@geekmidas/cli 0.48.0 → 0.49.0

package/src/deploy/__tests__/__fixtures__/entry-apps/async-entry.ts

@@ -0,0 +1,24 @@
+/**
+ * Entry app fixture with async initialization.
+ * Tests that env vars are captured even with async code paths.
+ */
+import { EnvironmentParser } from '@geekmidas/envkit';
+
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+const _config = new EnvironmentParser(process.env as Record<string, string>)
+	.create((get) => ({
+		port: get('PORT').string().transform(Number),
+		databaseUrl: get('DATABASE_URL').string(),
+	}))
+	.parse();
+
+// Simulate async initialization (fire-and-forget style)
+const init = async () => {
+	await Promise.resolve();
+	// This would normally connect to database, etc.
+};
+
+// Fire-and-forget promise
+init().catch(() => {
+	// Silently ignore - common pattern in entry apps
+});

package/src/deploy/__tests__/__fixtures__/entry-apps/nested-config-entry.ts

@@ -0,0 +1,24 @@
+/**
+ * Entry app fixture with nested configuration.
+ * Tests that nested env var access is tracked correctly.
+ */
+import { EnvironmentParser } from '@geekmidas/envkit';
+
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+const _config = new EnvironmentParser(process.env as Record<string, string>)
+	.create((get) => ({
+		server: {
+			port: get('PORT').string().transform(Number),
+			host: get('HOST').string(),
+		},
+		database: {
+			url: get('DATABASE_URL').string(),
+			poolSize: get('DB_POOL_SIZE').string().transform(Number),
+		},
+		auth: {
+			secret: get('BETTER_AUTH_SECRET').string(),
+			url: get('BETTER_AUTH_URL').string(),
+			trustedOrigins: get('BETTER_AUTH_TRUSTED_ORIGINS').string(),
+		},
+	}))
+	.parse();

package/src/deploy/__tests__/__fixtures__/entry-apps/no-env-entry.ts

@@ -0,0 +1,12 @@
+/**
+ * Entry app fixture that doesn't use any environment variables.
+ * Tests the empty case.
+ */
+
+// Simple app with hardcoded config
+const config = {
+	port: 3000,
+	name: 'static-app',
+};
+
+export default config;

package/src/deploy/__tests__/__fixtures__/entry-apps/simple-entry.ts

@@ -0,0 +1,14 @@
+/**
+ * Simple entry app fixture that uses @geekmidas/envkit.
+ * Used for testing entry app sniffing via subprocess.
+ */
+import { EnvironmentParser } from '@geekmidas/envkit';
+
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+const _config = new EnvironmentParser(process.env as Record<string, string>)
+	.create((get) => ({
+		port: get('PORT').string().transform(Number),
+		databaseUrl: get('DATABASE_URL').string(),
+		redisUrl: get('REDIS_URL').string(),
+	}))
+	.parse();

package/src/deploy/__tests__/__fixtures__/entry-apps/throwing-entry.ts

@@ -0,0 +1,16 @@
+/**
+ * Entry app fixture that throws during initialization.
+ * Tests that env vars are still captured even when the entry throws.
+ */
+import { EnvironmentParser } from '@geekmidas/envkit';
+
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+const _config = new EnvironmentParser(process.env as Record<string, string>)
+	.create((get) => ({
+		port: get('PORT').string().transform(Number),
+		apiKey: get('API_KEY').string(),
+	}))
+	.parse();
+
+// Throw after env vars are accessed
+throw new Error('Initialization failed: Missing required configuration');

package/src/deploy/__tests__/__fixtures__/env-parsers/non-function-export.ts

@@ -0,0 +1,10 @@
+/**
+ * A fixture that exports a non-function for testing error handling.
+ */
+
+// Export a string instead of a function
+export const envParser = 'not a function';
+
+// Default export is also not a function
+const defaultValue = { notAFunction: true };
+export default defaultValue;

package/src/deploy/__tests__/__fixtures__/env-parsers/parseable-env-parser.ts

@@ -0,0 +1,18 @@
+/**
+ * An envParser that returns a config with a parse() method.
+ */
+import type { SnifferEnvironmentParser } from '@geekmidas/envkit/sniffer';
+
+export function envParser(parser: SnifferEnvironmentParser) {
+	// Create a config that will fail on parse() due to missing env vars
+	// This tests the try/catch around result.parse()
+	const config = parser.create((get) => ({
+		port: get('PORT').string(),
+		databaseUrl: get('DATABASE_URL').string(),
+		apiKey: get('API_KEY').string(),
+	}));
+
+	return config;
+}
+
+export default envParser;

package/src/deploy/__tests__/__fixtures__/env-parsers/throwing-env-parser.ts

@@ -0,0 +1,18 @@
+/**
+ * An envParser that accesses some env vars then throws.
+ */
+import type { SnifferEnvironmentParser } from '@geekmidas/envkit/sniffer';
+
+export function envParser(parser: SnifferEnvironmentParser) {
+	const config = parser.create((get) => ({
+		port: get('PORT').string(),
+		apiKey: get('API_KEY').string(),
+	}));
+
+	// Throw after creating the parser but before returning
+	throw new Error('EnvParser initialization failed');
+
+	return config;
+}
+
+export default envParser;

package/src/deploy/__tests__/__fixtures__/env-parsers/valid-env-parser.ts

@@ -0,0 +1,16 @@
+/**
+ * A valid envParser fixture that returns a parseable config.
+ */
+import type { SnifferEnvironmentParser } from '@geekmidas/envkit/sniffer';
+
+export function envParser(parser: SnifferEnvironmentParser) {
+	return parser.create((get) => ({
+		port: get('PORT').string(),
+		database: {
+			url: get('DATABASE_URL').string(),
+			poolSize: get('DB_POOL_SIZE').string(),
+		},
+	}));
+}
+
+export default envParser;

package/src/deploy/__tests__/dns-verification.spec.ts

@@ -0,0 +1,229 @@
+import { describe, expect, it, vi, beforeEach, afterEach } from 'vitest';
+import { createEmptyState, type DokployStageState } from '../state';
+
+// Mock dns/promises lookup
+vi.mock('node:dns/promises', () => ({
+	lookup: vi.fn(),
+}));
+
+// Import after mocking
+import { lookup } from 'node:dns/promises';
+import { verifyDnsRecords, resolveHostnameToIp } from '../dns/index';
+
+describe('resolveHostnameToIp', () => {
+	const mockLookup = vi.mocked(lookup);
+
+	beforeEach(() => {
+		vi.clearAllMocks();
+	});
+
+	it('should resolve hostname to IPv4 address', async () => {
+		mockLookup.mockResolvedValue({ address: '1.2.3.4', family: 4 });
+
+		const ip = await resolveHostnameToIp('example.com');
+
+		expect(ip).toBe('1.2.3.4');
+		expect(mockLookup).toHaveBeenCalledWith('example.com', { family: 4 });
+	});
+
+	it('should throw error when resolution fails', async () => {
+		mockLookup.mockRejectedValue(new Error('NXDOMAIN'));
+
+		await expect(resolveHostnameToIp('invalid.example.com')).rejects.toThrow(
+			'Failed to resolve IP for invalid.example.com: NXDOMAIN',
+		);
+	});
+});
+
+describe('verifyDnsRecords', () => {
+	const mockLookup = vi.mocked(lookup);
+	let state: DokployStageState;
+
+	// Suppress console.log during tests
+	const originalLog = console.log;
+
+	beforeEach(() => {
+		vi.clearAllMocks();
+		state = createEmptyState('production', 'env-123');
+		console.log = vi.fn();
+	});
+
+	afterEach(() => {
+		console.log = originalLog;
+	});
+
+	it('should verify DNS records that resolve correctly', async () => {
+		mockLookup.mockResolvedValue({ address: '1.2.3.4', family: 4 });
+
+		const appHostnames = new Map([
+			['api', 'api.example.com'],
+			['auth', 'auth.example.com'],
+		]);
+
+		const results = await verifyDnsRecords(appHostnames, '1.2.3.4', state);
+
+		expect(results).toHaveLength(2);
+		expect(results[0]).toMatchObject({
+			hostname: 'api.example.com',
+			appName: 'api',
+			verified: true,
+			resolvedIp: '1.2.3.4',
+			expectedIp: '1.2.3.4',
+		});
+		expect(results[1]).toMatchObject({
+			hostname: 'auth.example.com',
+			appName: 'auth',
+			verified: true,
+			resolvedIp: '1.2.3.4',
+			expectedIp: '1.2.3.4',
+		});
+
+		// Should have stored verification in state
+		expect(state.dnsVerified).toBeDefined();
+		expect(state.dnsVerified!['api.example.com']?.serverIp).toBe('1.2.3.4');
+		expect(state.dnsVerified!['auth.example.com']?.serverIp).toBe('1.2.3.4');
+	});
+
+	it('should skip verification for already-verified hostnames', async () => {
+		// Pre-populate state with verified hostname
+		state.dnsVerified = {
+			'api.example.com': {
+				serverIp: '1.2.3.4',
+				verifiedAt: '2024-01-01T00:00:00.000Z',
+			},
+		};
+
+		const appHostnames = new Map([['api', 'api.example.com']]);
+
+		const results = await verifyDnsRecords(appHostnames, '1.2.3.4', state);
+
+		expect(results).toHaveLength(1);
+		expect(results[0]).toMatchObject({
+			hostname: 'api.example.com',
+			appName: 'api',
+			verified: true,
+			skipped: true,
+			expectedIp: '1.2.3.4',
+		});
+
+		// Should NOT have called lookup for cached result
+		expect(mockLookup).not.toHaveBeenCalled();
+	});
+
+	it('should re-verify when server IP changes', async () => {
+		// Pre-populate state with different server IP
+		state.dnsVerified = {
+			'api.example.com': {
+				serverIp: '9.9.9.9',
+				verifiedAt: '2024-01-01T00:00:00.000Z',
+			},
+		};
+
+		mockLookup.mockResolvedValue({ address: '1.2.3.4', family: 4 });
+
+		const appHostnames = new Map([['api', 'api.example.com']]);
+
+		const results = await verifyDnsRecords(appHostnames, '1.2.3.4', state);
+
+		expect(results).toHaveLength(1);
+		expect(results[0]).toMatchObject({
+			hostname: 'api.example.com',
+			appName: 'api',
+			verified: true,
+			resolvedIp: '1.2.3.4',
+		});
+		// Should NOT be skipped (it was re-verified)
+		expect(results[0]?.skipped).toBeUndefined();
+
+		// Should have called lookup since IP changed
+		expect(mockLookup).toHaveBeenCalledTimes(1);
+
+		// Should have updated verification
+		expect(state.dnsVerified!['api.example.com']?.serverIp).toBe('1.2.3.4');
+	});
+
+	it('should handle DNS resolution failure gracefully', async () => {
+		mockLookup.mockRejectedValue(new Error('NXDOMAIN'));
+
+		const appHostnames = new Map([['api', 'api.example.com']]);
+
+		const results = await verifyDnsRecords(appHostnames, '1.2.3.4', state);
+
+		expect(results).toHaveLength(1);
+		expect(results[0]).toMatchObject({
+			hostname: 'api.example.com',
+			appName: 'api',
+			verified: false,
+			expectedIp: '1.2.3.4',
+			error: expect.stringContaining('NXDOMAIN'),
+		});
+
+		// Should NOT have stored verification for failed lookup
+		expect(state.dnsVerified).toBeUndefined();
+	});
+
+	it('should detect when DNS resolves to wrong IP', async () => {
+		mockLookup.mockResolvedValue({ address: '9.9.9.9', family: 4 });
+
+		const appHostnames = new Map([['api', 'api.example.com']]);
+
+		const results = await verifyDnsRecords(appHostnames, '1.2.3.4', state);
+
+		expect(results).toHaveLength(1);
+		expect(results[0]).toMatchObject({
+			hostname: 'api.example.com',
+			appName: 'api',
+			verified: false,
+			resolvedIp: '9.9.9.9',
+			expectedIp: '1.2.3.4',
+		});
+
+		// Should NOT have stored verification for wrong IP
+		expect(state.dnsVerified).toBeUndefined();
+	});
+
+	it('should handle mix of verified, cached, and pending hostnames', async () => {
+		// Pre-populate state with one verified hostname
+		state.dnsVerified = {
+			'cached.example.com': {
+				serverIp: '1.2.3.4',
+				verifiedAt: '2024-01-01T00:00:00.000Z',
+			},
+		};
+
+		mockLookup
+			.mockResolvedValueOnce({ address: '1.2.3.4', family: 4 })
+			.mockRejectedValueOnce(new Error('NXDOMAIN'));
+
+		const appHostnames = new Map([
+			['cached', 'cached.example.com'],
+			['new-verified', 'new.example.com'],
+			['pending', 'pending.example.com'],
+		]);
+
+		const results = await verifyDnsRecords(appHostnames, '1.2.3.4', state);
+
+		expect(results).toHaveLength(3);
+
+		// Cached should be skipped
+		expect(results[0]).toMatchObject({
+			hostname: 'cached.example.com',
+			verified: true,
+			skipped: true,
+		});
+
+		// New should be verified
+		expect(results[1]).toMatchObject({
+			hostname: 'new.example.com',
+			verified: true,
+			resolvedIp: '1.2.3.4',
+		});
+
+		// Pending should fail
+		expect(results[2]).toMatchObject({
+			hostname: 'pending.example.com',
+			verified: false,
+			error: expect.stringContaining('NXDOMAIN'),
+		});
+	});
+});

package/src/deploy/__tests__/dokploy-api.spec.ts

@@ -544,9 +544,8 @@ describe('DokployApi', () => {
 				projectId: 'proj_1',
 				environmentId: 'env_1',
 				appName: 'mydb',
-				databaseName: 'app',
 				databaseUser: 'postgres',
-				dockerImage: 'postgres:16-alpine',
+				dockerImage: 'postgres:18',
 			});
 		});
 
@@ -632,7 +631,7 @@ describe('DokployApi', () => {
 				projectId: 'proj_1',
 				environmentId: 'env_1',
 				appName: 'mycache',
-				dockerImage: 'redis:7-alpine',
+				dockerImage: 'redis:8',
 			});
 		});
 

package/src/deploy/__tests__/domain.spec.ts

@@ -100,9 +100,7 @@ describe('resolveHost', () => {
 });
 
 describe('isMainFrontendApp', () => {
-	const createApp = (
-		type: 'backend' | 'frontend',
-	): NormalizedAppConfig => ({
+	const createApp = (type: 'backend' | 'frontend'): NormalizedAppConfig => ({
 		type,
 		path: 'apps/test',
 		port: 3000,
@@ -145,6 +143,12 @@ describe('isMainFrontendApp', () => {
 		};
 		expect(isMainFrontendApp('admin', apps.admin, apps)).toBe(false);
 	});
+
+	it('should return false when no frontend apps in allApps (edge case)', () => {
+		// Edge case: checking a frontend app against an empty allApps
+		const frontendApp = createApp('frontend');
+		expect(isMainFrontendApp('myapp', frontendApp, {})).toBe(false);
+	});
 });
 
 describe('generatePublicUrlBuildArgs', () => {