@cognite/dune 0.3.1 → 0.3.3

package/src/deploy/deploy.ts

@@ -1,8 +1,9 @@
-import fs from "node:fs";
-import { CdfApplicationDeployer } from "./application-deployer";
-import { ApplicationPackager } from "./application-packager";
-import { getSdk } from "./get-sdk";
-import type { App, Deployment } from "./types";
+import fs from 'node:fs';
+
+import { CdfApplicationDeployer } from './application-deployer';
+import { ApplicationPackager } from './application-packager';
+import { getSdk } from './get-sdk';
+import type { App, Deployment } from './types';
 
 export const deploy = async (deployment: Deployment, app: App, folder: string) => {
   // Step 1: Get an SDK instance
@@ -11,7 +12,7 @@ export const deploy = async (deployment: Deployment, app: App, folder: string) =
   // Step 2: Package application (from the dist subdirectory)
   const distPath = `${folder}/dist`;
   const packager = new ApplicationPackager(distPath);
-  const zipFilename = await packager.createZip("app.zip", true);
+  const zipFilename = await packager.createZip('app.zip', true);
 
   // Step 3: Deploy to CDF
   const deployer = new CdfApplicationDeployer(sdk);

package/src/deploy/get-sdk.ts

@@ -1,9 +1,10 @@
-import { CogniteClient } from "@cognite/sdk";
-import { getToken } from "./login";
-import type { Deployment } from "./types";
+import { CogniteClient } from '@cognite/sdk';
+
+import { getToken } from './login';
+import type { Deployment } from './types';
 
 export const getSdk = async (deployment: Deployment, folder: string) => {
-  const token = await getToken(deployment.deployClientId, deployment.deploySecretName);
+  const token = await getToken(deployment);
   const sdk = new CogniteClient({
     appId: folder,
     project: deployment.project,

package/src/deploy/index.ts

@@ -1,9 +1,9 @@
 // Deploy exports for CI/CD and programmatic deployment
-export { deploy } from "./deploy";
-export { CdfApplicationDeployer } from "./application-deployer";
-export { ApplicationPackager } from "./application-packager";
-export { getSdk } from "./get-sdk";
-export { getToken } from "./login";
+export { deploy } from './deploy';
+export { CdfApplicationDeployer } from './application-deployer';
+export { ApplicationPackager } from './application-packager';
+export { getSdk } from './get-sdk';
+export { getToken } from './login';
 
 // Type exports
-export type { Deployment, App } from "./types";
+export type { Deployment, App } from './types';

package/src/deploy/login.test.ts

@@ -0,0 +1,49 @@
+import { describe, expect, it } from "vitest";
+import { extractClusterFromUrl } from "./login";
+
+describe("extractClusterFromUrl", () => {
+  it("extracts cluster name from standard CDF URL", () => {
+    expect(extractClusterFromUrl("https://az-ams-sp-002.cognitedata.com")).toBe(
+      "az-ams-sp-002"
+    );
+  });
+
+  it("extracts cluster name from URL with path", () => {
+    expect(
+      extractClusterFromUrl("https://westeurope-1.cognitedata.com/api/v1")
+    ).toBe("westeurope-1");
+  });
+
+  it("extracts cluster name from greenfield URL", () => {
+    expect(
+      extractClusterFromUrl("https://greenfield.cognitedata.com")
+    ).toBe("greenfield");
+  });
+
+  it("handles URL with port", () => {
+    expect(
+      extractClusterFromUrl("https://az-ams-sp-002.cognitedata.com:443")
+    ).toBe("az-ams-sp-002");
+  });
+
+  it("handles URL without protocol", () => {
+    expect(extractClusterFromUrl("az-ams-sp-002.cognitedata.com")).toBe(
+      "az-ams-sp-002"
+    );
+  });
+
+  it("returns empty string for empty input", () => {
+    expect(extractClusterFromUrl("")).toBe("");
+  });
+
+  it("handles malformed URL gracefully", () => {
+    // Should use fallback string manipulation
+    expect(extractClusterFromUrl("not-a-valid-url")).toBe("not-a-valid-url");
+  });
+
+  it("extracts cluster from http URL", () => {
+    expect(extractClusterFromUrl("http://az-ams-sp-002.cognitedata.com")).toBe(
+      "az-ams-sp-002"
+    );
+  });
+});

package/src/deploy/login.ts

@@ -1,3 +1,5 @@
+import type { Deployment } from "./types";
+
 /**
  * Load secrets from DEPLOYMENT_SECRETS environment variable (JSON)
  */
@@ -13,21 +15,24 @@ const loadSecretsFromEnv = (): Record<string, string> => {
     const normalizedSecrets: Record<string, string> = {};
 
     for (const [key, value] of Object.entries(secrets)) {
-      if (typeof value === "string") {
+      if (typeof value === 'string') {
         // Convert UPPER_CASE to lower-case-with-dashes
-        const normalizedKey = key.toLowerCase().replace(/_/g, "-");
+        const normalizedKey = key.toLowerCase().replace(/_/g, '-');
         normalizedSecrets[normalizedKey] = value;
       }
     }
 
     return normalizedSecrets;
   } catch (error) {
-    console.error("Error parsing DEPLOYMENT_SECRETS:", error);
+    console.error('Error parsing DEPLOYMENT_SECRETS:', error);
     return {};
   }
 };
 
-export const getToken = async (deployClientId: string, deploySecretName: string) => {
+/**
+ * Get the deployment secret from environment variables
+ */
+const getSecretFromEnv = (secretEnvVarName: string): string => {
   let deploySecret: string | undefined;
 
   // First try DEPLOYMENT_SECRET (for matrix-based deployments)
@@ -38,32 +43,150 @@ export const getToken = async (deployClientId: string, deploySecretName: string)
   // Then try to get from DEPLOYMENT_SECRETS JSON
   if (!deploySecret) {
     const secrets = loadSecretsFromEnv();
-    deploySecret = secrets[deploySecretName];
+    deploySecret = secrets[secretEnvVarName];
   }
 
   // Fall back to direct environment variable for local development
   if (!deploySecret) {
-    deploySecret = process.env[deploySecretName];
+    deploySecret = process.env[secretEnvVarName];
   }
 
   if (!deploySecret) {
-    throw new Error(`Deployment secret not found in environment: ${deploySecretName}`);
+    throw new Error(`Secret not found in environment: ${secretEnvVarName}`);
   }
 
-  const header = `Basic ${btoa(`${deployClientId}:${deploySecret}`)}`;
+  return deploySecret;
+};
+
+/**
+ * Extract cluster name from base URL
+ * @param url - Full URL like "https://az-ams-sp-002.cognitedata.com"
+ * @returns Cluster name like "az-ams-sp-002"
+ */
+export const extractClusterFromUrl = (url: string): string => {
+  if (!url) return "";
+
+  try {
+    const urlObj = new URL(url);
+    const hostname = urlObj.hostname;
+    // Remove .cognitedata.com suffix
+    return hostname.replace(/\.cognitedata\.com$/, "");
+  } catch {
+    // Fallback to simple string manipulation
+    let cluster = url.replace(/^https?:\/\//, "");
+    cluster = cluster.split("/")[0]; // Remove path
+    cluster = cluster.split(":")[0]; // Remove port
+    cluster = cluster.replace(/\.cognitedata\.com$/, "");
+    return cluster;
+  }
+};
+
+/**
+ * Get access token using CDF OAuth provider
+ */
+const getTokenCdf = async (
+  clientId: string,
+  clientSecret: string
+): Promise<string> => {
+  const header = `Basic ${btoa(`${clientId}:${clientSecret}`)}`;
   const response = await fetch("https://auth.cognite.com/oauth2/token", {
     method: "POST",
     headers: {
       Authorization: header,
+      'Content-Type': 'application/x-www-form-urlencoded',
+    },
+    body: new URLSearchParams({ grant_type: 'client_credentials' }),
+  });
+
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(
+      `Failed to get token from CDF: ${response.status} ${response.statusText}\n${errorText}`
+    );
+  }
+
+  const data = (await response.json()) satisfies { access_token?: string };
+  if (!data.access_token) {
+    throw new Error("No access token returned from CDF authentication");
+  }
+  return data.access_token;
+};
+
+/**
+ * Get access token using Entra ID (Azure AD) OAuth provider
+ */
+const getTokenEntra = async (
+  clientId: string,
+  clientSecret: string,
+  tenantId: string,
+  baseUrl: string
+): Promise<string> => {
+  if (!baseUrl) {
+    throw new Error(
+      "Entra ID authentication requires 'baseUrl' to be set in deployment configuration"
+    );
+  }
+  const cluster = extractClusterFromUrl(baseUrl);
+  if (!cluster) {
+    throw new Error(
+      `Entra ID authentication requires 'baseUrl' to be a valid CDF URL (e.g., https://cluster.cognitedata.com), got: ${baseUrl}`
+    );
+  }
+
+  const tokenUrl = `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`;
+  const scope = `https://${cluster}.cognitedata.com/.default`;
+
+  const response = await fetch(tokenUrl, {
+    method: "POST",
+    headers: {
       "Content-Type": "application/x-www-form-urlencoded",
     },
-    body: new URLSearchParams({ grant_type: "client_credentials" }),
+    body: new URLSearchParams({
+      client_id: clientId,
+      client_secret: clientSecret,
+      scope: scope,
+      grant_type: "client_credentials",
+    }),
   });
 
   if (!response.ok) {
-    throw new Error(`Failed to get token: ${response.status} ${response.statusText}`);
+    const errorText = await response.text();
+    throw new Error(
+      `Failed to get token from Entra ID: ${response.status} ${response.statusText}\n${errorText}`
+    );
   }
 
-  const data = await response.json();
+  const data = (await response.json()) satisfies { access_token?: string };
+  if (!data.access_token) {
+    throw new Error("No access token returned from Entra ID authentication");
+  }
   return data.access_token;
 };
+
+/**
+ * Get access token for deployment using the appropriate identity provider.
+ * Supports both CDF OAuth and Entra ID (Azure AD) authentication.
+ */
+export const getToken = async (deployment: Deployment): Promise<string> => {
+  const {
+    deployClientId,
+    deploySecretName,
+    idpType = "cdf",
+    tenantId,
+    baseUrl,
+  } = deployment;
+
+  const deploySecret = getSecretFromEnv(deploySecretName);
+
+  if (idpType === "entra_id") {
+    if (!tenantId) {
+      throw new Error(
+        "Entra ID authentication requires 'tenantId' in deployment configuration"
+      );
+    }
+    return getTokenEntra(deployClientId, deploySecret, tenantId, baseUrl);
+  }
+
+  // Default: CDF provider
+  return getTokenCdf(deployClientId, deploySecret);
+};

package/src/deploy/types.ts

@@ -5,6 +5,10 @@ export type Deployment = {
   deployClientId: string;
   deploySecretName: string;
   published: boolean;
+  /** Identity provider type. Defaults to "cdf" if not specified */
+  idpType?: "cdf" | "entra_id";
+  /** Tenant ID for Entra ID authentication. Required when idpType is "entra_id" */
+  tenantId?: string;
 };
 
 export type App = {

package/src/index.ts

@@ -1,2 +1,2 @@
 // Main entry point - re-exports auth for convenience
-export * from "./auth";
+export * from './auth';

package/src/vite/fusion-open-plugin.ts

@@ -1,11 +1,11 @@
-import { exec } from "node:child_process";
-import fs from "node:fs";
-import path from "node:path";
+import { exec } from 'node:child_process';
+import fs from 'node:fs';
+import path from 'node:path';
 
 const openUrl = (url: string) => {
   const start =
-    process.platform === "darwin" ? "open" : process.platform === "win32" ? "start" : "xdg-open";
-  if (process.platform === "win32") {
+    process.platform === 'darwin' ? 'open' : process.platform === 'win32' ? 'start' : 'xdg-open';
+  if (process.platform === 'win32') {
     exec(`start "" "${url}"`);
   } else {
     exec(`${start} "${url}"`);
@@ -17,35 +17,37 @@ interface ViteDevServer {
     address: () => { port: number } | string | null;
     on: (event: string, callback: () => void) => void;
   } | null;
+  printUrls: () => void;
 }
 
 export const fusionOpenPlugin = () => {
   return {
-    name: "fusion-open",
+    name: 'fusion-open',
     configureServer(server: ViteDevServer) {
-      server.httpServer?.on("listening", () => {
+      server.printUrls = () => {
         const address = server.httpServer?.address();
-        const port = address && typeof address === "object" ? address.port : 3001;
+        const port = address && typeof address === 'object' ? address.port : 3001;
 
-        const appJsonPath = path.join(process.cwd(), "app.json");
+        const appJsonPath = path.join(process.cwd(), 'app.json');
         if (fs.existsSync(appJsonPath)) {
           try {
-            const appJson = JSON.parse(fs.readFileSync(appJsonPath, "utf-8"));
+            const appJson = JSON.parse(fs.readFileSync(appJsonPath, 'utf-8'));
             const firstDeployment = appJson.deployments?.[0];
             const { org, project, baseUrl } = firstDeployment || {};
-
-            const parsedBaseUrl = baseUrl?.split("//")[1];
+            const parsedBaseUrl = baseUrl?.split('//')[1];
 
             if (org && project && baseUrl) {
               const fusionUrl = `https://${org}.fusion.cognite.com/${project}/streamlit-apps/dune/development/${port}?cluster=${parsedBaseUrl}&workspace=industrial-tools`;
-
+              console.log(`  ➜  Fusion: ${fusionUrl}`);
               openUrl(fusionUrl);
+              return;
             }
           } catch (error) {
-            console.warn("Failed to read app.json for Fusion URL", error);
+            console.warn('Failed to read app.json for Fusion URL', error);
           }
         }
-      });
+        console.warn('  ➜  No valid app.json found — cannot determine Fusion URL');
+      };
     },
   };
 };

package/src/vite/index.ts

@@ -1,2 +1,2 @@
 // Vite plugin exports
-export { fusionOpenPlugin } from "./fusion-open-plugin";
+export { fusionOpenPlugin } from './fusion-open-plugin';

package/_templates/app/new/config/biome.json.ejs.t

@@ -1,54 +0,0 @@
----
-to: '<%= useCurrentDir ? "" : ((directoryName || name) + "/") %>biome.json'
----
-{
-  "$schema": "https://biomejs.dev/schemas/1.9.4/schema.json",
-  "organizeImports": {
-    "enabled": true
-  },
-  "linter": {
-    "enabled": true,
-    "rules": {
-      "recommended": true,
-      "suspicious": {
-        "noExplicitAny": "off"
-      },
-      "style": {
-        "noNonNullAssertion": "off"
-      },
-      "complexity": {
-        "noForEach": "off"
-      }
-    }
-  },
-  "formatter": {
-    "enabled": true,
-    "indentStyle": "space",
-    "indentWidth": 2,
-    "lineWidth": 100
-  },
-  "javascript": {
-    "formatter": {
-      "quoteStyle": "double",
-      "trailingCommas": "es5",
-      "semicolons": "always"
-    }
-  },
-  "json": {
-    "formatter": {
-      "enabled": true
-    }
-  },
-  "files": {
-    "ignore": [
-      "node_modules",
-      "dist",
-      "build",
-      ".next",
-      "coverage",
-      "*.min.js",
-      "pnpm-lock.yaml"
-    ]
-  }
-}
-

package/_templates/app/new/config/components.json.ejs.t

@@ -1,28 +0,0 @@
----
-to: '<%= useCurrentDir ? "" : ((directoryName || name) + "/") %>components.json'
----
-{
-  "$schema": "https://ui.shadcn.com/schema.json",
-  "style": "new-york",
-  "rsc": false,
-  "tsx": true,
-  "tailwind": {
-    "config": "tailwind.config.js",
-    "css": "src/styles.css",
-    "baseColor": "zinc",
-    "cssVariables": true,
-    "prefix": ""
-  },
-  "iconLibrary": "lucide",
-  "aliases": {
-    "components": "@/components",
-    "utils": "@/lib/utils",
-    "ui": "@/components/ui",
-    "lib": "@/lib",
-    "hooks": "@/hooks"
-  },
-  "registries": {
-    "@aura": "https://cognitedata.github.io/aura/r/{name}.json"
-  }
-}
-