@geekmidas/cli 0.53.0 → 1.0.0

package/src/deploy/__tests__/Route53Provider.spec.ts

@@ -0,0 +1,402 @@
+import {
+	ChangeResourceRecordSetsCommand,
+	CreateHostedZoneCommand,
+	DeleteHostedZoneCommand,
+	ListResourceRecordSetsCommand,
+	Route53Client,
+} from '@aws-sdk/client-route-53';
+import {
+	afterAll,
+	afterEach,
+	beforeAll,
+	beforeEach,
+	describe,
+	expect,
+	it,
+} from 'vitest';
+import { Route53Provider } from '../dns/Route53Provider';
+
+/**
+ * Route53Provider Tests
+ *
+ * These tests require LocalStack to be running with Route53 enabled.
+ * Run: docker compose up -d localstack
+ */
+describe('Route53Provider', () => {
+	const LOCALSTACK_ENDPOINT = 'http://localhost:4566';
+	const TEST_DOMAIN = 'test-example.com';
+	let client: Route53Client;
+	let provider: Route53Provider;
+	let hostedZoneId: string;
+
+	beforeAll(async () => {
+		process.env.AWS_ACCESS_KEY_ID = 'test';
+		process.env.AWS_SECRET_ACCESS_KEY = 'test';
+		process.env.AWS_REGION = 'us-east-1';
+
+		client = new Route53Client({
+			region: 'us-east-1',
+			endpoint: LOCALSTACK_ENDPOINT,
+			credentials: {
+				accessKeyId: 'test',
+				secretAccessKey: 'test',
+			},
+		});
+
+		// Create a hosted zone for testing
+		const createResponse = await client.send(
+			new CreateHostedZoneCommand({
+				Name: TEST_DOMAIN,
+				CallerReference: `test-${Date.now()}`,
+			}),
+		);
+
+		hostedZoneId = createResponse.HostedZone!.Id!.replace('/hostedzone/', '');
+	});
+
+	beforeEach(() => {
+		provider = new Route53Provider({
+			endpoint: LOCALSTACK_ENDPOINT,
+			hostedZoneId,
+		});
+	});
+
+	afterEach(async () => {
+		// Clean up any test records (excluding NS and SOA which are auto-created)
+		try {
+			const response = await client.send(
+				new ListResourceRecordSetsCommand({
+					HostedZoneId: hostedZoneId,
+				}),
+			);
+
+			const recordsToDelete = (response.ResourceRecordSets ?? []).filter(
+				(record) => record.Type !== 'NS' && record.Type !== 'SOA',
+			);
+
+			if (recordsToDelete.length > 0) {
+				await client.send(
+					new ChangeResourceRecordSetsCommand({
+						HostedZoneId: hostedZoneId,
+						ChangeBatch: {
+							Changes: recordsToDelete.map((record) => ({
+								Action: 'DELETE',
+								ResourceRecordSet: record,
+							})),
+						},
+					}),
+				);
+			}
+		} catch {
+			// Ignore errors during cleanup
+		}
+	});
+
+	afterAll(async () => {
+		// Delete the hosted zone - need to remove all non-default records first
+		try {
+			const response = await client.send(
+				new ListResourceRecordSetsCommand({
+					HostedZoneId: hostedZoneId,
+				}),
+			);
+
+			const recordsToDelete = (response.ResourceRecordSets ?? []).filter(
+				(record) => record.Type !== 'NS' && record.Type !== 'SOA',
+			);
+
+			if (recordsToDelete.length > 0) {
+				await client.send(
+					new ChangeResourceRecordSetsCommand({
+						HostedZoneId: hostedZoneId,
+						ChangeBatch: {
+							Changes: recordsToDelete.map((record) => ({
+								Action: 'DELETE',
+								ResourceRecordSet: record,
+							})),
+						},
+					}),
+				);
+			}
+
+			await client.send(
+				new DeleteHostedZoneCommand({
+					Id: hostedZoneId,
+				}),
+			);
+		} catch {
+			// Ignore cleanup errors
+		}
+
+		client.destroy();
+	});
+
+	describe('name', () => {
+		it('should have name "route53"', () => {
+			expect(provider.name).toBe('route53');
+		});
+	});
+
+	describe('getRecords', () => {
+		it('should return empty array for domain with no custom records', async () => {
+			const records = await provider.getRecords(TEST_DOMAIN);
+
+			// Should be empty - NS and SOA are filtered out
+			expect(records).toEqual([]);
+		});
+
+		it('should return A records', async () => {
+			// Create a test record (use UPSERT to handle idempotency)
+			await client.send(
+				new ChangeResourceRecordSetsCommand({
+					HostedZoneId: hostedZoneId,
+					ChangeBatch: {
+						Changes: [
+							{
+								Action: 'UPSERT',
+								ResourceRecordSet: {
+									Name: `api.${TEST_DOMAIN}`,
+									Type: 'A',
+									TTL: 300,
+									ResourceRecords: [{ Value: '1.2.3.4' }],
+								},
+							},
+						],
+					},
+				}),
+			);
+
+			const records = await provider.getRecords(TEST_DOMAIN);
+
+			expect(records).toHaveLength(1);
+			expect(records[0]).toEqual({
+				name: 'api',
+				type: 'A',
+				ttl: 300,
+				values: ['1.2.3.4'],
+			});
+		});
+
+		it('should handle root domain records (@)', async () => {
+			// Create a root domain record (use UPSERT to handle idempotency)
+			await client.send(
+				new ChangeResourceRecordSetsCommand({
+					HostedZoneId: hostedZoneId,
+					ChangeBatch: {
+						Changes: [
+							{
+								Action: 'UPSERT',
+								ResourceRecordSet: {
+									Name: TEST_DOMAIN,
+									Type: 'A',
+									TTL: 300,
+									ResourceRecords: [{ Value: '1.2.3.4' }],
+								},
+							},
+						],
+					},
+				}),
+			);
+
+			const records = await provider.getRecords(TEST_DOMAIN);
+
+			expect(records).toHaveLength(1);
+			expect(records[0]?.name).toBe('@');
+		});
+
+		it('should return multiple records', async () => {
+			// Create multiple test records (use UPSERT to handle idempotency)
+			await client.send(
+				new ChangeResourceRecordSetsCommand({
+					HostedZoneId: hostedZoneId,
+					ChangeBatch: {
+						Changes: [
+							{
+								Action: 'UPSERT',
+								ResourceRecordSet: {
+									Name: `api.${TEST_DOMAIN}`,
+									Type: 'A',
+									TTL: 300,
+									ResourceRecords: [{ Value: '1.2.3.4' }],
+								},
+							},
+							{
+								Action: 'UPSERT',
+								ResourceRecordSet: {
+									Name: `www.${TEST_DOMAIN}`,
+									Type: 'CNAME',
+									TTL: 300,
+									ResourceRecords: [{ Value: TEST_DOMAIN }],
+								},
+							},
+						],
+					},
+				}),
+			);
+
+			const records = await provider.getRecords(TEST_DOMAIN);
+
+			expect(records).toHaveLength(2);
+			expect(records.find((r) => r.name === 'api')).toBeDefined();
+			expect(records.find((r) => r.name === 'www')).toBeDefined();
+		});
+	});
+
+	describe('upsertRecords', () => {
+		it('should create new records', async () => {
+			const results = await provider.upsertRecords(TEST_DOMAIN, [
+				{ name: 'api', type: 'A', ttl: 300, value: '1.2.3.4' },
+			]);
+
+			expect(results).toHaveLength(1);
+			expect(results[0]).toEqual({
+				record: { name: 'api', type: 'A', ttl: 300, value: '1.2.3.4' },
+				created: true,
+				unchanged: false,
+			});
+
+			// Verify record was created
+			const records = await provider.getRecords(TEST_DOMAIN);
+			expect(records.find((r) => r.name === 'api')).toBeDefined();
+		});
+
+		it('should handle root domain records (@)', async () => {
+			const results = await provider.upsertRecords(TEST_DOMAIN, [
+				{ name: '@', type: 'A', ttl: 300, value: '1.2.3.4' },
+			]);
+
+			expect(results).toHaveLength(1);
+			expect(results[0]?.created).toBe(true);
+
+			// Verify record was created at root
+			const records = await provider.getRecords(TEST_DOMAIN);
+			expect(records.find((r) => r.name === '@')).toBeDefined();
+		});
+
+		it('should mark unchanged when record exists with same value', async () => {
+			// Create initial record (use UPSERT to handle idempotency)
+			await client.send(
+				new ChangeResourceRecordSetsCommand({
+					HostedZoneId: hostedZoneId,
+					ChangeBatch: {
+						Changes: [
+							{
+								Action: 'UPSERT',
+								ResourceRecordSet: {
+									Name: `api.${TEST_DOMAIN}`,
+									Type: 'A',
+									TTL: 300,
+									ResourceRecords: [{ Value: '1.2.3.4' }],
+								},
+							},
+						],
+					},
+				}),
+			);
+
+			const results = await provider.upsertRecords(TEST_DOMAIN, [
+				{ name: 'api', type: 'A', ttl: 300, value: '1.2.3.4' },
+			]);
+
+			expect(results).toHaveLength(1);
+			expect(results[0]).toEqual({
+				record: { name: 'api', type: 'A', ttl: 300, value: '1.2.3.4' },
+				created: false,
+				unchanged: true,
+			});
+		});
+
+		it('should update record when value changes', async () => {
+			// Create initial record (use UPSERT to handle idempotency)
+			await client.send(
+				new ChangeResourceRecordSetsCommand({
+					HostedZoneId: hostedZoneId,
+					ChangeBatch: {
+						Changes: [
+							{
+								Action: 'UPSERT',
+								ResourceRecordSet: {
+									Name: `api.${TEST_DOMAIN}`,
+									Type: 'A',
+									TTL: 300,
+									ResourceRecords: [{ Value: '1.2.3.4' }],
+								},
+							},
+						],
+					},
+				}),
+			);
+
+			const results = await provider.upsertRecords(TEST_DOMAIN, [
+				{ name: 'api', type: 'A', ttl: 300, value: '5.6.7.8' },
+			]);
+
+			expect(results).toHaveLength(1);
+			expect(results[0]).toEqual({
+				record: { name: 'api', type: 'A', ttl: 300, value: '5.6.7.8' },
+				created: false,
+				unchanged: false,
+			});
+
+			// Verify record was updated
+			const records = await provider.getRecords(TEST_DOMAIN);
+			const apiRecord = records.find((r) => r.name === 'api');
+			expect(apiRecord?.values[0]).toBe('5.6.7.8');
+		});
+
+		it('should handle multiple records with mixed states', async () => {
+			// Create initial record (use UPSERT to handle idempotency)
+			await client.send(
+				new ChangeResourceRecordSetsCommand({
+					HostedZoneId: hostedZoneId,
+					ChangeBatch: {
+						Changes: [
+							{
+								Action: 'UPSERT',
+								ResourceRecordSet: {
+									Name: `api.${TEST_DOMAIN}`,
+									Type: 'A',
+									TTL: 300,
+									ResourceRecords: [{ Value: '1.2.3.4' }],
+								},
+							},
+						],
+					},
+				}),
+			);
+
+			const results = await provider.upsertRecords(TEST_DOMAIN, [
+				{ name: 'api', type: 'A', ttl: 300, value: '1.2.3.4' }, // Unchanged
+				{ name: 'www', type: 'A', ttl: 300, value: '1.2.3.4' }, // New
+			]);
+
+			expect(results).toHaveLength(2);
+			expect(results[0]?.unchanged).toBe(true);
+			expect(results[1]?.created).toBe(true);
+		});
+	});
+
+	describe('hosted zone auto-detection', () => {
+		it('should auto-detect hosted zone from domain', async () => {
+			// Create provider without hostedZoneId
+			const autoProvider = new Route53Provider({
+				endpoint: LOCALSTACK_ENDPOINT,
+			});
+
+			const records = await autoProvider.getRecords(TEST_DOMAIN);
+
+			// Should work without error
+			expect(Array.isArray(records)).toBe(true);
+		});
+
+		it('should throw error when hosted zone not found', async () => {
+			const autoProvider = new Route53Provider({
+				endpoint: LOCALSTACK_ENDPOINT,
+			});
+
+			await expect(
+				autoProvider.getRecords('nonexistent-domain.com'),
+			).rejects.toThrow('No hosted zone found for domain');
+		});
+	});
+});

package/src/deploy/__tests__/SSMStateProvider.spec.ts

@@ -0,0 +1,177 @@
+import {
+	DeleteParameterCommand,
+	GetParameterCommand,
+	PutParameterCommand,
+	SSMClient,
+} from '@aws-sdk/client-ssm';
+import {
+	afterAll,
+	afterEach,
+	beforeAll,
+	beforeEach,
+	describe,
+	expect,
+	it,
+} from 'vitest';
+import { SSMStateProvider } from '../SSMStateProvider';
+import type { DokployStageState } from '../state';
+
+/**
+ * SSMStateProvider Tests
+ *
+ * These tests require LocalStack to be running with SSM enabled.
+ * Run: docker compose up -d localstack
+ */
+describe('SSMStateProvider', () => {
+	const LOCALSTACK_ENDPOINT = 'http://localhost:4566';
+	let client: SSMClient;
+	let provider: SSMStateProvider;
+	const workspaceName = 'test-workspace';
+	const testStage = 'test-stage';
+
+	beforeAll(() => {
+		process.env.AWS_ACCESS_KEY_ID = 'test';
+		process.env.AWS_SECRET_ACCESS_KEY = 'test';
+	});
+
+	beforeEach(() => {
+		client = new SSMClient({
+			region: 'us-east-1',
+			endpoint: LOCALSTACK_ENDPOINT,
+			credentials: {
+				accessKeyId: 'test',
+				secretAccessKey: 'test',
+			},
+		});
+
+		provider = new SSMStateProvider({
+			workspaceName,
+			region: 'us-east-1',
+		});
+
+		// Override the client's endpoint for localstack
+		// @ts-expect-error - accessing private property for testing
+		provider.client = client;
+	});
+
+	afterEach(async () => {
+		try {
+			await client.send(
+				new DeleteParameterCommand({
+					Name: `/gkm/${workspaceName}/${testStage}/state`,
+				}),
+			);
+		} catch {
+			// Ignore if parameter doesn't exist
+		}
+	});
+
+	afterAll(() => {
+		client.destroy();
+	});
+
+	describe('read', () => {
+		it('should return null when parameter does not exist', async () => {
+			const state = await provider.read('nonexistent-stage');
+			expect(state).toBeNull();
+		});
+
+		it('should read existing parameter', async () => {
+			const stateData: DokployStageState = {
+				provider: 'dokploy',
+				stage: testStage,
+				environmentId: 'env_123',
+				applications: { api: 'app_123' },
+				services: { postgresId: 'pg_123' },
+				lastDeployedAt: '2024-01-01T00:00:00.000Z',
+			};
+
+			await client.send(
+				new PutParameterCommand({
+					Name: `/gkm/${workspaceName}/${testStage}/state`,
+					Value: JSON.stringify(stateData),
+					Type: 'SecureString',
+					Overwrite: true,
+				}),
+			);
+
+			const state = await provider.read(testStage);
+			expect(state).toEqual(stateData);
+		});
+	});
+
+	describe('write', () => {
+		it('should create new parameter', async () => {
+			const state: DokployStageState = {
+				provider: 'dokploy',
+				stage: testStage,
+				environmentId: 'env_123',
+				applications: { api: 'app_123' },
+				services: {},
+				lastDeployedAt: '2024-01-01T00:00:00.000Z',
+			};
+
+			await provider.write(testStage, state);
+
+			const response = await client.send(
+				new GetParameterCommand({
+					Name: `/gkm/${workspaceName}/${testStage}/state`,
+					WithDecryption: true,
+				}),
+			);
+
+			const stored = JSON.parse(response.Parameter!.Value!);
+			expect(stored.applications).toEqual({ api: 'app_123' });
+		});
+
+		it('should update existing parameter', async () => {
+			const state1: DokployStageState = {
+				provider: 'dokploy',
+				stage: testStage,
+				environmentId: 'env_123',
+				applications: { api: 'app_old' },
+				services: {},
+				lastDeployedAt: '2024-01-01T00:00:00.000Z',
+			};
+
+			const state2: DokployStageState = {
+				provider: 'dokploy',
+				stage: testStage,
+				environmentId: 'env_123',
+				applications: { api: 'app_new' },
+				services: {},
+				lastDeployedAt: '2024-01-01T00:00:00.000Z',
+			};
+
+			await provider.write(testStage, state1);
+			await provider.write(testStage, state2);
+
+			const response = await client.send(
+				new GetParameterCommand({
+					Name: `/gkm/${workspaceName}/${testStage}/state`,
+					WithDecryption: true,
+				}),
+			);
+
+			const stored = JSON.parse(response.Parameter!.Value!);
+			expect(stored.applications.api).toBe('app_new');
+		});
+
+		it('should update lastDeployedAt timestamp', async () => {
+			const state: DokployStageState = {
+				provider: 'dokploy',
+				stage: testStage,
+				environmentId: 'env_123',
+				applications: {},
+				services: {},
+				lastDeployedAt: '2024-01-01T00:00:00.000Z',
+			};
+
+			const originalTimestamp = state.lastDeployedAt;
+			await new Promise((resolve) => setTimeout(resolve, 10));
+			await provider.write(testStage, state);
+
+			expect(state.lastDeployedAt).not.toBe(originalTimestamp);
+		});
+	});
+});

package/src/deploy/__tests__/__fixtures__/env-parsers/throwing-env-parser.ts

@@ -4,15 +4,13 @@
 import type { SnifferEnvironmentParser } from '@geekmidas/envkit/sniffer';
 
 export function envParser(parser: SnifferEnvironmentParser) {
-	const config = parser.create((get) => ({
+	const _config = parser.create((get) => ({
 		port: get('PORT').string(),
 		apiKey: get('API_KEY').string(),
 	}));
 
 	// Throw after creating the parser but before returning
 	throw new Error('EnvParser initialization failed');
-
-	return config;
 }
 
 export default envParser;

package/src/deploy/__tests__/__fixtures__/route-apps/endpoints/auth.ts

@@ -0,0 +1,16 @@
+/**
+ * Test endpoint with multiple services.
+ * getEnvironment() should return ['AUTH_SECRET', 'AUTH_URL', 'DATABASE_URL', 'DB_POOL_SIZE'].
+ */
+import { e } from '@geekmidas/constructs/endpoints';
+import { z } from 'zod';
+import { authService, databaseService } from '../services';
+
+export const login = e
+	.services([databaseService, authService])
+	.post('/auth/login')
+	.body(z.object({ email: z.string(), password: z.string() }))
+	.output(z.object({ token: z.string() }))
+	.handle(async () => {
+		return { token: 'test-token' };
+	});

package/src/deploy/__tests__/__fixtures__/route-apps/endpoints/health.ts

@@ -0,0 +1,13 @@
+/**
+ * Test endpoint without any services.
+ * getEnvironment() should return [].
+ */
+import { e } from '@geekmidas/constructs/endpoints';
+import { z } from 'zod';
+
+export const healthCheck = e
+	.get('/health')
+	.output(z.object({ status: z.string() }))
+	.handle(async () => {
+		return { status: 'ok' };
+	});

package/src/deploy/__tests__/__fixtures__/route-apps/endpoints/users.ts

@@ -0,0 +1,15 @@
+/**
+ * Test endpoint with database service.
+ * getEnvironment() should return ['DATABASE_URL', 'DB_POOL_SIZE'].
+ */
+import { e } from '@geekmidas/constructs/endpoints';
+import { z } from 'zod';
+import { databaseService } from '../services';
+
+export const getUsers = e
+	.services([databaseService])
+	.get('/users')
+	.output(z.array(z.object({ id: z.string(), name: z.string() })))
+	.handle(async () => {
+		return [{ id: '1', name: 'Test User' }];
+	});

package/src/deploy/__tests__/__fixtures__/route-apps/services.ts

@@ -0,0 +1,55 @@
+/**
+ * Test services for route-based app sniffing fixtures.
+ * These services access environment variables via envParser.create().
+ */
+import type { EnvironmentParser } from '@geekmidas/envkit';
+
+// Simple Service type for test fixtures (avoids importing @geekmidas/services)
+type TestService<TName extends string, TInstance> = {
+	serviceName: TName;
+	register(ctx: {
+		envParser: EnvironmentParser<Record<string, string | undefined>>;
+	}): Promise<TInstance>;
+};
+
+// Database service - requires DATABASE_URL
+export const databaseService: TestService<'database', { url: string }> = {
+	serviceName: 'database' as const,
+	async register({ envParser }) {
+		const config = envParser
+			.create((get) => ({
+				url: get('DATABASE_URL').string(),
+				poolSize: get('DB_POOL_SIZE').string().transform(Number).optional(),
+			}))
+			.parse();
+		return { url: config.url };
+	},
+};
+
+// Cache service - requires REDIS_URL
+export const cacheService: TestService<'cache', { url: string }> = {
+	serviceName: 'cache' as const,
+	async register({ envParser }) {
+		const config = envParser
+			.create((get) => ({
+				url: get('REDIS_URL').string(),
+			}))
+			.parse();
+		return { url: config.url };
+	},
+};
+
+// Auth service - requires AUTH_SECRET and AUTH_URL
+export const authService: TestService<'auth', { secret: string; url: string }> =
+	{
+		serviceName: 'auth' as const,
+		async register({ envParser }) {
+			const config = envParser
+				.create((get) => ({
+					secret: get('AUTH_SECRET').string(),
+					url: get('AUTH_URL').string(),
+				}))
+				.parse();
+			return { secret: config.secret, url: config.url };
+		},
+	};