@celilo/cli 0.3.30 → 0.4.0-alpha.1

package/src/cli/backup-rename.test.ts

@@ -0,0 +1,95 @@
+/**
+ * Verifies the CLI rename from `celilo backup create <module>` to
+ * `celilo module backup <module>`:
+ *  - The new shape routes to the same handler.
+ *  - The legacy shape still works but prints a deprecation banner.
+ *  - The banner is silenced by CELILO_SUPPRESS_DEPRECATION=1.
+ *
+ * Doesn't invoke a real backup — both routes resolve to handleBackupCreate
+ * which fails when there's no module record / no storage. That failure path
+ * proves routing landed at the right handler.
+ */
+
+import { afterEach, beforeEach, describe, expect, test } from 'bun:test';
+import { mkdtempSync, rmSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import { closeDb } from '../db/client';
+import { runMigrations } from '../db/migrate';
+import { runCli } from './index';
+
+describe('celilo module backup (renamed surface)', () => {
+  let dir: string;
+  let warnSpy: ((...args: unknown[]) => void) | null = null;
+  let warnings: string[] = [];
+
+  beforeEach(async () => {
+    dir = mkdtempSync(join(tmpdir(), 'celilo-rename-test-'));
+    process.env.CELILO_DB_PATH = join(dir, 'celilo.db');
+    process.env.CELILO_MASTER_KEY_PATH = join(dir, 'master.key');
+    process.env.CELILO_SUPPRESS_DEPRECATION = undefined;
+    await runMigrations(process.env.CELILO_DB_PATH);
+
+    warnings = [];
+    warnSpy = (...args: unknown[]) => {
+      warnings.push(args.map(String).join(' '));
+    };
+    const realWarn = console.warn;
+    console.warn = warnSpy as typeof console.warn;
+    // Restore via afterEach by holding the original in a closure.
+    (warnSpy as unknown as { __restore: () => void }).__restore = () => {
+      console.warn = realWarn;
+    };
+  });
+
+  afterEach(() => {
+    if (warnSpy) {
+      (warnSpy as unknown as { __restore: () => void }).__restore();
+      warnSpy = null;
+    }
+    closeDb();
+    process.env.CELILO_DB_PATH = undefined;
+    process.env.CELILO_MASTER_KEY_PATH = undefined;
+    process.env.CELILO_SUPPRESS_DEPRECATION = undefined;
+    try {
+      rmSync(dir, { recursive: true, force: true });
+    } catch {
+      /* ignore */
+    }
+  });
+
+  test('celilo module backup <id> routes to the backup-create handler', async () => {
+    const result = await runCli(['node', 'celilo', 'module', 'backup', 'no-such-module']);
+    // Module doesn't exist → handler returns an error. Routing reached the
+    // handler if we get THAT error (rather than "Unknown module subcommand").
+    expect(result.success).toBe(false);
+    const err = result.success ? '' : (result.error ?? '');
+    expect(err).not.toContain('Unknown module subcommand');
+    // No deprecation banner on the canonical surface.
+    expect(warnings.join('\n')).not.toContain('deprecated');
+  });
+
+  test('celilo backup create <id> still works AND prints a deprecation banner', async () => {
+    const result = await runCli(['node', 'celilo', 'backup', 'create', 'no-such-module']);
+    // Reaches the same handler (same failure mode as the canonical route).
+    expect(result.success).toBe(false);
+    const err = result.success ? '' : (result.error ?? '');
+    expect(err).not.toContain('Unknown');
+    // Banner present, points at the canonical command.
+    const banner = warnings.find((w) => w.includes('deprecated'));
+    expect(banner).toBeDefined();
+    expect(banner ?? '').toContain('celilo module backup no-such-module');
+  });
+
+  test('CELILO_SUPPRESS_DEPRECATION=1 silences the deprecation banner', async () => {
+    process.env.CELILO_SUPPRESS_DEPRECATION = '1';
+    await runCli(['node', 'celilo', 'backup', 'create', 'no-such-module']);
+    expect(warnings.join('\n')).not.toContain('deprecated');
+  });
+
+  test('celilo backup list still routes (only create was renamed)', async () => {
+    const result = await runCli(['node', 'celilo', 'backup', 'list']);
+    // Empty DB → empty list, success.
+    expect(result.success).toBe(true);
+  });
+});

package/src/cli/cli.test.ts

@@ -7,6 +7,7 @@ import { closeDb, getDb } from '../db/client';
 import { moduleConfigs, modules, secrets } from '../db/schema';
 import { encryptSecret } from '../secrets/encryption';
 import { generateMasterKey, writeMasterKey } from '../secrets/master-key';
+import { upsertModuleConfig } from '../services/module-config';
 import { runCli } from './index';
 
 const TEST_DB_PATH = `./test-cli-${Date.now()}-${Math.random()}.db`;
@@ -103,15 +104,16 @@ id: test-module
 name: Test Module
 version: 1.0.0
 description: Test module for CLI
-
-secrets:
-  declares:
-    - name: api_key
-      type: string
-      required: true
-      description: Test API key
 `,
     );
+    // NOTE: the manifest file deliberately does NOT declare any required
+    // secrets. The secret-set tests below construct their own manifest_data
+    // JSON in their inner beforeEach (read by handleSecretSet from
+    // module.manifestData), so they don't depend on this file. The
+    // module-generate test, however, reads the FILE manifest via
+    // loadInstalledManifest in services/config-interview.ts — if any
+    // required secret is declared here, generate fails on the
+    // non-interactive-and-no-responder probe.
 
     // Create master key for secret tests
     const masterKey = generateMasterKey();
@@ -298,9 +300,7 @@ secrets:
     test('should update existing config value', async () => {
       const db = getDb();
       // Set initial value
-      db.insert(moduleConfigs)
-        .values({ moduleId: 'test-module', key: 'hostname', value: 'oldhost' })
-        .run();
+      upsertModuleConfig(db, 'test-module', 'hostname', 'oldhost');
 
       const result = await runCli([
         'node',
@@ -363,9 +363,7 @@ secrets:
 
     test('should get specific config value', async () => {
       const db = getDb();
-      db.insert(moduleConfigs)
-        .values({ moduleId: 'test-module', key: 'hostname', value: 'myhost' })
-        .run();
+      upsertModuleConfig(db, 'test-module', 'hostname', 'myhost');
 
       const result = await runCli([
         'node',
@@ -384,12 +382,8 @@ secrets:
 
     test('should get all config values', async () => {
       const db = getDb();
-      db.insert(moduleConfigs)
-        .values([
-          { moduleId: 'test-module', key: 'hostname', value: 'myhost' },
-          { moduleId: 'test-module', key: 'ip', value: '192.168.0.50' },
-        ])
-        .run();
+      upsertModuleConfig(db, 'test-module', 'hostname', 'myhost');
+      upsertModuleConfig(db, 'test-module', 'ip', '192.168.0.50');
 
       const result = await runCli(['node', 'celilo', 'module', 'config', 'get', 'test-module']);
 
@@ -579,7 +573,9 @@ secrets:
 
       expect(result.success).toBe(false);
       if (result.success) return;
-      expect(result.error).toContain('Subcommand required');
+      // `module import` now takes a positional (name or path), so the error
+      // names what's missing rather than "subcommand required".
+      expect(result.error).toContain('Module name or path required');
     });
 
     test('should error on non-existent path', async () => {
@@ -614,9 +610,7 @@ secrets:
       );
 
       // Add config
-      db.insert(moduleConfigs)
-        .values({ moduleId: 'test-module', key: 'hostname', value: 'testhost' })
-        .run();
+      upsertModuleConfig(db, 'test-module', 'hostname', 'testhost');
 
       // Create template directory
       await mkdir(join(TEST_MODULE_DIR, 'terraform'), { recursive: true });

package/src/cli/command-registry.ts

@@ -249,6 +249,62 @@ export const COMMANDS: CommandDef[] = [
       },
     ],
   },
+  {
+    name: 'publish',
+    description:
+      'Publish workspace packages to npm, bump consumer pins, refresh global install, and ship modules to celilo.computer',
+    flags: [
+      {
+        name: 'dry-run',
+        description: 'Preflight report only — no publishing, no file changes',
+        takesValue: false,
+      },
+      {
+        name: 'release-touch',
+        description: 'Auto-touch drifted module manifests with a fresh release marker, then exit',
+        takesValue: false,
+      },
+      {
+        name: 'allow-stale',
+        description: 'Bypass workspace and module stale-version safeguards',
+        takesValue: false,
+      },
+      {
+        name: 'yes',
+        description: 'Auto-confirm every prompt (also -y). Does NOT bypass safety gates.',
+        takesValue: false,
+      },
+      {
+        name: 'alpha',
+        description: 'Publish X.Y.Z-alpha.N to npm @alpha dist-tag (consumer-first iteration mode)',
+        takesValue: false,
+      },
+      {
+        name: 'track-alpha',
+        description:
+          'Force-pin just-published alphas into the bun global install (requires --alpha)',
+        takesValue: false,
+      },
+      {
+        name: 'alpha-modules',
+        description:
+          'Also publish module +N revisions in alpha mode (requires --alpha; default skips Phase 4)',
+        takesValue: false,
+      },
+      {
+        name: 'promote',
+        description:
+          'Graduate a named alpha to its base X.Y.Z (e.g. --promote @celilo/e2e@0.7.14-alpha.3)',
+        takesValue: true,
+      },
+      {
+        name: 'skip-changesets',
+        description:
+          'Skip the pending-changesets prompt; publish current package.json versions as-is',
+        takesValue: false,
+      },
+    ],
+  },
   {
     name: 'module',
     description: 'Manage modules (import, generate, configure)',
@@ -286,6 +342,12 @@ export const COMMANDS: CommandDef[] = [
             description: 'Skip package signature verification',
             takesValue: false,
           },
+          {
+            name: 'accept-aspects',
+            description:
+              'Auto-approve any base-module aspect declared by the imported module (non-interactive contexts; CI; e2e)',
+            takesValue: false,
+          },
         ],
       },
       { name: 'list', description: 'List all installed modules' },
@@ -512,6 +574,31 @@ export const COMMANDS: CommandDef[] = [
           },
         ],
       },
+      {
+        name: 'backup',
+        description: "Create a backup of a module's data (invokes its on_backup hook)",
+        args: [
+          {
+            name: 'module-id',
+            description: 'Module ID (optional, backs up all if omitted)',
+            completion: 'module_ids',
+          },
+        ],
+        flags: [
+          { name: 'force', description: 'Ignore schedule, back up now', takesValue: false },
+          {
+            name: 'now',
+            description: 'Ignore schedule, back up now (alias for --force)',
+            takesValue: false,
+          },
+          { name: 'storage', description: 'Storage destination ID', takesValue: true },
+          {
+            name: 'no-interactive',
+            description: 'Non-interactive mode (for cron)',
+            takesValue: false,
+          },
+        ],
+      },
     ],
   },
   {
@@ -637,6 +724,12 @@ export const COMMANDS: CommandDef[] = [
             description: 'Earmark machine for a specific module',
             takesValue: true,
           },
+          {
+            name: 'local',
+            description:
+              'This box itself — deploy over Ansible local connection (no SSH/key). Implied by ip 127.0.0.1.',
+            takesValue: false,
+          },
         ],
       },
       {
@@ -696,6 +789,25 @@ export const COMMANDS: CommandDef[] = [
           },
         ],
       },
+      {
+        name: 'apply-config',
+        description:
+          'Headless write of <key=value> overrides to systemConfig (for hooks / automation; no prompts, no guidance)',
+        args: [
+          {
+            name: 'overrides',
+            description: 'Config overrides as <key=value> positionals',
+            variadic: true,
+          },
+        ],
+        flags: [
+          {
+            name: 'from-stdin',
+            description: 'Read a JSON map of overrides from stdin instead of positional args',
+            takesValue: false,
+          },
+        ],
+      },
       {
         name: 'config',
         description: 'Get or set system configuration',
@@ -882,6 +994,75 @@ export const COMMANDS: CommandDef[] = [
       },
     ],
   },
+  {
+    name: 'subscribers',
+    description: 'Manage build-bus subscribers (cross-machine publish-event delivery)',
+    subcommands: [
+      {
+        name: 'list',
+        description: 'Show registered build-bus subscribers',
+      },
+      {
+        name: 'add',
+        description: 'Add a build-bus subscriber',
+        args: [{ name: 'url', description: 'Subscriber webhook URL (https://...)' }],
+        flags: [
+          { name: 'secret', description: 'Per-subscriber HMAC secret', takesValue: true },
+          { name: 'name', description: 'Human-readable label', takesValue: true },
+          {
+            name: 'registry',
+            description:
+              'Filter: deliver only events from this registry (e.g. npm, celilo-registry)',
+            takesValue: true,
+          },
+          {
+            name: 'tag',
+            description: 'Filter: deliver only events with this dist-tag (e.g. latest, alpha)',
+            takesValue: true,
+          },
+          {
+            name: 'package-pattern',
+            description:
+              'Filter: deliver only events whose package name matches this glob (e.g. @celilo/*)',
+            takesValue: true,
+          },
+        ],
+      },
+      {
+        name: 'remove',
+        description: 'Remove a subscriber by URL',
+        args: [{ name: 'url', description: 'Subscriber webhook URL to remove' }],
+      },
+      {
+        name: 'test',
+        description: 'Fire a synthetic event at a subscriber and report the delivery outcome',
+        args: [{ name: 'url', description: 'Subscriber webhook URL to test' }],
+      },
+      {
+        name: 'serve',
+        description:
+          'Run the build-bus HTTP receiver daemon (verifies signed webhooks, emits to local bus, dispatches module hooks)',
+        flags: [
+          { name: 'port', description: 'TCP port to listen on (default 8123)', takesValue: true },
+          {
+            name: 'secret',
+            description: 'Shared HMAC secret incoming webhooks must sign with',
+            takesValue: true,
+          },
+          {
+            name: 'no-dispatch',
+            description: 'Skip the in-process hook dispatcher (receiver-only mode)',
+            takesValue: false,
+          },
+        ],
+      },
+      {
+        name: 'status',
+        description:
+          'Per-subscriber delivery history (success rate, last delivery, recent failures)',
+      },
+    ],
+  },
   {
     name: 'storage',
     description: 'Manage backup storage destinations',
@@ -1031,6 +1212,24 @@ export const COMMANDS: CommandDef[] = [
       },
     ],
   },
+  {
+    name: 'restore',
+    description: 'Restore a celilo-mgmt backup from a local artifact file (fresh-bootstrap path)',
+    args: [
+      {
+        name: 'artifact-path',
+        description: 'Path to the .backup file (also accepted via --from)',
+      },
+    ],
+    flags: [
+      { name: 'from', description: 'Path to the .backup file', takesValue: true },
+      {
+        name: 'force',
+        description: 'Override non-destructive pre-flight (clobbers existing state)',
+        takesValue: false,
+      },
+    ],
+  },
   {
     name: 'completion',
     description: 'Generate shell completion scripts',

package/src/cli/commands/backup-list.ts

@@ -99,7 +99,7 @@ export async function handleBackupList(
     if (backupList.length === 0) {
       console.log('No backups found.\n');
       console.log('Create a backup:');
-      console.log('  celilo backup create');
+      console.log('  celilo module backup <module-id>');
       return { success: true, message: 'No backups found' };
     }
 

package/src/cli/commands/events.ts

@@ -26,7 +26,14 @@ import {
   recoverFromCrash,
   runDispatcher,
 } from '@celilo/event-bus';
+import { eq } from 'drizzle-orm';
 import { getEventBusPath, shortenPath } from '../../config/paths';
+import { getDb } from '../../db/client';
+import { modules } from '../../db/schema';
+import { createConsoleLogger } from '../../hooks/logger';
+import { runNamedHook } from '../../hooks/run-named-hook';
+import type { HookName } from '../../hooks/types';
+import type { ModuleManifest } from '../../manifest/schema';
 import { installDaemon, readInstalledUnit, uninstallDaemon } from '../../services/events-daemon';
 import { getArg, hasFlag } from '../parser';
 import type { CommandResult } from '../types';
@@ -54,6 +61,95 @@ export async function handleEventsStatus(): Promise<CommandResult> {
   }
 }
 
+/** camelCase → snake_case for every key (payloads are camelCase; hook inputs snake_case). */
+function snakeCaseKeys(obj: Record<string, unknown>): Record<string, unknown> {
+  const out: Record<string, unknown> = {};
+  for (const [k, v] of Object.entries(obj)) {
+    out[k.replace(/[A-Z]/g, (m) => `_${m.toLowerCase()}`)] = v;
+  }
+  return out;
+}
+
+/**
+ * `celilo events run-hook <module> <sub-name> [<event_id>]` — the generic
+ * runner a `hook:` subscription resolves to (v2/EVENT_DRIVEN_HOOK_SUBSCRIPTIONS.md).
+ *
+ * The dispatcher spawns this as a fault-isolated subprocess. It re-reads the
+ * module's manifest to find the named subscription's `hook` + `hook_inputs`,
+ * assembles the hook inputs as `{ ...hook_inputs, ...snakeCase(eventPayload) }`,
+ * and runs the hook through the normal backend executor (config + decrypted
+ * secrets + the module's own capabilities injected). It is dumb pass-through —
+ * it knows nothing about DNS or any specific event type.
+ */
+export async function handleEventsRunHook(args: string[]): Promise<CommandResult> {
+  const moduleId = args[0];
+  const subName = args[1];
+  // Event id: an explicit 3rd arg wins, else the dispatcher's $EVENT_ID.
+  const idStr = args[2] ?? process.env.EVENT_ID;
+  if (!moduleId || !subName) {
+    return {
+      success: false,
+      error: 'usage: celilo events run-hook <module> <sub-name> [<event_id>]',
+    };
+  }
+  const eventId = Number(idStr);
+  if (!idStr || !Number.isInteger(eventId)) {
+    return {
+      success: false,
+      error: 'events run-hook requires an event id (3rd arg or $EVENT_ID)',
+    };
+  }
+
+  const db = getDb();
+  const module = db.select().from(modules).where(eq(modules.id, moduleId)).get();
+  if (!module) return { success: false, error: `Module not found: ${moduleId}` };
+
+  const manifest = module.manifestData as ModuleManifest;
+  const sub = (manifest.subscriptions ?? []).find((s) => s.name === subName);
+  if (!sub) {
+    return { success: false, error: `Module '${moduleId}' has no subscription named '${subName}'` };
+  }
+  if (!sub.hook) {
+    return {
+      success: false,
+      error: `Subscription '${subName}' on '${moduleId}' is not a hook subscription`,
+    };
+  }
+
+  const bus = openCliBus();
+  let payload: Record<string, unknown> = {};
+  let eventType: string;
+  try {
+    const event = bus.getEvent(eventId);
+    if (!event) return { success: false, error: `Event ${eventId} not found on the bus` };
+    eventType = event.type;
+    if (event.payload && typeof event.payload === 'object') {
+      payload = event.payload as Record<string, unknown>;
+    }
+  } finally {
+    bus.close();
+  }
+
+  const inputs: Record<string, unknown> = {
+    ...(sub.hook_inputs ?? {}),
+    ...snakeCaseKeys(payload),
+  };
+
+  const logger = createConsoleLogger(moduleId, sub.hook);
+  const result = await runNamedHook(moduleId, sub.hook as HookName, db, logger, { inputs });
+
+  if (result.notDefined) {
+    return { success: false, error: `Module '${moduleId}' declares no '${sub.hook}' hook to run` };
+  }
+  if (!result.success) {
+    return { success: false, error: result.error ?? `hook '${sub.hook}' failed` };
+  }
+  return {
+    success: true,
+    message: `Ran ${moduleId}.${sub.hook} for event ${eventId} (${eventType})`,
+  };
+}
+
 export async function handleEventsTail(
   _args: string[],
   flags: Record<string, string | boolean>,