@cognite/dune 0.3.7 → 0.4.1

package/dist/deploy/index.d.ts

@@ -17,10 +17,50 @@ type App = {
     name: string;
     description: string;
     versionTag: string;
+    /** When set to "appsApi", deploy uses the App Hosting API instead of Files API */
+    infra?: "appsApi";
 };
 
 declare const deploy: (deployment: Deployment, app: App, folder: string) => Promise<void>;
 
+/**
+ * App Hosting API Deployment
+ *
+ * Handles deployment of packaged applications via the new App Hosting API
+ * instead of CDF Files API + dataset.
+ */
+
+declare class AppHostingDeployer {
+    private client;
+    constructor(client: CogniteClient);
+    private get appsBasePath();
+    /**
+     * Ensure the app exists in the App Hosting service. Creates it if missing.
+     */
+    ensureApp(externalId: string, name: string, description: string): Promise<void>;
+    /**
+     * Upload a new version of the app as a zip file.
+     *
+     * `entryPath` must be a relative path (no leading slash). The App
+     * Hosting backend rejects absolute paths as a security measure against
+     * archive traversal, see `ZipCentralDirectory.normalizeEntryPath` in
+     * infrastructure/services/app-hosting.
+     */
+    uploadVersion(appExternalId: string, version: string, zipPath: string, entryPath?: string): Promise<void>;
+    /**
+     * Publish the version and set it as the ACTIVE alias.
+     */
+    publishAndActivate(appExternalId: string, version: string): Promise<void>;
+    /**
+     * Full deployment: ensure app exists, upload version, and optionally publish and activate.
+     *
+     * When `published` is false the version is uploaded in DRAFT state with no alias —
+     * it is stored but not served to end users. Pass `published: true` to transition the
+     * version to PUBLISHED and set it as the ACTIVE alias so it starts receiving traffic.
+     */
+    deploy(appExternalId: string, name: string, description: string, versionTag: string, zipPath: string, published?: boolean): Promise<void>;
+}
+
 /**
  * CDF Application Deployment
  *
@@ -95,4 +135,4 @@ declare const getSdk: (deployment: Deployment, folder: string) => Promise<Cognit
  */
 declare const getToken: (deployment: Deployment) => Promise<string>;
 
-export { type App, ApplicationPackager, CdfApplicationDeployer, type Deployment, deploy, getSdk, getToken };
+export { type App, AppHostingDeployer, ApplicationPackager, CdfApplicationDeployer, type Deployment, deploy, getSdk, getToken };

package/dist/deploy/index.js

@@ -1,8 +1,131 @@
 // src/deploy/deploy.ts
-import fs3 from "fs";
+import fs4 from "fs";
 
-// src/deploy/application-deployer.ts
+// src/deploy/apphosting-deployer.ts
 import fs from "fs";
+import path from "path";
+var AppHostingDeployer = class {
+  constructor(client) {
+    this.client = client;
+  }
+  get appsBasePath() {
+    return `/api/v1/projects/${encodeURIComponent(this.client.project)}/apphosting/apps`;
+  }
+  /**
+   * Ensure the app exists in the App Hosting service. Creates it if missing.
+   */
+  async ensureApp(externalId, name, description) {
+    console.log("\u{1F50D} Ensuring app exists...");
+    try {
+      await this.client.post(this.appsBasePath, {
+        data: { items: [{ externalId, name, description }] }
+      });
+      console.log(`\u2705 App '${externalId}' created`);
+    } catch (error) {
+      if (error instanceof Error && "status" in error && error.status === 409) {
+        console.log(`\u2705 App '${externalId}' already exists`);
+        return;
+      }
+      throw error;
+    }
+  }
+  /**
+   * Upload a new version of the app as a zip file.
+   *
+   * `entryPath` must be a relative path (no leading slash). The App
+   * Hosting backend rejects absolute paths as a security measure against
+   * archive traversal, see `ZipCentralDirectory.normalizeEntryPath` in
+   * infrastructure/services/app-hosting.
+   */
+  async uploadVersion(appExternalId, version, zipPath, entryPath = "index.html") {
+    console.log(`\u{1F4E4} Uploading version ${version}...`);
+    const fileBuffer = fs.readFileSync(zipPath);
+    const fileName = path.basename(zipPath);
+    const formData = new FormData();
+    formData.append("file", new Blob([fileBuffer]), fileName);
+    formData.append("version", version);
+    formData.append("entryPath", entryPath);
+    const encodedAppExternalId = encodeURIComponent(appExternalId);
+    const uploadPath = `${this.appsBasePath}/${encodedAppExternalId}/versions`;
+    const token = await this.client.authenticate();
+    const url = `${this.client.getBaseUrl()}${uploadPath}`;
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), 5 * 60 * 1e3);
+    let response;
+    try {
+      response = await fetch(url, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${token}` },
+        body: formData,
+        signal: controller.signal
+      });
+    } catch (error) {
+      if (error instanceof Error && error.name === "AbortError") {
+        throw new Error("Upload timed out after 5 minutes");
+      }
+      throw error;
+    } finally {
+      clearTimeout(timeout);
+    }
+    if (!response.ok) {
+      const body = await response.text();
+      let message = body;
+      try {
+        const json = JSON.parse(body);
+        message = json.message ?? json.error ?? body;
+      } catch {
+      }
+      throw new Error(`Upload failed: ${response.status} \u2014 ${message}`);
+    }
+    console.log(`\u2705 Version ${version} uploaded`);
+  }
+  /**
+   * Publish the version and set it as the ACTIVE alias.
+   */
+  async publishAndActivate(appExternalId, version) {
+    console.log(`\u{1F680} Publishing and activating version ${version}...`);
+    const encodedAppExternalId = encodeURIComponent(appExternalId);
+    const url = `${this.appsBasePath}/${encodedAppExternalId}/versions/update`;
+    await this.client.post(url, {
+      data: {
+        items: [
+          {
+            version,
+            update: {
+              lifecycleState: { set: "PUBLISHED" },
+              alias: { set: "ACTIVE" }
+            }
+          }
+        ]
+      }
+    });
+    console.log(`\u2705 Version ${version} is now PUBLISHED and ACTIVE`);
+  }
+  /**
+   * Full deployment: ensure app exists, upload version, and optionally publish and activate.
+   *
+   * When `published` is false the version is uploaded in DRAFT state with no alias —
+   * it is stored but not served to end users. Pass `published: true` to transition the
+   * version to PUBLISHED and set it as the ACTIVE alias so it starts receiving traffic.
+   */
+  async deploy(appExternalId, name, description, versionTag, zipPath, published = false) {
+    console.log("\n\u{1F680} Deploying application via App Hosting API...\n");
+    try {
+      await this.ensureApp(appExternalId, name, description);
+      await this.uploadVersion(appExternalId, versionTag, zipPath);
+      if (published) {
+        await this.publishAndActivate(appExternalId, versionTag);
+      }
+      console.log("\n\u2705 Deployment successful!");
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      throw Object.assign(new Error(`Deployment failed: ${message}`), { cause: error });
+    }
+  }
+};
+
+// src/deploy/application-deployer.ts
+import fs2 from "fs";
 var CdfApplicationDeployer = class {
   /**
    * @param {CogniteClient} client - Cognite SDK client
@@ -56,7 +179,7 @@ var CdfApplicationDeployer = class {
     console.log(`\u2705 Data set '${this.DATA_SET_EXTERNAL_ID}' validated (ID: ${dataSetId})
 `);
     console.log("\u{1F4C1} Creating file record...");
-    const fileContent = fs.readFileSync(zipFilename);
+    const fileContent = fs2.readFileSync(zipFilename);
     const metadata = {
       published: String(published),
       name,
@@ -109,22 +232,22 @@ var CdfApplicationDeployer = class {
 };
 
 // src/deploy/application-packager.ts
-import fs2 from "fs";
-import path from "path";
+import fs3 from "fs";
+import path2 from "path";
 import archiver from "archiver";
 var ApplicationPackager = class {
   /**
    * @param {string} distDirectory - Build directory to package (can be relative or absolute)
    */
   constructor(distDirectory = "dist") {
-    this.distPath = path.isAbsolute(distDirectory) ? distDirectory : path.join(process.cwd(), distDirectory);
+    this.distPath = path2.isAbsolute(distDirectory) ? distDirectory : path2.join(process.cwd(), distDirectory);
   }
   /**
    * Validate that build directory exists
    * @throws {Error} If build directory not found
    */
   validateBuildDirectory() {
-    if (!fs2.existsSync(this.distPath)) {
+    if (!fs3.existsSync(this.distPath)) {
       throw new Error(`Build directory "${this.distPath}" not found. Run build first.`);
     }
   }
@@ -138,7 +261,7 @@ var ApplicationPackager = class {
     this.validateBuildDirectory();
     console.log("\u{1F4E6} Packaging application...");
     return new Promise((resolve, reject) => {
-      const output = fs2.createWriteStream(outputFilename);
+      const output = fs3.createWriteStream(outputFilename);
       const archive = archiver("zip", {
         zlib: { level: 9 }
         // Maximum compression
@@ -316,26 +439,35 @@ var getSdk = async (deployment, folder) => {
 };
 
 // src/deploy/deploy.ts
-var deploy = async (deployment, app, folder) => {
+async function deployViaAppHosting(deployment, app, folder, zipFilename) {
+  const { externalId, name, description, versionTag } = app;
+  const sdk = await getSdk(deployment, folder);
+  const deployer = new AppHostingDeployer(sdk);
+  await deployer.deploy(externalId, name, description, versionTag, zipFilename, deployment.published);
+}
+async function deployViaCdf(deployment, app, folder, zipFilename) {
+  const { externalId, name, description, versionTag } = app;
   const sdk = await getSdk(deployment, folder);
-  const distPath = `${folder}/dist`;
-  const packager = new ApplicationPackager(distPath);
-  const zipFilename = await packager.createZip("app.zip", true);
   const deployer = new CdfApplicationDeployer(sdk);
-  await deployer.deploy(
-    app.externalId,
-    app.name,
-    app.description,
-    app.versionTag,
-    zipFilename,
-    deployment.published
-  );
+  await deployer.deploy(externalId, name, description, versionTag, zipFilename, deployment.published);
+}
+var deploy = async (deployment, app, folder) => {
+  const zipFilename = await new ApplicationPackager(`${folder}/dist`).createZip("app.zip", true);
   try {
-    fs3.unlinkSync(zipFilename);
-  } catch {
+    if (app.infra === "appsApi") {
+      await deployViaAppHosting(deployment, app, folder, zipFilename);
+    } else {
+      await deployViaCdf(deployment, app, folder, zipFilename);
+    }
+  } finally {
+    try {
+      fs4.unlinkSync(zipFilename);
+    } catch {
+    }
   }
 };
 export {
+  AppHostingDeployer,
   ApplicationPackager,
   CdfApplicationDeployer,
   deploy,

package/dist/index.d.ts

@@ -1,4 +1,4 @@
-export { CDFConfig, DuneAuthProvider, DuneAuthProviderContext, DuneAuthProviderProps, DuneContextValue, EMPTY_SDK, createCDFSDK, getToken, useDune } from './auth/index.js';
+export { AppSdkAuthProvider, CDFConfig, DuneAuthProvider, DuneAuthProviderContext, DuneAuthProviderProps, DuneContextValue, EMPTY_SDK, createCDFSDK, getToken, useDune } from './auth/index.js';
 import 'react/jsx-runtime';
 import 'react';
 import '@cognite/sdk';

package/dist/index.js

@@ -1,12 +1,14 @@
 import {
+  AppSdkAuthProvider,
   DuneAuthProvider,
   DuneAuthProviderContext,
   EMPTY_SDK,
   createCDFSDK,
   getToken,
   useDune
-} from "./chunk-53VTKDSC.js";
+} from "./chunk-XWZCFZUH.js";
 export {
+  AppSdkAuthProvider,
   DuneAuthProvider,
   DuneAuthProviderContext,
   EMPTY_SDK,

package/dist/vite/index.js

@@ -25,7 +25,16 @@ var fusionOpenPlugin = () => {
             const { org, project, baseUrl } = firstDeployment || {};
             const parsedBaseUrl = baseUrl?.split("//")[1];
             if (org && project && baseUrl) {
-              const fusionUrl = `https://${org}.fusion.cognite.com/${project}/streamlit-apps/dune/development/${port}?cluster=${parsedBaseUrl}&workspace=industrial-tools`;
+              let fusionUrl;
+              if (appJson.infra === "appsApi") {
+                if (!appJson.externalId) {
+                  console.warn("  \u279C  app.json is missing externalId \u2014 cannot determine Fusion URL");
+                  return;
+                }
+                fusionUrl = `https://${org}.fusion.cognite.com/${project}/dune-app-host/development/${appJson.externalId}/${port}?cluster=${parsedBaseUrl}`;
+              } else {
+                fusionUrl = `https://${org}.fusion.cognite.com/${project}/streamlit-apps/dune/development/${port}?cluster=${parsedBaseUrl}&workspace=industrial-tools`;
+              }
               console.log(`  \u279C  Fusion: ${fusionUrl}`);
               openUrl(fusionUrl);
               return;

package/package.json

@@ -1,8 +1,16 @@
 {
   "name": "@cognite/dune",
-  "version": "0.3.7",
+  "version": "0.4.1",
   "description": "Build and deploy React apps to Cognite Data Fusion",
-  "keywords": ["cognite", "dune", "cdf", "fusion", "react", "scaffold", "deploy"],
+  "keywords": [
+    "cognite",
+    "dune",
+    "cdf",
+    "fusion",
+    "react",
+    "scaffold",
+    "deploy"
+  ],
   "license": "Apache-2.0",
   "author": "Cognite",
   "repository": {
@@ -41,7 +49,17 @@
   "bin": {
     "dune": "./bin/cli.js"
   },
-  "files": ["bin/cli.js", "bin/deploy-command.js", "bin/deploy-interactive-command.js", "bin/skills-command.js", "bin/auth", "bin/utils", "dist", "src", "_templates"],
+  "files": [
+    "bin/cli.js",
+    "bin/deploy-command.js",
+    "bin/deploy-interactive-command.js",
+    "bin/skills-command.js",
+    "bin/auth",
+    "bin/utils",
+    "dist",
+    "src",
+    "_templates"
+  ],
   "scripts": {
     "build": "tsup",
     "prepare": "tsup",
@@ -51,7 +69,9 @@
     "test:watch": "vitest"
   },
   "dependencies": {
+    "@cognite/app-sdk": "^0.3.0",
     "archiver": "^7.0.1",
+    "commander": "^14.0.3",
     "enquirer": "^2.4.1",
     "execa": "^5.1.1",
     "hygen": "^6.2.11",

package/src/auth/app-sdk-auth-provider.test.tsx

@@ -0,0 +1,126 @@
+// @vitest-environment happy-dom
+import { render, screen, waitFor } from '@testing-library/react';
+import { useContext } from 'react';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+
+import { AppSdkAuthProvider } from './app-sdk-auth-provider';
+import { DuneAuthProviderContext, type DuneContextValue } from './dune-auth-provider';
+
+const mockConnectToHostApp = vi.hoisted(() => vi.fn());
+const MockCogniteClient = vi.hoisted(() => vi.fn());
+
+vi.mock(import('@cognite/app-sdk'), () => ({
+  connectToHostApp: mockConnectToHostApp,
+}));
+
+vi.mock(import('@cognite/sdk'), async (importOriginal) => {
+  const actual = await importOriginal();
+  return {
+    ...actual,
+    CogniteClient: MockCogniteClient as Partial<typeof actual.CogniteClient> as typeof actual.CogniteClient,
+  };
+});
+
+function ContextCapture({ onValue }: { onValue: (v: DuneContextValue) => void }) {
+  const value = useContext(DuneAuthProviderContext);
+  onValue(value);
+  return null;
+}
+
+type ApiMock = {
+  getProject: () => Promise<string>;
+  getBaseUrl: () => Promise<string>;
+  getAccessToken: () => Promise<string>;
+};
+
+function makeApi(overrides?: Partial<ApiMock>): ApiMock {
+  return {
+    getProject: vi.fn(async () => 'my-project'),
+    getBaseUrl: vi.fn(async () => 'https://cognite.test'),
+    getAccessToken: vi.fn(async () => 'token-abc'),
+    ...overrides,
+  };
+}
+
+describe(AppSdkAuthProvider.name, () => {
+  const mockSdkInstance = { authenticate: vi.fn(async () => undefined) };
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+    vi.mocked(MockCogniteClient).mockReturnValue(mockSdkInstance);
+  });
+
+  it('renders the loadingComponent while the handshake is in progress', () => {
+    // Arrange
+    vi.mocked(mockConnectToHostApp).mockReturnValue(new Promise(() => {})); // never resolves
+
+    // Act
+    render(
+      <AppSdkAuthProvider loadingComponent={<div>Connecting…</div>}>
+        <div>content</div>
+      </AppSdkAuthProvider>
+    );
+
+    // Assert
+    expect(screen.getByText('Connecting…')).toBeDefined();
+    expect(screen.queryByText('content')).toBeNull();
+  });
+
+  it('exposes the configured sdk and clears loading on successful connection', async () => {
+    // Arrange
+    const api = makeApi();
+    vi.mocked(mockConnectToHostApp).mockResolvedValue({ api });
+    const captured: DuneContextValue[] = [];
+
+    // Act — loadingComponent=null so children render even during loading
+    render(
+      <AppSdkAuthProvider loadingComponent={null}>
+        <ContextCapture onValue={(v) => captured.push({ ...v })} />
+      </AppSdkAuthProvider>
+    );
+    await waitFor(() => expect(captured[captured.length - 1]?.isLoading).toBe(false));
+
+    // Assert
+    expect(captured[captured.length - 1]).toMatchObject({ isLoading: false, error: undefined, sdk: mockSdkInstance });
+    expect(MockCogniteClient).toHaveBeenCalledWith(
+      expect.objectContaining({
+        appId: 'dune-app',
+        project: 'my-project',
+        baseUrl: 'https://cognite.test',
+        oidcTokenProvider: expect.any(Function),
+      })
+    );
+    expect(mockSdkInstance.authenticate).toHaveBeenCalled();
+  });
+
+  it('renders the errorComponent when connectToHostApp rejects with an Error', async () => {
+    // Arrange
+    vi.mocked(mockConnectToHostApp).mockRejectedValue(new Error('Handshake timed out'));
+
+    // Act
+    render(
+      <AppSdkAuthProvider errorComponent={(msg) => <div>Error: {msg}</div>}>
+        <div>content</div>
+      </AppSdkAuthProvider>
+    );
+
+    // Assert
+    await waitFor(() => expect(screen.getByText('Error: Handshake timed out')).toBeDefined());
+    expect(screen.queryByText('content')).toBeNull();
+  });
+
+  it('coerces non-Error rejections to a string in the errorComponent', async () => {
+    // Arrange
+    vi.mocked(mockConnectToHostApp).mockRejectedValue('network timeout');
+
+    // Act
+    render(
+      <AppSdkAuthProvider errorComponent={(msg) => <div>Error: {msg}</div>}>
+        <div>content</div>
+      </AppSdkAuthProvider>
+    );
+
+    // Assert
+    await waitFor(() => expect(screen.getByText('Error: network timeout')).toBeDefined());
+  });
+});

package/src/auth/app-sdk-auth-provider.tsx

@@ -0,0 +1,69 @@
+import { connectToHostApp } from '@cognite/app-sdk';
+import { CogniteClient } from '@cognite/sdk';
+import { useEffect, useState, type ReactNode } from 'react';
+
+import { DuneAuthProviderContext } from './dune-auth-provider';
+import { EMPTY_SDK } from './utils';
+
+interface AppSdkAuthProviderProps {
+  children: ReactNode;
+  loadingComponent?: ReactNode;
+  errorComponent?: (error: string) => ReactNode;
+}
+
+/**
+ * Auth provider for apps running in the new Fusion app host (dune-app-host).
+ * Uses @cognite/app-sdk's Comlink handshake to connect to the host and obtain
+ * tokens on-demand. Exposes the same DuneContextValue ({ sdk, isLoading,
+ * error }) as DuneAuthProvider so useDune() works unchanged.
+ */
+export const AppSdkAuthProvider = ({
+  children,
+  loadingComponent = <div>Loading CDF authentication...</div>,
+  errorComponent = (error: string) => <div>Authentication error: {error}</div>,
+}: AppSdkAuthProviderProps) => {
+  const [sdk, setSdk] = useState<CogniteClient>(EMPTY_SDK);
+  const [isLoading, setIsLoading] = useState(true);
+  const [error, setError] = useState<string | undefined>();
+
+  useEffect(() => {
+    connectToHostApp()
+      .then(async ({ api }) => {
+        const [project, baseUrl] = await Promise.all([
+          api.getProject(),
+          api.getBaseUrl(),
+        ]);
+
+        const client = new CogniteClient({
+          appId: 'dune-app',
+          project,
+          baseUrl,
+          oidcTokenProvider: async () => api.getAccessToken(),
+        });
+        await client.authenticate();
+        setSdk(client);
+        setError(undefined);
+      })
+      .catch((err: unknown) => {
+        const message = err instanceof Error ? err.message : String(err);
+        setError(message);
+      })
+      .finally(() => {
+        setIsLoading(false);
+      });
+  }, []);
+
+  if (error && errorComponent) {
+    return <>{errorComponent(error)}</>;
+  }
+
+  if (isLoading && loadingComponent) {
+    return <>{loadingComponent}</>;
+  }
+
+  return (
+    <DuneAuthProviderContext.Provider value={{ sdk, isLoading, error }}>
+      {children}
+    </DuneAuthProviderContext.Provider>
+  );
+};

package/src/auth/index.ts

@@ -1,4 +1,5 @@
 // Auth exports for React applications
+export { AppSdkAuthProvider } from './app-sdk-auth-provider';
 export {
   DuneAuthProvider,
   DuneAuthProviderContext,