('no existing entries → revision 1', () => {
+    expect(computeNextRevision([], '1.0.0')).toBe(1);
+  });
+
+  test('one existing entry → revision 2', () => {
+    expect(computeNextRevision([entry('1.0.0+1')], '1.0.0')).toBe(2);
+  });
+
+  test('multiple entries → max + 1', () => {
+    const entries = [entry('1.0.0+1'), entry('1.0.0+3'), entry('1.0.0+2')];
+    expect(computeNextRevision(entries, '1.0.0')).toBe(4);
+  });
+
+  test('entries for different base version are ignored', () => {
+    const entries = [entry('1.0.0+1'), entry('1.0.0+2'), entry('2.0.0+1')];
+    expect(computeNextRevision(entries, '2.0.0')).toBe(2);
+  });
+
+  test('entries for different base version produce revision 1 for new base', () => {
+    const entries = [entry('1.0.0+1'), entry('1.0.0+2')];
+    expect(computeNextRevision(entries, '2.0.0')).toBe(1);
+  });
+
+  test('non-integer revision suffix is ignored', () => {
+    const entries = [entry('1.0.0+bad'), entry('1.0.0+2')];
+    expect(computeNextRevision(entries, '1.0.0')).toBe(3);
+  });
+
+  test('yanked entries still count toward revision numbering', () => {
+    // Revision numbers are global — yanked versions still occupy their slot
+    const entries = [entry('1.0.0+1'), entry('1.0.0+2')];
+    expect(computeNextRevision(entries, '1.0.0')).toBe(3);
+  });
+});
+
+// ── Strict-publish: capability version validation (CELILO_UPDATE D4) ──────────
+//
+// Manifest-claimed versions for known capabilities must match the framework's
+// runtime registry; mismatches refuse the publish.
+
+describe('validateCapabilityVersions', () => {
+  test('no errors when no capabilities are declared', () => {
+    expect(validateCapabilityVersions({ id: 'x', version: '1.0.0' })).toEqual([]);
+  });
+
+  test('no errors when provides matches the runtime registry exactly', () => {
+    expect(
+      validateCapabilityVersions({
+        id: 'caddy',
+        version: '3.0.0',
+        provides: { capabilities: [{ name: 'public_web', version: '3.0.0' }] },
+      }),
+    ).toEqual([]);
+  });
+
+  test('error when provides[X].version differs from runtime', () => {
+    // The runtime is set to 3.0.0 for public_web; claiming 1.0.0 is a bug.
+    const errors = validateCapabilityVersions({
+      id: 'caddy',
+      version: '1.0.0',
+      provides: { capabilities: [{ name: 'public_web', version: '1.0.0' }] },
+    });
+    expect(errors).toHaveLength(1);
+    expect(errors[0]).toContain('provides[public_web]');
+    expect(errors[0]).toContain('1.0.0');
+    expect(errors[0]).toContain('3.0.0');
+  });
+
+  test('error when provides[X].version is newer than runtime', () => {
+    const errors = validateCapabilityVersions({
+      id: 'caddy',
+      version: '4.0.0',
+      provides: { capabilities: [{ name: 'public_web', version: '4.0.0' }] },
+    });
+    expect(errors).toHaveLength(1);
+    expect(errors[0]).toContain('provides[public_web]');
+  });
+
+  test('skips capabilities not in the framework registry (third-party)', () => {
+    expect(
+      validateCapabilityVersions({
+        id: 'odd',
+        version: '1.0.0',
+        provides: { capabilities: [{ name: 'custom_metric', version: '99.0.0' }] },
+      }),
+    ).toEqual([]);
+  });
+
+  test('error when requires[X].version is a higher major than runtime', () => {
+    // Framework can't satisfy a requirement it doesn't know about.
+    const errors = validateCapabilityVersions({
+      id: 'lunacycle',
+      version: '1.0.0',
+      requires: { capabilities: [{ name: 'idp', version: '2.0.0' }] },
+    });
+    expect(errors).toHaveLength(1);
+    expect(errors[0]).toContain('requires[idp]');
+  });
+
+  test('no error when requires[X].version is at most the runtime version', () => {
+    // dns_registrar runtime is 4.0.0; consumer requiring 4.0.0 is fine.
+    expect(
+      validateCapabilityVersions({
+        id: 'caddy',
+        version: '1.0.0',
+        requires: { capabilities: [{ name: 'dns_registrar', version: '4.0.0' }] },
+      }),
+    ).toEqual([]);
+  });
+
+  test('reports multiple errors at once', () => {
+    const errors = validateCapabilityVersions({
+      id: 'broken',
+      version: '1.0.0',
+      provides: {
+        capabilities: [
+          { name: 'public_web', version: '99.0.0' },
+          { name: 'idp', version: '99.0.0' },
+        ],
+      },
+    });
+    expect(errors).toHaveLength(2);
+  });
+});

package/src/cli/commands/module-publish.ts

@@ -0,0 +1,234 @@
+/**
+ * Module publish command — build and publish a module to the registry.
+ *
+ * Usage: celilo module publish <module-dir> --token <token>
+ *                              [--registry <url>] [--revision <n>]
+ *                              [--message "release note"] [--allow-dirty]
+ *
+ * The --token flag (or CELILO_PUBLISH_TOKEN env var) must contain a valid
+ * publish token configured on the registry server.
+ *
+ * Per CELILO_UPDATE D4 (strict-publish) the manifest's capability
+ * versions are validated against `CAPABILITY_CONTRACT_VERSIONS` from
+ * `@celilo/capabilities` before any build work; a mismatch refuses
+ * the publish so a stale manifest can't ship code that doesn't match
+ * its claimed contract.
+ *
+ * Per CELILO_UPDATE D5, every published .netapp carries a
+ * `release.json` with git SHA / branch / dirty flag / publish
+ * timestamp / CLI version / optional --message.
+ */
+
+import { rm } from 'node:fs/promises';
+import { readFile } from 'node:fs/promises';
+import { tmpdir } from 'node:os';
+import { join, resolve } from 'node:path';
+import {
+  CAPABILITY_CONTRACT_VERSIONS,
+  type KnownCapabilityName,
+  compareProviderToRuntime,
+} from '@celilo/capabilities';
+import { parse as parseYaml } from 'yaml';
+import { buildModule } from '../../module/packaging/build';
+import {
+  buildReleaseMetadata,
+  collectGitInfo,
+  makeRealGitRunner,
+  readInstalledCliVersion,
+} from '../../module/packaging/release-metadata';
+import { RegistryClient } from '../../registry/client';
+import { getArg, getFlag, hasFlag } from '../parser';
+import type { CommandResult } from '../types';
+
+interface ManifestCapabilityClaim {
+  name: string;
+  version: string;
+}
+
+interface ManifestForPublish {
+  id: string;
+  version: string;
+  provides?: { capabilities?: ManifestCapabilityClaim[] };
+  requires?: { capabilities?: ManifestCapabilityClaim[] };
+}
+
+function isKnownCapability(name: string): name is KnownCapabilityName {
+  return name in CAPABILITY_CONTRACT_VERSIONS;
+}
+
+/**
+ * Strict-publish: every `provides[X].version` must match the framework's
+ * runtime registry; every `requires[X].version` must be at most the
+ * framework's runtime version (consumers can require older minors of
+ * still-supported majors).
+ *
+ * Exported for testing.
+ */
+export function validateCapabilityVersions(manifest: ManifestForPublish): string[] {
+  const errors: string[] = [];
+
+  for (const p of manifest.provides?.capabilities ?? []) {
+    if (!isKnownCapability(p.name)) continue;
+    const runtime = CAPABILITY_CONTRACT_VERSIONS[p.name];
+    const r = compareProviderToRuntime(p.version, runtime);
+    if (!r.compatible) {
+      errors.push(
+        `provides[${p.name}].version is ${p.version} but framework registry is ${runtime} ` +
+          `(${r.reason}). Update the manifest, then retry.`,
+      );
+    }
+  }
+
+  for (const need of manifest.requires?.capabilities ?? []) {
+    if (!isKnownCapability(need.name)) continue;
+    const runtime = CAPABILITY_CONTRACT_VERSIONS[need.name];
+    // Treat the runtime as the de-facto provider for publish-time validation:
+    // if a consumer's manifest claims it requires a contract newer than the
+    // framework even has registered, no in-tree provider can satisfy it.
+    const r = compareProviderToRuntime(need.version, runtime);
+    if (!r.compatible && r.reason === 'major_mismatch_higher') {
+      errors.push(
+        `requires[${need.name}].version is ${need.version} but framework registry is ${runtime}. Bump the framework before publishing, or lower the manifest version.`,
+      );
+    }
+  }
+
+  return errors;
+}
+
+export async function handleModulePublish(
+  args: string[],
+  flags: Record<string, string | boolean>,
+): Promise<CommandResult> {
+  const moduleDir = getArg(args, 0);
+  if (!moduleDir) {
+    return {
+      success: false,
+      error:
+        'Module directory required\n\nUsage: celilo module publish <module-dir> --token <token>',
+    };
+  }
+
+  const token = getFlag(flags, 'token', '') || process.env.CELILO_PUBLISH_TOKEN || '';
+  if (!token) {
+    return {
+      success: false,
+      error: 'Publish token required — pass --token <token> or set CELILO_PUBLISH_TOKEN',
+    };
+  }
+
+  const registryUrl = getFlag(flags, 'registry', '');
+  const revisionOverride = getFlag(flags, 'revision', '');
+  const message = getFlag(flags, 'message', '') || null;
+  const allowDirty = hasFlag(flags, 'allow-dirty');
+
+  if (revisionOverride) {
+    const parsed = Number(revisionOverride);
+    if (!Number.isInteger(parsed) || parsed < 1) {
+      return { success: false, error: '--revision must be a positive integer' };
+    }
+  }
+
+  const resolvedDir = resolve(moduleDir);
+
+  // Read manifest
+  let manifest: ManifestForPublish;
+  try {
+    const manifestRaw = await readFile(join(resolvedDir, 'manifest.yml'), 'utf-8');
+    manifest = parseYaml(manifestRaw) as ManifestForPublish;
+    if (!manifest.id || !manifest.version) {
+      return { success: false, error: 'manifest.yml missing id or version' };
+    }
+  } catch {
+    return { success: false, error: `Could not read manifest.yml in ${resolvedDir}` };
+  }
+  const name = manifest.id;
+  const baseVersion = manifest.version;
+
+  // Strict-publish: refuse on capability version mismatch (D4).
+  const capErrors = validateCapabilityVersions(manifest);
+  if (capErrors.length > 0) {
+    return {
+      success: false,
+      error: [
+        `Capability version validation failed for ${name}@${baseVersion}:`,
+        ...capErrors.map((e) => `  • ${e}`),
+      ].join('\n'),
+    };
+  }
+
+  // Collect git state. Refuse a dirty tree unless --allow-dirty.
+  const gitInfo = collectGitInfo(resolvedDir, makeRealGitRunner());
+  if (gitInfo.dirty && !allowDirty) {
+    return {
+      success: false,
+      error: [
+        `Working tree at ${resolvedDir} has uncommitted changes.`,
+        'Refusing to publish — commit (or stash) your changes, or pass --allow-dirty to override.',
+      ].join('\n'),
+    };
+  }
+
+  // Determine package revision: --revision flag, or query the registry for next rev
+  let revision: number;
+  if (revisionOverride) {
+    revision = Number(revisionOverride);
+  } else {
+    const client = new RegistryClient(registryUrl || undefined);
+    try {
+      const entries = await client.getIndex(name);
+      const existingRevs = entries
+        .filter((e) => e.vers.startsWith(`${baseVersion}+`))
+        .map((e) => Number(e.vers.split('+')[1]))
+        .filter((n) => Number.isInteger(n));
+      revision = existingRevs.length > 0 ? Math.max(...existingRevs) + 1 : 1;
+    } catch {
+      // Registry unreachable — start at +1
+      revision = 1;
+    }
+  }
+
+  const version = `${baseVersion}+${revision}`;
+
+  // Assemble release metadata for the .netapp.
+  const releaseMetadata = buildReleaseMetadata({
+    moduleId: name,
+    version,
+    git: gitInfo,
+    cliVersion: readInstalledCliVersion(),
+    message,
+  });
+
+  // Build the .netapp into a temp dir
+  const tmpPath = join(tmpdir(), `${name}-${version}-${Date.now()}.netapp`);
+  console.log(`Building ${name}@${version}...`);
+
+  const buildResult = await buildModule({
+    sourceDir: resolvedDir,
+    outputPath: tmpPath,
+    releaseMetadata,
+  });
+  if (!buildResult.success || !buildResult.packagePath) {
+    return { success: false, error: buildResult.error ?? 'Build failed' };
+  }
+
+  // Publish
+  const client = new RegistryClient(registryUrl || undefined);
+  try {
+    console.log(`Publishing ${name}@${version} to ${client.baseUrl}...`);
+    await client.publish({ name, version, netappPath: buildResult.packagePath, token });
+  } catch (err) {
+    return {
+      success: false,
+      error: `Publish failed: ${err instanceof Error ? err.message : String(err)}`,
+    };
+  } finally {
+    await rm(tmpPath, { force: true });
+  }
+
+  return {
+    success: true,
+    message: `Published ${name}@${version}${message ? ` — "${message}"` : ''}`,
+    data: { name, version, releaseMetadata },
+  };
+}