@expressots/cli 3.0.0 → 4.0.0-preview.2

package/bin/cicd/generators/circleci.js

@@ -0,0 +1,274 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateCircleCI = void 0;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const chalk_1 = __importDefault(require("chalk"));
+const template_loader_1 = require("./template-loader");
+async function generateCircleCI(outputDir, options) {
+    const circleDir = path_1.default.join(outputDir, ".circleci");
+    fs_1.default.mkdirSync(circleDir, { recursive: true });
+    // Try remote template, fall back to embedded
+    const result = await (0, template_loader_1.loadCICDTemplate)("circleci", options.strategy, options, generateCircleCIContentEmbedded);
+    (0, template_loader_1.logTemplateSource)("CircleCI", result.source);
+    const filePath = path_1.default.join(circleDir, "config.yml");
+    fs_1.default.writeFileSync(filePath, result.content, "utf-8");
+    console.log(chalk_1.default.green(`  ✓ Created .circleci/config.yml`));
+}
+exports.generateCircleCI = generateCircleCI;
+/**
+ * Embedded template generator (fallback when remote templates unavailable)
+ */
+function generateCircleCIContentEmbedded(options) {
+    const { nodeVersion, packageManager, strategy, includeSecurity, includeE2E, includeCoverage, deployTarget, branch, } = options;
+    const installCmd = packageManager === "pnpm"
+        ? "pnpm install"
+        : packageManager === "yarn"
+            ? "yarn install"
+            : "npm ci";
+    const testCmd = packageManager === "pnpm"
+        ? "pnpm test"
+        : packageManager === "yarn"
+            ? "yarn test"
+            : "npm test";
+    const buildCmd = packageManager === "pnpm"
+        ? "pnpm build"
+        : packageManager === "yarn"
+            ? "yarn build"
+            : "npm run build";
+    const lintCmd = packageManager === "pnpm"
+        ? "pnpm lint"
+        : packageManager === "yarn"
+            ? "yarn lint"
+            : "npm run lint";
+    let content = `# CircleCI Configuration
+# Generated by ExpressoTS CLI
+# Strategy: ${strategy}
+
+version: 2.1
+
+orbs:
+  node: circleci/node@5.2
+  docker: circleci/docker@2.5
+
+executors:
+  node-executor:
+    docker:
+      - image: cimg/node:${nodeVersion}
+    working_directory: ~/project
+
+commands:
+  install-deps:
+    steps:
+      - restore_cache:
+          keys:
+            - v1-deps-{{ checksum "package-lock.json" }}
+            - v1-deps-
+      - run:
+          name: Install dependencies
+          command: ${installCmd}
+      - save_cache:
+          key: v1-deps-{{ checksum "package-lock.json" }}
+          paths:
+            - node_modules
+
+jobs:
+  lint:
+    executor: node-executor
+    steps:
+      - checkout
+      - install-deps
+      - run:
+          name: Run linter
+          command: ${lintCmd}
+
+  test:
+    executor: node-executor
+    steps:
+      - checkout
+      - install-deps
+      - run:
+          name: Run tests
+          command: ${testCmd}${includeCoverage ? ` --coverage` : ""}
+`;
+    if (includeCoverage) {
+        content += `      - store_artifacts:
+          path: coverage
+      - run:
+          name: Upload coverage
+          command: |
+            if [ -n "$CODECOV_TOKEN" ]; then
+              npx codecov
+            fi
+
+`;
+    }
+    else {
+        content += `
+`;
+    }
+    // Security job
+    if (includeSecurity &&
+        (strategy === "comprehensive" || strategy === "security-focused")) {
+        content += `  security:
+    docker:
+      - image: aquasec/trivy:latest
+    steps:
+      - checkout
+      - run:
+          name: Run security scan
+          command: trivy fs --exit-code 0 --severity HIGH,CRITICAL .
+
+`;
+    }
+    // E2E tests
+    if (includeE2E) {
+        content += `  e2e:
+    executor: node-executor
+    steps:
+      - checkout
+      - install-deps
+      - run:
+          name: Build application
+          command: ${buildCmd}
+      - run:
+          name: Start application
+          command: npm start
+          background: true
+      - run:
+          name: Wait for app
+          command: sleep 10
+      - run:
+          name: Run E2E tests
+          command: npm run test:e2e
+
+`;
+    }
+    // Build job
+    content += `  build:
+    executor: node-executor
+    steps:
+      - checkout
+      - install-deps
+      - run:
+          name: Build application
+          command: ${buildCmd}
+      - persist_to_workspace:
+          root: .
+          paths:
+            - dist
+
+  docker-build:
+    executor: docker/docker
+    steps:
+      - checkout
+      - setup_remote_docker:
+          version: 20.10.24
+      - docker/check
+      - docker/build:
+          image: $CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME
+          tag: $CIRCLE_SHA1,latest
+      - docker/push:
+          image: $CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME
+          tag: $CIRCLE_SHA1,latest
+
+`;
+    // Deploy job
+    if (deployTarget !== "none") {
+        content += generateCircleCIDeployJob(deployTarget);
+    }
+    // Workflows
+    content += `workflows:
+  build-and-deploy:
+    jobs:
+      - lint:
+          filters:
+            branches:
+              only:
+                - ${branch}
+                - /^feature/.*/
+      - test:
+          requires:
+            - lint
+`;
+    if (includeSecurity &&
+        (strategy === "comprehensive" || strategy === "security-focused")) {
+        content += `      - security:
+          requires:
+            - lint
+`;
+    }
+    if (includeE2E) {
+        content += `      - e2e:
+          requires:
+            - test
+`;
+    }
+    content += `      - build:
+          requires:
+            - test
+`;
+    if (includeSecurity &&
+        (strategy === "comprehensive" || strategy === "security-focused")) {
+        content += `            - security
+`;
+    }
+    content += `      - docker-build:
+          requires:
+            - build
+          filters:
+            branches:
+              only: ${branch}
+`;
+    if (deployTarget !== "none") {
+        content += `      - deploy:
+          requires:
+            - docker-build
+          filters:
+            branches:
+              only: ${branch}
+`;
+    }
+    return content;
+}
+function generateCircleCIDeployJob(target) {
+    switch (target) {
+        case "kubernetes":
+            return `  deploy:
+    docker:
+      - image: bitnami/kubectl:latest
+    steps:
+      - run:
+          name: Deploy to Kubernetes
+          command: |
+            kubectl set image deployment/expressots-app app=$DOCKER_IMAGE:$CIRCLE_SHA1
+            kubectl rollout status deployment/expressots-app
+
+`;
+        case "railway":
+            return `  deploy:
+    executor: node-executor
+    steps:
+      - checkout
+      - run:
+          name: Install Railway CLI
+          command: npm install -g @railway/cli
+      - run:
+          name: Deploy to Railway
+          command: railway up
+
+`;
+        default:
+            return `  deploy:
+    executor: node-executor
+    steps:
+      - run:
+          name: Deploy
+          command: echo "Deploy to ${target}"
+
+`;
+    }
+}

package/bin/cicd/generators/github-actions.d.ts

@@ -0,0 +1,14 @@
+export interface GeneratorOptions {
+    projectName: string;
+    nodeVersion: string;
+    packageManager: string;
+    strategy: string;
+    includeSecurity: boolean;
+    includeE2E: boolean;
+    includeCoverage: boolean;
+    dockerRegistry?: string;
+    deployTarget: string;
+    branch: string;
+    port: number;
+}
+export declare function generateGitHubActions(outputDir: string, options: GeneratorOptions): Promise<void>;

package/bin/cicd/generators/github-actions.js

@@ -0,0 +1,426 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateGitHubActions = void 0;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const chalk_1 = __importDefault(require("chalk"));
+const template_loader_1 = require("./template-loader");
+async function generateGitHubActions(outputDir, options) {
+    const workflowsDir = path_1.default.join(outputDir, ".github", "workflows");
+    // Create directory if it doesn't exist
+    fs_1.default.mkdirSync(workflowsDir, { recursive: true });
+    // Try remote template, fall back to embedded
+    const result = await (0, template_loader_1.loadCICDTemplate)("github", options.strategy, options, generateWorkflowContentEmbedded);
+    (0, template_loader_1.logTemplateSource)("GitHub Actions", result.source);
+    const filePath = path_1.default.join(workflowsDir, "ci.yml");
+    fs_1.default.writeFileSync(filePath, result.content, "utf-8");
+    console.log(chalk_1.default.green(`  ✓ Created .github/workflows/ci.yml`));
+}
+exports.generateGitHubActions = generateGitHubActions;
+/**
+ * Embedded template generator (fallback when remote templates unavailable)
+ */
+function generateWorkflowContentEmbedded(options) {
+    const { projectName, nodeVersion, packageManager, strategy, includeSecurity, includeE2E, includeCoverage, dockerRegistry, deployTarget, branch, } = options;
+    const registry = dockerRegistry || "ghcr.io";
+    const installCmd = packageManager === "pnpm"
+        ? "pnpm install"
+        : packageManager === "yarn"
+            ? "yarn install"
+            : "npm ci";
+    const testCmd = packageManager === "pnpm"
+        ? "pnpm test"
+        : packageManager === "yarn"
+            ? "yarn test"
+            : "npm test";
+    const buildCmd = packageManager === "pnpm"
+        ? "pnpm build"
+        : packageManager === "yarn"
+            ? "yarn build"
+            : "npm run build";
+    const lintCmd = packageManager === "pnpm"
+        ? "pnpm lint"
+        : packageManager === "yarn"
+            ? "yarn lint"
+            : "npm run lint";
+    let workflow = `# GitHub Actions CI/CD Pipeline
+# Generated by ExpressoTS CLI
+# Strategy: ${strategy}
+
+name: CI/CD Pipeline
+
+on:
+  push:
+    branches: [${branch}]
+  pull_request:
+    branches: [${branch}]
+
+env:
+  NODE_VERSION: '${nodeVersion}'
+  REGISTRY: ${registry}
+  IMAGE_NAME: \${{ github.repository }}
+
+jobs:
+`;
+    // Lint job
+    workflow += `  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: \${{ env.NODE_VERSION }}
+          cache: '${packageManager}'
+      
+      - name: Install dependencies
+        run: ${installCmd}
+      
+      - name: Run linter
+        run: ${lintCmd}
+
+`;
+    // Test job
+    workflow += `  test:
+    name: Test
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: \${{ env.NODE_VERSION }}
+          cache: '${packageManager}'
+      
+      - name: Install dependencies
+        run: ${installCmd}
+      
+      - name: Run tests
+        run: ${testCmd}
+`;
+    // Add coverage if enabled
+    if (includeCoverage) {
+        workflow += `      
+      - name: Run tests with coverage
+        run: ${testCmd} -- --coverage
+      
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          token: \${{ secrets.CODECOV_TOKEN }}
+          fail_ci_if_error: false
+
+`;
+    }
+    else {
+        workflow += `
+`;
+    }
+    // Security job (comprehensive and security-focused strategies)
+    if (includeSecurity &&
+        (strategy === "comprehensive" || strategy === "security-focused")) {
+        workflow += `  security:
+    name: Security Scan
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          scan-ref: '.'
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+      
+      - name: Upload Trivy scan results
+        uses: github/codeql-action/upload-sarif@v3
+        if: always()
+        with:
+          sarif_file: 'trivy-results.sarif'
+`;
+        if (strategy === "security-focused") {
+            workflow += `      
+      - name: Run Snyk security scan
+        uses: snyk/actions/node@master
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: \${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --severity-threshold=high
+      
+      - name: OWASP Dependency Check
+        uses: dependency-check/Dependency-Check_Action@main
+        with:
+          project: '${projectName}'
+          path: '.'
+          format: 'HTML'
+`;
+        }
+        workflow += `
+`;
+    }
+    // E2E tests (if enabled)
+    if (includeE2E) {
+        workflow += `  e2e:
+    name: E2E Tests
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: \${{ env.NODE_VERSION }}
+          cache: '${packageManager}'
+      
+      - name: Install dependencies
+        run: ${installCmd}
+      
+      - name: Build application
+        run: ${buildCmd}
+      
+      - name: Start application
+        run: |
+          npm start &
+          sleep 10
+      
+      - name: Run E2E tests
+        run: npm run test:e2e
+
+`;
+    }
+    // Build job
+    workflow += `  build:
+    name: Build
+    runs-on: ubuntu-latest
+    needs: [test${includeSecurity && (strategy === "comprehensive" || strategy === "security-focused") ? ", security" : ""}${includeE2E ? ", e2e" : ""}]
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: \${{ env.NODE_VERSION }}
+          cache: '${packageManager}'
+      
+      - name: Install dependencies
+        run: ${installCmd}
+      
+      - name: Build application
+        run: ${buildCmd}
+      
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+          retention-days: 7
+
+`;
+    // Docker build job
+    workflow += `  docker:
+    name: Docker Build
+    runs-on: ubuntu-latest
+    needs: build
+    if: github.event_name == 'push' && github.ref == 'refs/heads/${branch}'
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Log in to Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: \${{ env.REGISTRY }}
+          username: \${{ github.actor }}
+          password: \${{ secrets.GITHUB_TOKEN }}
+      
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: \${{ env.REGISTRY }}/\${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=sha,prefix=
+            type=raw,value=latest,enable={{is_default_branch}}
+      
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: \${{ steps.meta.outputs.tags }}
+          labels: \${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+`;
+    // Add container vulnerability scan
+    if (includeSecurity) {
+        workflow += `      
+      - name: Scan container for vulnerabilities
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: \${{ env.REGISTRY }}/\${{ env.IMAGE_NAME }}:latest
+          format: 'sarif'
+          output: 'container-scan.sarif'
+      
+      - name: Upload container scan results
+        uses: github/codeql-action/upload-sarif@v3
+        if: always()
+        with:
+          sarif_file: 'container-scan.sarif'
+`;
+    }
+    workflow += `
+`;
+    // Deploy job (if configured)
+    if (deployTarget !== "none") {
+        workflow += generateDeployJob(deployTarget, options);
+    }
+    return workflow;
+}
+function generateDeployJob(target, options) {
+    const { branch } = options;
+    switch (target) {
+        case "kubernetes":
+            return `  deploy:
+    name: Deploy to Kubernetes
+    runs-on: ubuntu-latest
+    needs: docker
+    if: github.event_name == 'push' && github.ref == 'refs/heads/${branch}'
+    environment: production
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up kubectl
+        uses: azure/setup-kubectl@v3
+      
+      - name: Configure kubectl
+        run: |
+          echo "\${{ secrets.KUBE_CONFIG }}" | base64 -d > kubeconfig.yaml
+          export KUBECONFIG=kubeconfig.yaml
+      
+      - name: Deploy to Kubernetes
+        run: |
+          kubectl set image deployment/expressots-app \\
+            app=\${{ env.REGISTRY }}/\${{ env.IMAGE_NAME }}:\${{ github.sha }}
+          kubectl rollout status deployment/expressots-app
+
+`;
+        case "railway":
+            return `  deploy:
+    name: Deploy to Railway
+    runs-on: ubuntu-latest
+    needs: docker
+    if: github.event_name == 'push' && github.ref == 'refs/heads/${branch}'
+    environment: production
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Install Railway CLI
+        run: npm install -g @railway/cli
+      
+      - name: Deploy to Railway
+        run: railway up
+        env:
+          RAILWAY_TOKEN: \${{ secrets.RAILWAY_TOKEN }}
+
+`;
+        case "render":
+            return `  deploy:
+    name: Deploy to Render
+    runs-on: ubuntu-latest
+    needs: docker
+    if: github.event_name == 'push' && github.ref == 'refs/heads/${branch}'
+    environment: production
+    steps:
+      - name: Deploy to Render
+        run: |
+          curl -X POST \\
+            -H "Authorization: Bearer \${{ secrets.RENDER_API_KEY }}" \\
+            -H "Content-Type: application/json" \\
+            "\${{ secrets.RENDER_DEPLOY_HOOK_URL }}"
+
+`;
+        case "fly":
+            return `  deploy:
+    name: Deploy to Fly.io
+    runs-on: ubuntu-latest
+    needs: docker
+    if: github.event_name == 'push' && github.ref == 'refs/heads/${branch}'
+    environment: production
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Setup Fly CLI
+        uses: superfly/flyctl-actions/setup-flyctl@master
+      
+      - name: Deploy to Fly.io
+        run: flyctl deploy --remote-only
+        env:
+          FLY_API_TOKEN: \${{ secrets.FLY_API_TOKEN }}
+
+`;
+        case "ecs":
+            return `  deploy:
+    name: Deploy to AWS ECS
+    runs-on: ubuntu-latest
+    needs: docker
+    if: github.event_name == 'push' && github.ref == 'refs/heads/${branch}'
+    environment: production
+    steps:
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: \${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: \${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: \${{ secrets.AWS_REGION }}
+      
+      - name: Update ECS service
+        run: |
+          aws ecs update-service \\
+            --cluster \${{ secrets.ECS_CLUSTER }} \\
+            --service \${{ secrets.ECS_SERVICE }} \\
+            --force-new-deployment
+
+`;
+        case "cloudrun":
+            return `  deploy:
+    name: Deploy to Cloud Run
+    runs-on: ubuntu-latest
+    needs: docker
+    if: github.event_name == 'push' && github.ref == 'refs/heads/${branch}'
+    environment: production
+    steps:
+      - name: Authenticate to Google Cloud
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: \${{ secrets.GCP_CREDENTIALS }}
+      
+      - name: Deploy to Cloud Run
+        uses: google-github-actions/deploy-cloudrun@v2
+        with:
+          service: expressots-app
+          image: \${{ env.REGISTRY }}/\${{ env.IMAGE_NAME }}:\${{ github.sha }}
+          region: \${{ secrets.GCP_REGION }}
+
+`;
+        default:
+            return "";
+    }
+}

package/bin/cicd/generators/gitlab-ci.d.ts

@@ -0,0 +1,2 @@
+import type { GeneratorOptions } from "./github-actions";
+export declare function generateGitLabCI(outputDir: string, options: GeneratorOptions): Promise<void>;