npm - @firestartr/cli - Versions diffs - 2.1.0-snapshot → 2.1.0 - Mend

@firestartr/cli 2.1.0-snapshot → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/build/index.js +63 -61
package/package.json +1 -1

package/build/index.js CHANGED Viewed

@@ -356187,39 +356187,33 @@ function createCRrefFrom(claimRef, needsSecret) {
  * @returns string
  */
 function createCodeOwnersData(claim, additionalRules) {
-    const paddedAsterisk = '*'.padEnd(25);
-    // we avoid generating the same line twice (idempotency)
-    const redactedLines = [];
-    const concatLine = function (messageFinal, line) {
-        if (redactedLines.includes(line)) {
-            return messageFinal;
+    const rulesMap = new Map();
+    const addOwnerToPath = (path, owner) => {
+        const owners = rulesMap.get(path) ?? [];
+        if (!owners.includes(owner)) {
+            owners.push(owner);
         }
-        else {
-            redactedLines.push(line);
-            messageFinal += line;
-        }
-        return messageFinal;
+        rulesMap.set(path, owners);
     };
     let message = `# This file was generated by firestartr.
 # WARNING: Please don't edit this file directly in the repository
 # Go to gitops repository to modify it!`;
     if (claim.owner) {
-        message = concatLine(message, `\n${paddedAsterisk}${resolveCodeownersRef(claim.owner, claim.providers.github.org)}`);
+        addOwnerToPath('*', resolveCodeownersRef(claim.owner, claim.providers.github.org));
     }
     if (claim.platformOwner) {
-        message = concatLine(message, `\n${'/.github/'.padEnd(25)}${resolveCodeownersRef(claim.platformOwner, claim.providers.github.org)}`);
+        addOwnerToPath('/.github/', resolveCodeownersRef(claim.platformOwner, claim.providers.github.org));
     }
     if (additionalRules) {
         for (const rule of additionalRules) {
-            let line = `\n${rule.path.padEnd(25)}`;
             for (const owner of rule.owners) {
-                line += `${resolveCodeownersRef(owner, claim.providers.github.org)} `;
+                addOwnerToPath(rule.path, resolveCodeownersRef(owner, claim.providers.github.org));
             }
-            message = concatLine(message, line);
-            // Remove trailing <space> from the previous loop
-            message = message.substring(0, message.length - 1);
         }
     }
+    for (const [path, owners] of rulesMap.entries()) {
+        message += `\n${path.padEnd(25)} ${owners.join(' ')}`;
+    }
     return message;
 }
 function resolveCodeownersRef(ref, org) {
@@ -367438,12 +367432,12 @@ class RepoGithubDecanter extends GithubDecanter {
             });
         }
         const directWriters = this.data.teamsAndMembers.directMembers
-            .filter((member) => member.role === 'push')
+            .filter((member) => member.role === 'write')
             .map((member) => {
             return `user-imported-ref:${member.name}`;
         });
         const outsideWriters = this.data.teamsAndMembers.outsideMembers
-            .filter((member) => member.role === 'push')
+            .filter((member) => member.role === 'write')
             .map((member) => {
             return `collaborator:${member.name.toLowerCase()}`;
         });
@@ -367462,12 +367456,12 @@ class RepoGithubDecanter extends GithubDecanter {
             });
         }
         const directReaders = this.data.teamsAndMembers.directMembers
-            .filter((member) => member.role === 'pull')
+            .filter((member) => member.role === 'read')
             .map((member) => {
             return `user-imported-ref:${member.name}`;
         });
         const outsideReaders = this.data.teamsAndMembers.outsideMembers
-            .filter((member) => member.role === 'pull')
+            .filter((member) => member.role === 'read')
             .map((member) => {
             return `collaborator:${member.name.toLowerCase()}`;
         });
@@ -367502,7 +367496,11 @@ class RepoGithubDecanter extends GithubDecanter {
             };
         });
         this.data['teamsAndMembers']['teams'] = teams;
-        this.data['teamsAndMembers']['directMembers'] = directMembers;
+        // GitHub's `affiliation=direct` includes outside collaborators, so we must
+        // exclude them from directMembers to avoid tagging them as user-imported-ref.
+        const outsideMemberNames = new Set(outsideMembers.map((m) => m.name.toLowerCase()));
+        const filteredDirectMembers = directMembers.filter((m) => !outsideMemberNames.has(m.name.toLowerCase()));
+        this.data['teamsAndMembers']['directMembers'] = filteredDirectMembers;
         this.data['teamsAndMembers']['outsideMembers'] = outsideMembers;
     }
     async __gatherPages() {
@@ -367923,7 +367921,7 @@ async function reimportGithubGitopsRepository(org, crsPath, configPath, generate
             }
             cr.metadata.annotations[reImportAnnotation] = 'true';
             cr.metadata.annotations[importAnnotation] = 'true';
-            // we set an annotion to trigger the update
+            // we set an annotation to trigger the update
             cr.metadata.annotations[reconcileAtAnnotation] = new Date()
                 .toISOString()
                 .replace(/\.\d{3}Z$/, 'Z'); // exact format: 2026-04-19T20:45:00Z
@@ -367935,10 +367933,10 @@ async function reimportGithubGitopsRepository(org, crsPath, configPath, generate
     // we need to search for dependencies if proceeds
     if (!collection.IS_SKIP_SET(generatedFilters, 'gh-repo')) {
         importer_src_logger.info(`Searching for dependencies to annotate with ${reImportAnnotation} and ${importAnnotation}`);
-        await searchForDependencies(org, crsPath, configPath, generatedFilters, crsWithDependenciesToAnnotate, reImportAnnotation, importAnnotation);
+        await searchForDependencies(org, crsPath, configPath, generatedFilters, crsWithDependenciesToAnnotate, reImportAnnotation, importAnnotation, reconcileAtAnnotation);
     }
 }
-async function searchForDependencies(org, crsPath, configPath, generatedFilters, crsWithDependenciesToAnnotate, reImportAnnotation, importAnnotation) {
+async function searchForDependencies(org, crsPath, configPath, generatedFilters, crsWithDependenciesToAnnotate, reImportAnnotation, importAnnotation, reconcileAtAnnotation) {
     // we need to perform a search in all the crsPath
     await searchCRs(crsPath, async (cr, filePath) => {
         importer_src_logger.debug(`${JSON.stringify(cr)}`);
@@ -367956,6 +367954,10 @@ async function searchForDependencies(org, crsPath, configPath, generatedFilters,
                     }
                     cr.metadata.annotations[reImportAnnotation] = 'true';
                     cr.metadata.annotations[importAnnotation] = 'true';
+                    // we set an annotation to trigger the update
+                    cr.metadata.annotations[reconcileAtAnnotation] = new Date()
+                        .toISOString()
+                        .replace(/\.\d{3}Z$/, 'Z'); // exact format: 2026-04-19T20:45:00Z
                     // we write the cr back to the file system
                     const newContent = catalog_common.io.toYaml(cr);
                     await promises_default().writeFile(filePath, newContent, 'utf-8');
@@ -369061,7 +369063,7 @@ function shouldForceReconcileByAnnotation(cr) {
         operator_src_logger.warn(`Timestamp is invalid for the annotation ${cr.kind}/${cr.metadata?.name || 'unknown'}: ${annotationValue}`);
         return false;
     }
-    // Buscamos el timestamp más reciente de TODAS las conditions
+    // Find the most recent timestamp across all conditions
     let latestConditionTime = 0;
     for (const condition of cr.status?.conditions || []) {
         const timeStr = condition.lastUpdateTime || condition.lastTransitionTime;
@@ -369073,7 +369075,7 @@ function shouldForceReconcileByAnnotation(cr) {
         }
     }
     const shouldForce = annotationTime > latestConditionTime;
-    operator_src_logger.debug(shouldForce, `Evaluating force-reconcile for ${cr.metadata.name}: annotation time (${new Date(annotationTime).toISOString()}) vs latest condition time (${new Date(latestConditionTime).toISOString()})`);
+    operator_src_logger.debug(`Evaluating force-reconcile for ${cr.metadata.name}: annotation time (${new Date(annotationTime).toISOString()}) vs latest condition time (${new Date(latestConditionTime).toISOString()})`, { metadata: { shouldForce } });
     if (shouldForce) {
         operator_src_logger.info(`force-reconcile activated for ${cr.metadata.name} → annotation (${annotationValue}) is newer than latest condition time (${new Date(latestConditionTime).toISOString()})`);
     }
@@ -370757,6 +370759,19 @@ function getQueueMetrics() {
         },
     };
 }
+// we need to assign weight to the deletion operation
+// to avoid blockades
+// https://github.com/prefapp/gitops-k8s/issues/1864
+// ghrepo feat | grss -> ghrepo -> ghgroup -> membership
+const DELETION_WEIGHTS = {
+    FirestartrGithubRepositoryFeature: 5,
+    FirestartrGithubRepositorySecretsSection: 4,
+    FirestartrGithubRepository: 3,
+    FirestartrGithubGroup: 2,
+    FirestartrGithubMembership: 1,
+    FirestartrTerraformWorkspace: 1,
+    FirestartrGithubOrgWebhook: 1,
+};
 // Do the kinds need different weights for the operations?
 // We need to discuss this with the team in this issue: https://github.com/prefapp/gitops-k8s/issues/524
 // const KIND_WEIGHTS: any = {
@@ -370826,7 +370841,17 @@ function sortQueue(queue) {
             // If weightA is larger, return -1 (a comes before b)
             return weightB - weightA;
         }
-        // --- SECONDARY SORT: By upsertTime (Ascending) ---
+        // in case of deletions we need to
+        // establish a secondary sort by kind
+        if (wa.operation === 'MARKED_TO_DELETION' &&
+            wb.operation === 'MARKED_TO_DELETION') {
+            const deletionWeightA = DELETION_WEIGHTS[wa.item.kind] || 0;
+            const deletionWeightB = DELETION_WEIGHTS[wb.item.kind] || 0;
+            if (deletionWeightA !== deletionWeightB) {
+                return deletionWeightB - deletionWeightA;
+            }
+        }
+        // --- 3rd SORT: By upsertTime (Ascending) ---
         // If weights are equal, sort by the oldest upsertTime (ascending)
         return wa.upsertTime - wb.upsertTime;
     });
@@ -371084,6 +371109,7 @@ function processHandler(processToHandle, ctl, onTimedOut) {
+const TOFU_LOCK_TIMEOUT = '-lock-timeout=60s';
 async function utils_validate(path, secrets) {
     return await tfExec(path, ['validate'], secrets);
 }
@@ -371104,7 +371130,7 @@ async function plan(path, secrets, format, args = ['plan'], stream, ctl) {
 }
 async function apply(path, secrets, stream, ctl) {
     terraform_provisioner_src_logger.debug(`Running terraform apply in path ${path}`);
-    return await tfExec(path, ['apply', '-auto-approve'], secrets, ['-input=false'], stream, ctl);
+    return await tfExec(path, ['apply', '-auto-approve', TOFU_LOCK_TIMEOUT], secrets, ['-input=false'], stream, ctl);
 }
 async function customCommand(path, secrets, args, stream) {
     terraform_provisioner_src_logger.debug(`Running terraform customCommand in path ${path} ${args.join(',')}`);
@@ -371112,7 +371138,7 @@ async function customCommand(path, secrets, args, stream) {
 }
 async function destroy(path, secrets, stream, ctl) {
     terraform_provisioner_src_logger.debug(`Running terraform destroy in path ${path}`);
-    return await tfExec(path, ['destroy', '-auto-approve'], secrets, ['-input=false'], stream, ctl);
+    return await tfExec(path, ['destroy', '-auto-approve', TOFU_LOCK_TIMEOUT], secrets, ['-input=false'], stream, ctl);
 }
 async function output(path, secrets) {
     terraform_provisioner_src_logger.debug(`Running terraform output in path ${path}`);
@@ -375266,47 +375292,23 @@ async function endDebug(entity) {
 const tp_bridge_TF_PROJECTS_PATH = '/tmp/gh-workspaces';
-const STATE_LOCK_RETRY_ATTEMPTS = 3;
-const STATE_LOCK_RETRY_DELAY_MS = 5000;
-function isStateLockError(error) {
-    const message = String(error);
-    return (message.includes('Error acquiring the state lock') ||
-        message.includes('already locked by another tofu client'));
-}
-async function tp_bridge_sleep(ms) {
-    await new Promise((resolve) => setTimeout(resolve, ms));
-}
-async function runTerraformProvisionerWithLockRetry(entity, command, streaming, customArgs, ctl) {
-    for (let attempt = 1;; attempt++) {
-        try {
-            return await runTerraformProvisioner(tp_bridge_buildContext(entity), command, streaming, customArgs, ctl);
-        }
-        catch (error) {
-            if (!isStateLockError(error) || attempt >= STATE_LOCK_RETRY_ATTEMPTS) {
-                throw error;
-            }
-            gh_provisioner_src_logger.warn(`State lock detected for ${entity.k8sId} while running '${command}'. Retrying in ${STATE_LOCK_RETRY_DELAY_MS}ms (attempt ${attempt + 1}/${STATE_LOCK_RETRY_ATTEMPTS}).`);
-            await tp_bridge_sleep(STATE_LOCK_RETRY_DELAY_MS);
-        }
-    }
-}
 async function runOnTerraform(entity, command, customArgs, opts = {}) {
     gh_provisioner_src_logger.info(`Running on terraform entity '${entity.k8sId}' with command '${command}' customArgs = ${customArgs ? customArgs.join(',') : 'null'} `);
     const streaming = entity.streamTFProvisioner;
     if (command === 'import-with-reimport') {
         // we nuke the tf state
-        await runTerraformProvisionerWithLockRetry(entity, 'destroy-state-only', streaming, customArgs, opts.ctl);
+        await runTerraformProvisioner(tp_bridge_buildContext(entity), 'destroy-state-only', streaming, customArgs, opts.ctl);
         // we get the elements we need to import
         await entity.loadAddressesToImport();
-        return await runTerraformProvisionerWithLockRetry(entity, 'custom-import', streaming, entity.importDocument, opts.ctl);
+        return await runTerraformProvisioner(tp_bridge_buildContext(entity), 'custom-import', streaming, entity.importDocument, opts.ctl);
     }
     else if (command === 'import') {
         // we get the elements we need to import
         await entity.loadAddressesToImport();
-        return await runTerraformProvisionerWithLockRetry(entity, 'custom-import', streaming, entity.importDocument, opts.ctl);
+        return await runTerraformProvisioner(tp_bridge_buildContext(entity), 'custom-import', streaming, entity.importDocument, opts.ctl);
     }
     else {
-        return await runTerraformProvisionerWithLockRetry(entity, command, streaming, customArgs, opts.ctl);
+        return await runTerraformProvisioner(tp_bridge_buildContext(entity), command, streaming, customArgs, opts.ctl);
     }
 }
 function tp_bridge_buildContext(entity) {
@@ -379455,9 +379457,9 @@ const crs_analyzerSubcommand = {
 };
 ;// CONCATENATED MODULE: ./package.json
-const package_namespaceObject = JSON.parse('{"i8":"2.1.0-snapshot"}');
+const package_namespaceObject = {"i8":"2.1.0"};
 ;// CONCATENATED MODULE: ../../package.json
-const package_namespaceObject_1 = {"i8":"2.0.0"};
+const package_namespaceObject_1 = {"i8":"2.1.0"};
 ;// CONCATENATED MODULE: ./src/subcommands/index.ts

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@firestartr/cli",
-  "version": "2.1.0-snapshot",
+  "version": "2.1.0",
   "private": false,
   "description": "Commandline tool",
   "main": "build/main.js",