@geekmidas/cli 1.3.0 → 1.5.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@geekmidas/cli",
-  "version": "1.3.0",
+  "version": "1.5.0",
   "description": "CLI tools for building Lambda handlers, server applications, and generating OpenAPI specs",
   "private": false,
   "type": "module",
@@ -53,9 +53,9 @@
     "pg": "~8.17.1",
     "prompts": "~2.4.2",
     "tsx": "~4.20.3",
-    "@geekmidas/constructs": "~1.0.0",
     "@geekmidas/envkit": "~1.0.0",
     "@geekmidas/errors": "~1.0.0",
+    "@geekmidas/constructs": "~1.0.0",
     "@geekmidas/logger": "~1.0.0",
     "@geekmidas/schema": "~1.0.0"
   },

package/src/deploy/__tests__/Route53Provider.spec.ts

@@ -399,4 +399,27 @@ describe('Route53Provider', () => {
 			).rejects.toThrow('No hosted zone found for domain');
 		});
 	});
+
+	describe('default region', () => {
+		it('should use us-east-1 as default region when none specified', () => {
+			// This test verifies the provider can be created without region
+			// and doesn't throw "Region is missing" error
+			const providerWithoutRegion = new Route53Provider({
+				endpoint: LOCALSTACK_ENDPOINT,
+				hostedZoneId: 'test-zone',
+			});
+
+			expect(providerWithoutRegion.name).toBe('route53');
+		});
+
+		it('should use provided region when specified', () => {
+			const providerWithRegion = new Route53Provider({
+				endpoint: LOCALSTACK_ENDPOINT,
+				region: 'eu-west-1',
+				hostedZoneId: 'test-zone',
+			});
+
+			expect(providerWithRegion.name).toBe('route53');
+		});
+	});
 });

package/src/deploy/__tests__/env-resolver.spec.ts

@@ -295,6 +295,9 @@ describe('resolveEnvVar', () => {
 	it('should resolve custom variable from userSecrets.custom', () => {
 		const context = createContext({
 			userSecrets: {
+				stage: 'production',
+				createdAt: '2024-01-01T00:00:00Z',
+				updatedAt: '2024-01-01T00:00:00Z',
 				custom: { MY_API_KEY: 'secret-api-key' },
 				urls: {},
 				services: {},
@@ -307,6 +310,9 @@ describe('resolveEnvVar', () => {
 	it('should resolve URL variables from userSecrets.urls', () => {
 		const context = createContext({
 			userSecrets: {
+				stage: 'production',
+				createdAt: '2024-01-01T00:00:00Z',
+				updatedAt: '2024-01-01T00:00:00Z',
 				custom: {},
 				urls: { DATABASE_URL: 'postgresql://external:5432/db' },
 				services: {},
@@ -321,9 +327,19 @@ describe('resolveEnvVar', () => {
 	it('should resolve POSTGRES_PASSWORD from userSecrets.services', () => {
 		const context = createContext({
 			userSecrets: {
+				stage: 'production',
+				createdAt: '2024-01-01T00:00:00Z',
+				updatedAt: '2024-01-01T00:00:00Z',
 				custom: {},
 				urls: {},
-				services: { postgres: { password: 'pg-password' } },
+				services: {
+					postgres: {
+						host: 'localhost',
+						port: 5432,
+						username: 'postgres',
+						password: 'pg-password',
+					},
+				},
 			},
 		});
 
@@ -333,9 +349,19 @@ describe('resolveEnvVar', () => {
 	it('should resolve REDIS_PASSWORD from userSecrets.services', () => {
 		const context = createContext({
 			userSecrets: {
+				stage: 'production',
+				createdAt: '2024-01-01T00:00:00Z',
+				updatedAt: '2024-01-01T00:00:00Z',
 				custom: {},
 				urls: {},
-				services: { redis: { password: 'redis-password' } },
+				services: {
+					redis: {
+						host: 'localhost',
+						port: 6379,
+						username: 'default',
+						password: 'redis-password',
+					},
+				},
 			},
 		});
 
@@ -347,6 +373,151 @@ describe('resolveEnvVar', () => {
 
 		expect(resolveEnvVar('UNKNOWN_VAR', context)).toBeUndefined();
 	});
+
+	describe('dependency URLs', () => {
+		it('should resolve AUTH_URL from dependencyUrls', () => {
+			const context = createContext({
+				dependencyUrls: { auth: 'https://auth.example.com' },
+			});
+
+			expect(resolveEnvVar('AUTH_URL', context)).toBe(
+				'https://auth.example.com',
+			);
+		});
+
+		it('should resolve API_URL from dependencyUrls', () => {
+			const context = createContext({
+				dependencyUrls: { api: 'https://api.example.com' },
+			});
+
+			expect(resolveEnvVar('API_URL', context)).toBe('https://api.example.com');
+		});
+
+		it('should resolve any {DEP}_URL pattern from dependencyUrls', () => {
+			const context = createContext({
+				dependencyUrls: {
+					payments: 'https://payments.example.com',
+					notifications: 'https://notifications.example.com',
+				},
+			});
+
+			expect(resolveEnvVar('PAYMENTS_URL', context)).toBe(
+				'https://payments.example.com',
+			);
+			expect(resolveEnvVar('NOTIFICATIONS_URL', context)).toBe(
+				'https://notifications.example.com',
+			);
+		});
+
+		it('should return undefined for missing dependency URL', () => {
+			const context = createContext({
+				dependencyUrls: { auth: 'https://auth.example.com' },
+			});
+
+			expect(resolveEnvVar('API_URL', context)).toBeUndefined();
+		});
+
+		it('should return undefined when dependencyUrls is not provided', () => {
+			const context = createContext();
+
+			expect(resolveEnvVar('AUTH_URL', context)).toBeUndefined();
+		});
+
+		it('should handle custom domain from config', () => {
+			const context = createContext({
+				dependencyUrls: { auth: 'https://login.myapp.com' },
+			});
+
+			expect(resolveEnvVar('AUTH_URL', context)).toBe(
+				'https://login.myapp.com',
+			);
+		});
+
+		it('should prefer user secrets over dependency URLs', () => {
+			const context = createContext({
+				dependencyUrls: { auth: 'https://auth.example.com' },
+				userSecrets: {
+					stage: 'production',
+					createdAt: '2024-01-01T00:00:00Z',
+					updatedAt: '2024-01-01T00:00:00Z',
+					custom: { AUTH_URL: 'https://custom-auth.example.com' },
+					urls: {},
+					services: {},
+				},
+			});
+
+			// User secrets are checked after dependency URLs, so dependency URL wins
+			// If you want user secrets to override, the order in resolveEnvVar should change
+			expect(resolveEnvVar('AUTH_URL', context)).toBe(
+				'https://auth.example.com',
+			);
+		});
+
+		describe('NEXT_PUBLIC_ prefix', () => {
+			it('should resolve NEXT_PUBLIC_API_URL from dependencyUrls.api', () => {
+				const context = createContext({
+					dependencyUrls: { api: 'https://api.example.com' },
+				});
+
+				expect(resolveEnvVar('NEXT_PUBLIC_API_URL', context)).toBe(
+					'https://api.example.com',
+				);
+			});
+
+			it('should resolve NEXT_PUBLIC_AUTH_URL from dependencyUrls.auth', () => {
+				const context = createContext({
+					dependencyUrls: { auth: 'https://auth.example.com' },
+				});
+
+				expect(resolveEnvVar('NEXT_PUBLIC_AUTH_URL', context)).toBe(
+					'https://auth.example.com',
+				);
+			});
+
+			it('should resolve both AUTH_URL and NEXT_PUBLIC_AUTH_URL to same value', () => {
+				const context = createContext({
+					dependencyUrls: { auth: 'https://auth.example.com' },
+				});
+
+				expect(resolveEnvVar('AUTH_URL', context)).toBe(
+					'https://auth.example.com',
+				);
+				expect(resolveEnvVar('NEXT_PUBLIC_AUTH_URL', context)).toBe(
+					'https://auth.example.com',
+				);
+			});
+
+			it('should resolve NEXT_PUBLIC_ prefix for any dependency', () => {
+				const context = createContext({
+					dependencyUrls: {
+						payments: 'https://payments.example.com',
+						notifications: 'https://notifications.example.com',
+					},
+				});
+
+				expect(resolveEnvVar('NEXT_PUBLIC_PAYMENTS_URL', context)).toBe(
+					'https://payments.example.com',
+				);
+				expect(resolveEnvVar('NEXT_PUBLIC_NOTIFICATIONS_URL', context)).toBe(
+					'https://notifications.example.com',
+				);
+			});
+
+			it('should return undefined for missing NEXT_PUBLIC_ dependency URL', () => {
+				const context = createContext({
+					dependencyUrls: { auth: 'https://auth.example.com' },
+				});
+
+				expect(resolveEnvVar('NEXT_PUBLIC_API_URL', context)).toBeUndefined();
+			});
+
+			it('should return undefined when dependencyUrls is not provided', () => {
+				const context = createContext();
+
+				expect(resolveEnvVar('NEXT_PUBLIC_AUTH_URL', context)).toBeUndefined();
+			});
+		});
+	});
 });
 
 describe('resolveEnvVars', () => {
@@ -490,4 +661,215 @@ describe('validateEnvVars', () => {
 		expect(result.missing).toEqual([]);
 		expect(result.resolved).toEqual({});
 	});
+
+	it('should resolve dependency URLs in validation', () => {
+		const context = createContext({
+			dependencyUrls: {
+				auth: 'https://auth.example.com',
+				api: 'https://api.example.com',
+			},
+		});
+
+		const result = validateEnvVars(['PORT', 'AUTH_URL', 'API_URL'], context);
+
+		expect(result.valid).toBe(true);
+		expect(result.missing).toEqual([]);
+		expect(result.resolved).toEqual({
+			PORT: '3000',
+			AUTH_URL: 'https://auth.example.com',
+			API_URL: 'https://api.example.com',
+		});
+	});
+
+	it('should report missing dependency URLs', () => {
+		const context = createContext({
+			dependencyUrls: { auth: 'https://auth.example.com' },
+		});
+
+		const result = validateEnvVars(
+			['PORT', 'AUTH_URL', 'PAYMENTS_URL'],
+			context,
+		);
+
+		expect(result.valid).toBe(false);
+		expect(result.missing).toEqual(['PAYMENTS_URL']);
+		expect(result.resolved).toEqual({
+			PORT: '3000',
+			AUTH_URL: 'https://auth.example.com',
+		});
+	});
+});
+
+/**
+ * Tests for Docker build arg extraction logic.
+ * This simulates the behavior in deploy/index.ts where NEXT_PUBLIC_* vars
+ * are extracted from resolved vars for Docker build args.
+ */
+describe('Docker build arg extraction', () => {
+	const createContext = (
+		overrides: Partial<EnvResolverContext> = {},
+	): EnvResolverContext => ({
+		app: {
+			type: 'frontend',
+			path: 'apps/web',
+			port: 3001,
+			dependencies: ['api', 'auth'],
+			resolvedDeployTarget: 'dokploy',
+		},
+		appName: 'web',
+		stage: 'production',
+		state: createEmptyState('production', 'proj_test', 'env-123'),
+		appHostname: 'web.example.com',
+		frontendUrls: [],
+		...overrides,
+	});
+
+	/**
+	 * Simulates the build arg extraction logic from deploy/index.ts
+	 */
+	function extractBuildArgs(resolved: Record<string, string>): {
+		buildArgs: string[];
+		publicUrlArgNames: string[];
+	} {
+		const buildArgs: string[] = [];
+		const publicUrlArgNames: string[] = [];
+
+		for (const [key, value] of Object.entries(resolved)) {
+			if (key.startsWith('NEXT_PUBLIC_')) {
+				buildArgs.push(`${key}=${value}`);
+				publicUrlArgNames.push(key);
+			}
+		}
+
+		return { buildArgs, publicUrlArgNames };
+	}
+
+	it('should extract NEXT_PUBLIC_* vars as build args', () => {
+		const context = createContext({
+			dependencyUrls: {
+				api: 'https://api.example.com',
+				auth: 'https://auth.example.com',
+			},
+		});
+
+		const sniffedVars = [
+			'NEXT_PUBLIC_API_URL',
+			'NEXT_PUBLIC_AUTH_URL',
+			'NEXT_PUBLIC_STRIPE_KEY',
+		];
+
+		const { resolved } = validateEnvVars(sniffedVars, context);
+
+		// Simulate user secrets providing STRIPE_KEY
+		resolved.NEXT_PUBLIC_STRIPE_KEY = 'pk_test_123';
+
+		const { buildArgs, publicUrlArgNames } = extractBuildArgs(resolved);
+
+		expect(publicUrlArgNames).toEqual([
+			'NEXT_PUBLIC_API_URL',
+			'NEXT_PUBLIC_AUTH_URL',
+			'NEXT_PUBLIC_STRIPE_KEY',
+		]);
+		expect(buildArgs).toEqual([
+			'NEXT_PUBLIC_API_URL=https://api.example.com',
+			'NEXT_PUBLIC_AUTH_URL=https://auth.example.com',
+			'NEXT_PUBLIC_STRIPE_KEY=pk_test_123',
+		]);
+	});
+
+	it('should NOT include server-only vars in build args', () => {
+		const context = createContext({
+			dependencyUrls: { api: 'https://api.example.com' },
+			appCredentials: { dbUser: 'web', dbPassword: 'pass' },
+			postgres: { host: 'postgres', port: 5432, database: 'mydb' },
+		});
+
+		const sniffedVars = [
+			'NEXT_PUBLIC_API_URL',
+			'DATABASE_URL',
+			'STRIPE_SECRET_KEY',
+		];
+
+		const { resolved } = validateEnvVars(sniffedVars, context);
+
+		// Add server-only secret
+		resolved.STRIPE_SECRET_KEY = 'sk_test_secret';
+
+		const { buildArgs, publicUrlArgNames } = extractBuildArgs(resolved);
+
+		// Only NEXT_PUBLIC_* should be in build args
+		expect(publicUrlArgNames).toEqual(['NEXT_PUBLIC_API_URL']);
+		expect(buildArgs).toEqual(['NEXT_PUBLIC_API_URL=https://api.example.com']);
+
+		// Server vars should still be in resolved (for runtime)
+		expect(resolved.DATABASE_URL).toBe(
+			'postgresql://web:pass@postgres:5432/mydb',
+		);
+		expect(resolved.STRIPE_SECRET_KEY).toBe('sk_test_secret');
+	});
+
+	it('should handle mixed frontend vars correctly', () => {
+		const context = createContext({
+			dependencyUrls: {
+				api: 'https://api.example.com',
+				auth: 'https://auth.example.com',
+			},
+			userSecrets: {
+				stage: 'production',
+				createdAt: '2024-01-01T00:00:00Z',
+				updatedAt: '2024-01-01T00:00:00Z',
+				custom: {
+					NEXT_PUBLIC_POSTHOG_KEY: 'phc_test123',
+					STRIPE_SECRET_KEY: 'sk_test_secret',
+				},
+				urls: {},
+				services: {},
+			},
+		});
+
+		const sniffedVars = [
+			// From dependencies (auto-generated)
+			'NEXT_PUBLIC_API_URL',
+			'NEXT_PUBLIC_AUTH_URL',
+			// From client config
+			'NEXT_PUBLIC_POSTHOG_KEY',
+			// From server config
+			'STRIPE_SECRET_KEY',
+			'DATABASE_URL',
+		];
+
+		const { resolved, missing } = validateEnvVars(sniffedVars, context);
+
+		// DATABASE_URL is missing (no postgres config)
+		expect(missing).toContain('DATABASE_URL');
+
+		const { buildArgs, publicUrlArgNames } = extractBuildArgs(resolved);
+
+		// Only NEXT_PUBLIC_* should be build args
+		expect(publicUrlArgNames).toHaveLength(3);
+		expect(publicUrlArgNames).toContain('NEXT_PUBLIC_API_URL');
+		expect(publicUrlArgNames).toContain('NEXT_PUBLIC_AUTH_URL');
+		expect(publicUrlArgNames).toContain('NEXT_PUBLIC_POSTHOG_KEY');
+
+		// Server secret should NOT be in build args
+		expect(publicUrlArgNames).not.toContain('STRIPE_SECRET_KEY');
+
+		// But should be in resolved for runtime
+		expect(resolved.STRIPE_SECRET_KEY).toBe('sk_test_secret');
+	});
+
+	it('should return empty build args when no NEXT_PUBLIC_* vars', () => {
+		const context = createContext({
+			appCredentials: { dbUser: 'web', dbPassword: 'pass' },
+			postgres: { host: 'postgres', port: 5432, database: 'mydb' },
+		});
+
+		const sniffedVars = ['DATABASE_URL', 'PORT'];
+
+		const { resolved } = validateEnvVars(sniffedVars, context);
+		const { buildArgs, publicUrlArgNames } = extractBuildArgs(resolved);
+
+		expect(buildArgs).toEqual([]);
+		expect(publicUrlArgNames).toEqual([]);
+	});
 });