@geekmidas/cli 0.54.0 → 1.0.0

package/src/deploy/__tests__/state.spec.ts

@@ -2,6 +2,7 @@ import { mkdir, readFile, rm, writeFile } from 'node:fs/promises';
 import { tmpdir } from 'node:os';
 import { join } from 'node:path';
 import { afterEach, beforeEach, describe, expect, it } from 'vitest';
+import type { DokployStageState } from '../state';
 import {
 	createEmptyState,
 	getAllAppCredentials,
@@ -24,7 +25,6 @@ import {
 	setRedisId,
 	writeStageState,
 } from '../state';
-import type { DokployStageState } from '../state';
 
 describe('state management', () => {
 	let testDir: string;
@@ -423,7 +423,9 @@ describe('state management', () => {
 				lastDeployedAt: '2024-01-01T00:00:00.000Z',
 			};
 
-			expect(getGeneratedSecret(state, 'api', 'BETTER_AUTH_SECRET')).toBeUndefined();
+			expect(
+				getGeneratedSecret(state, 'api', 'BETTER_AUTH_SECRET'),
+			).toBeUndefined();
 		});
 
 		it('should return undefined when secret name not found', () => {
@@ -445,11 +447,15 @@ describe('state management', () => {
 		it('should return undefined when no generatedSecrets', () => {
 			const state = createEmptyState('production', 'env_123');
 
-			expect(getGeneratedSecret(state, 'auth', 'BETTER_AUTH_SECRET')).toBeUndefined();
+			expect(
+				getGeneratedSecret(state, 'auth', 'BETTER_AUTH_SECRET'),
+			).toBeUndefined();
 		});
 
 		it('should return undefined when state is null', () => {
-			expect(getGeneratedSecret(null, 'auth', 'BETTER_AUTH_SECRET')).toBeUndefined();
+			expect(
+				getGeneratedSecret(null, 'auth', 'BETTER_AUTH_SECRET'),
+			).toBeUndefined();
 		});
 	});
 
@@ -459,7 +465,9 @@ describe('state management', () => {
 
 			setGeneratedSecret(state, 'auth', 'BETTER_AUTH_SECRET', 'secret123');
 
-			expect(state.generatedSecrets?.auth?.BETTER_AUTH_SECRET).toBe('secret123');
+			expect(state.generatedSecrets?.auth?.BETTER_AUTH_SECRET).toBe(
+				'secret123',
+			);
 		});
 
 		it('should initialize generatedSecrets if not exists', () => {

package/src/deploy/dns/DnsProvider.ts

@@ -0,0 +1,163 @@
+/**
+ * DNS Provider Interface
+ *
+ * Abstracts DNS operations for different providers.
+ * Built-in providers: HostingerProvider, Route53Provider
+ * Users can also supply custom implementations.
+ */
+
+import type { z } from 'zod/v4';
+import type {
+	CloudflareDnsProviderSchema,
+	CustomDnsProviderSchema,
+	DnsProviderSchema,
+	DnsRecordSchema,
+	DnsRecordTypeSchema,
+	HostingerDnsProviderSchema,
+	ManualDnsProviderSchema,
+	Route53DnsProviderSchema,
+	UpsertDnsRecordSchema,
+	UpsertResultSchema,
+} from '../../workspace/schema';
+
+// =============================================================================
+// DNS Record Types (derived from Zod schemas)
+// =============================================================================
+
+/**
+ * DNS record types supported across providers.
+ */
+export type DnsRecordType = z.infer<typeof DnsRecordTypeSchema>;
+
+/**
+ * A DNS record as returned by the provider.
+ */
+export type DnsRecord = z.infer<typeof DnsRecordSchema>;
+
+/**
+ * A DNS record to create or update.
+ */
+export type UpsertDnsRecord = z.infer<typeof UpsertDnsRecordSchema>;
+
+/**
+ * Result of an upsert operation.
+ */
+export type UpsertResult = z.infer<typeof UpsertResultSchema>;
+
+// =============================================================================
+// DNS Provider Interface
+// =============================================================================
+
+/**
+ * Interface for DNS providers.
+ *
+ * Implementations must handle:
+ * - Getting all records for a domain
+ * - Creating or updating records for a domain
+ */
+export interface DnsProvider {
+	/** Provider name for logging */
+	readonly name: string;
+
+	/**
+	 * Get all DNS records for a domain.
+	 *
+	 * @param domain - Root domain (e.g., 'example.com')
+	 * @returns Array of DNS records
+	 */
+	getRecords(domain: string): Promise<DnsRecord[]>;
+
+	/**
+	 * Create or update DNS records.
+	 *
+	 * @param domain - Root domain (e.g., 'example.com')
+	 * @param records - Records to create or update
+	 * @returns Results of the upsert operations
+	 */
+	upsertRecords(
+		domain: string,
+		records: UpsertDnsRecord[],
+	): Promise<UpsertResult[]>;
+}
+
+// =============================================================================
+// DNS Provider Config Types (derived from Zod schemas)
+// =============================================================================
+
+export type HostingerDnsConfig = z.infer<typeof HostingerDnsProviderSchema>;
+export type Route53DnsConfig = z.infer<typeof Route53DnsProviderSchema>;
+export type CloudflareDnsConfig = z.infer<typeof CloudflareDnsProviderSchema>;
+export type ManualDnsConfig = z.infer<typeof ManualDnsProviderSchema>;
+export type CustomDnsConfig = z.infer<typeof CustomDnsProviderSchema>;
+/** Single DNS provider config (for one domain) */
+export type DnsConfig = z.infer<typeof DnsProviderSchema>;
+
+// =============================================================================
+// DNS Provider Factory
+// =============================================================================
+
+/**
+ * Check if value is a DnsProvider implementation.
+ */
+export function isDnsProvider(value: unknown): value is DnsProvider {
+	return (
+		typeof value === 'object' &&
+		value !== null &&
+		typeof (value as DnsProvider).name === 'string' &&
+		typeof (value as DnsProvider).getRecords === 'function' &&
+		typeof (value as DnsProvider).upsertRecords === 'function'
+	);
+}
+
+export interface CreateDnsProviderOptions {
+	/** DNS config from workspace */
+	config: DnsConfig;
+}
+
+/**
+ * Create a DNS provider based on configuration.
+ *
+ * - 'hostinger': HostingerProvider
+ * - 'route53': Route53Provider
+ * - 'manual': Returns null (user handles DNS)
+ * - Custom: Use provided DnsProvider implementation
+ */
+export async function createDnsProvider(
+	options: CreateDnsProviderOptions,
+): Promise<DnsProvider | null> {
+	const { config } = options;
+
+	// Manual mode - no provider needed
+	if (config.provider === 'manual') {
+		return null;
+	}
+
+	// Custom provider implementation
+	if (isDnsProvider(config.provider)) {
+		return config.provider;
+	}
+
+	// Built-in providers
+	const provider = config.provider;
+
+	if (provider === 'hostinger') {
+		const { HostingerProvider } = await import('./HostingerProvider');
+		return new HostingerProvider();
+	}
+
+	if (provider === 'route53') {
+		const { Route53Provider } = await import('./Route53Provider');
+		const route53Config = config as Route53DnsConfig;
+		return new Route53Provider({
+			region: route53Config.region,
+			profile: route53Config.profile,
+			hostedZoneId: route53Config.hostedZoneId,
+		});
+	}
+
+	if (provider === 'cloudflare') {
+		throw new Error('Cloudflare DNS provider not yet implemented');
+	}
+
+	throw new Error(`Unknown DNS provider: ${JSON.stringify(config)}`);
+}

package/src/deploy/dns/HostingerProvider.ts

@@ -0,0 +1,100 @@
+/**
+ * Hostinger DNS Provider
+ *
+ * Implements DnsProvider interface using the Hostinger DNS API.
+ */
+
+import { getHostingerToken } from '../../auth/credentials';
+import type {
+	DnsProvider,
+	DnsRecord,
+	UpsertDnsRecord,
+	UpsertResult,
+} from './DnsProvider';
+import { HostingerApi } from './hostinger-api';
+
+/**
+ * Hostinger DNS provider implementation.
+ */
+export class HostingerProvider implements DnsProvider {
+	readonly name = 'hostinger';
+	private api: HostingerApi | null = null;
+
+	/**
+	 * Get or create the Hostinger API client.
+	 */
+	private async getApi(): Promise<HostingerApi> {
+		if (this.api) {
+			return this.api;
+		}
+
+		const token = await getHostingerToken();
+		if (!token) {
+			throw new Error(
+				'Hostinger API token not configured. Run `gkm login --service=hostinger` or get your token from https://hpanel.hostinger.com/profile/api',
+			);
+		}
+
+		this.api = new HostingerApi(token);
+		return this.api;
+	}
+
+	async getRecords(domain: string): Promise<DnsRecord[]> {
+		const api = await this.getApi();
+		const records = await api.getRecords(domain);
+
+		return records.map((r) => ({
+			name: r.name,
+			type: r.type,
+			ttl: r.ttl,
+			values: r.records.map((rec) => rec.content),
+		}));
+	}
+
+	async upsertRecords(
+		domain: string,
+		records: UpsertDnsRecord[],
+	): Promise<UpsertResult[]> {
+		const api = await this.getApi();
+		const results: UpsertResult[] = [];
+
+		// Get existing records to check what already exists
+		const existingRecords = await api.getRecords(domain);
+
+		for (const record of records) {
+			const existing = existingRecords.find(
+				(r) => r.name === record.name && r.type === record.type,
+			);
+
+			const existingValue = existing?.records?.[0]?.content;
+
+			if (existing && existingValue === record.value) {
+				// Record exists with same value - unchanged
+				results.push({
+					record,
+					created: false,
+					unchanged: true,
+				});
+				continue;
+			}
+
+			// Create or update the record
+			await api.upsertRecords(domain, [
+				{
+					name: record.name,
+					type: record.type,
+					ttl: record.ttl,
+					records: [{ content: record.value }],
+				},
+			]);
+
+			results.push({
+				record,
+				created: !existing,
+				unchanged: false,
+			});
+		}
+
+		return results;
+	}
+}

package/src/deploy/dns/Route53Provider.ts

@@ -0,0 +1,256 @@
+/**
+ * Route53 DNS Provider
+ *
+ * Implements DnsProvider interface using AWS Route53.
+ */
+
+import {
+	ChangeResourceRecordSetsCommand,
+	ListHostedZonesByNameCommand,
+	ListResourceRecordSetsCommand,
+	Route53Client,
+	type RRType,
+} from '@aws-sdk/client-route-53';
+import { fromIni } from '@aws-sdk/credential-providers';
+import type {
+	DnsProvider,
+	DnsRecord,
+	DnsRecordType,
+	UpsertDnsRecord,
+	UpsertResult,
+} from './DnsProvider';
+
+export interface Route53ProviderOptions {
+	/** AWS region (optional - uses AWS_REGION env var if not provided) */
+	region?: string;
+	/** AWS profile name (optional - uses default credential chain if not provided) */
+	profile?: string;
+	/** Hosted zone ID (optional - auto-detected from domain if not provided) */
+	hostedZoneId?: string;
+	/** Custom endpoint for testing with localstack */
+	endpoint?: string;
+}
+
+/**
+ * Route53 DNS provider implementation.
+ *
+ * Uses AWS default credential chain for authentication.
+ * Region can be specified or will use AWS_REGION/AWS_DEFAULT_REGION env vars.
+ * Profile can be specified to use a named profile from ~/.aws/credentials.
+ */
+export class Route53Provider implements DnsProvider {
+	readonly name = 'route53';
+	private client: Route53Client;
+	private hostedZoneId?: string;
+	private hostedZoneCache: Map<string, string> = new Map();
+
+	constructor(options: Route53ProviderOptions = {}) {
+		this.client = new Route53Client({
+			...(options.region && { region: options.region }),
+			...(options.endpoint && { endpoint: options.endpoint }),
+			...(options.profile && {
+				credentials: fromIni({ profile: options.profile }),
+			}),
+		});
+		this.hostedZoneId = options.hostedZoneId;
+	}
+
+	/**
+	 * Get the hosted zone ID for a domain.
+	 * Uses cache to avoid repeated API calls.
+	 */
+	private async getHostedZoneId(domain: string): Promise<string> {
+		// Use configured zone ID if provided
+		if (this.hostedZoneId) {
+			return this.hostedZoneId;
+		}
+
+		// Check cache
+		if (this.hostedZoneCache.has(domain)) {
+			return this.hostedZoneCache.get(domain)!;
+		}
+
+		// Auto-detect from domain
+		const command = new ListHostedZonesByNameCommand({
+			DNSName: domain,
+			MaxItems: 1,
+		});
+
+		const response = await this.client.send(command);
+		const zones = response.HostedZones ?? [];
+
+		// Find exact match (domain with trailing dot)
+		const normalizedDomain = domain.endsWith('.') ? domain : `${domain}.`;
+		const zone = zones.find((z) => z.Name === normalizedDomain);
+
+		if (!zone?.Id) {
+			throw new Error(
+				`No hosted zone found for domain: ${domain}. Create one in Route53 or provide hostedZoneId in config.`,
+			);
+		}
+
+		// Zone ID comes as "/hostedzone/Z1234567890" - extract just the ID
+		const zoneId = zone.Id.replace('/hostedzone/', '');
+		this.hostedZoneCache.set(domain, zoneId);
+		return zoneId;
+	}
+
+	/**
+	 * Convert Route53 record type to our DnsRecordType.
+	 * Excludes NS and SOA which are auto-managed by Route53 for the zone.
+	 */
+	private toRecordType(type: string): DnsRecordType | null {
+		// Exclude NS and SOA which are auto-managed zone records
+		const managedTypes = ['NS', 'SOA'];
+		if (managedTypes.includes(type)) {
+			return null;
+		}
+
+		const validTypes: DnsRecordType[] = [
+			'A',
+			'AAAA',
+			'CNAME',
+			'MX',
+			'TXT',
+			'SRV',
+			'CAA',
+		];
+		return validTypes.includes(type as DnsRecordType)
+			? (type as DnsRecordType)
+			: null;
+	}
+
+	/**
+	 * Extract subdomain from full record name relative to domain.
+	 */
+	private extractSubdomain(recordName: string, domain: string): string {
+		const normalizedDomain = domain.endsWith('.') ? domain : `${domain}.`;
+		const normalizedName = recordName.endsWith('.')
+			? recordName
+			: `${recordName}.`;
+
+		if (normalizedName === normalizedDomain) {
+			return '@';
+		}
+
+		// Remove the domain suffix
+		const subdomain = normalizedName.replace(`.${normalizedDomain}`, '');
+		return subdomain.replace(/\.$/, ''); // Remove trailing dot if any
+	}
+
+	async getRecords(domain: string): Promise<DnsRecord[]> {
+		const zoneId = await this.getHostedZoneId(domain);
+		const records: DnsRecord[] = [];
+
+		let nextRecordName: string | undefined;
+		let nextRecordType: RRType | undefined;
+
+		// Paginate through all records
+		do {
+			const command = new ListResourceRecordSetsCommand({
+				HostedZoneId: zoneId,
+				StartRecordName: nextRecordName,
+				StartRecordType: nextRecordType,
+				MaxItems: 100,
+			});
+
+			const response = await this.client.send(command);
+
+			for (const recordSet of response.ResourceRecordSets ?? []) {
+				const type = this.toRecordType(recordSet.Type ?? '');
+				if (!type || !recordSet.Name) continue;
+
+				const values = (recordSet.ResourceRecords ?? [])
+					.map((r) => r.Value)
+					.filter((v): v is string => !!v);
+
+				records.push({
+					name: this.extractSubdomain(recordSet.Name, domain),
+					type,
+					ttl: recordSet.TTL ?? 300,
+					values,
+				});
+			}
+
+			if (response.IsTruncated) {
+				nextRecordName = response.NextRecordName;
+				nextRecordType = response.NextRecordType;
+			} else {
+				nextRecordName = undefined;
+			}
+		} while (nextRecordName);
+
+		return records;
+	}
+
+	async upsertRecords(
+		domain: string,
+		records: UpsertDnsRecord[],
+	): Promise<UpsertResult[]> {
+		const zoneId = await this.getHostedZoneId(domain);
+		const results: UpsertResult[] = [];
+
+		// Get existing records to determine if creating or updating
+		const existingRecords = await this.getRecords(domain);
+
+		// Process records in batches (Route53 allows max 1000 changes per request)
+		const batchSize = 100;
+		for (let i = 0; i < records.length; i += batchSize) {
+			const batch = records.slice(i, i + batchSize);
+			const changes = [];
+
+			for (const record of batch) {
+				const existing = existingRecords.find(
+					(r) => r.name === record.name && r.type === record.type,
+				);
+
+				const existingValue = existing?.values?.[0];
+
+				if (existing && existingValue === record.value) {
+					// Record exists with same value - unchanged
+					results.push({
+						record,
+						created: false,
+						unchanged: true,
+					});
+					continue;
+				}
+
+				// Build full record name
+				const recordName =
+					record.name === '@' ? domain : `${record.name}.${domain}`;
+
+				changes.push({
+					Action: 'UPSERT' as const,
+					ResourceRecordSet: {
+						Name: recordName,
+						Type: record.type,
+						TTL: record.ttl,
+						ResourceRecords: [{ Value: record.value }],
+					},
+				});
+
+				results.push({
+					record,
+					created: !existing,
+					unchanged: false,
+				});
+			}
+
+			// Execute batch if there are changes
+			if (changes.length > 0) {
+				const command = new ChangeResourceRecordSetsCommand({
+					HostedZoneId: zoneId,
+					ChangeBatch: {
+						Comment: 'Upsert by gkm deploy',
+						Changes: changes,
+					},
+				});
+
+				await this.client.send(command);
+			}
+		}
+
+		return results;
+	}
+}