npm - @geekmidas/cli - Versions diffs - 1.9.0 → 1.9.1 - Mend

@geekmidas/cli 1.9.0 → 1.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

package/src/index.ts CHANGED Viewed

@@ -518,8 +518,27 @@ program
 			const { loadWorkspaceConfig } = await import('./config');
 			const { pushSecrets } = await import('./secrets/sync');
+			const { reconcileMissingSecrets } = await import('./secrets/reconcile');
+			const { readStageSecrets, writeStageSecrets } = await import(
+				'./secrets/storage'
+			);
 			const { workspace } = await loadWorkspaceConfig();
+			const secrets = await readStageSecrets(options.stage, workspace.root);
+			if (secrets) {
+				const result = reconcileMissingSecrets(secrets, workspace);
+				if (result) {
+					await writeStageSecrets(result.secrets, workspace.root);
+					console.log(
+						`  Reconciled ${result.addedKeys.length} missing secret(s):`,
+					);
+					for (const key of result.addedKeys) {
+						console.log(`    + ${key}`);
+					}
+				}
+			}
 			await pushSecrets(options.stage, workspace);
 			console.log(`\n✓ Secrets pushed for stage "${options.stage}"`);
 		} catch (error) {
@@ -542,15 +561,27 @@ program
 			const { loadWorkspaceConfig } = await import('./config');
 			const { pullSecrets } = await import('./secrets/sync');
 			const { writeStageSecrets } = await import('./secrets/storage');
+			const { reconcileMissingSecrets } = await import('./secrets/reconcile');
 			const { workspace } = await loadWorkspaceConfig();
-			const secrets = await pullSecrets(options.stage, workspace);
+			let secrets = await pullSecrets(options.stage, workspace);
 			if (!secrets) {
 				console.error(`No remote secrets found for stage "${options.stage}".`);
 				process.exit(1);
 			}
+			const result = reconcileMissingSecrets(secrets, workspace);
+			if (result) {
+				secrets = result.secrets;
+				console.log(
+					`  Reconciled ${result.addedKeys.length} missing secret(s):`,
+				);
+				for (const key of result.addedKeys) {
+					console.log(`    + ${key}`);
+				}
+			}
 			await writeStageSecrets(secrets, workspace.root);
 			console.log(`\n✓ Secrets pulled for stage "${options.stage}"`);
 		} catch (error) {
@@ -559,6 +590,53 @@ program
 		}
 	});
+program
+	.command('secrets:reconcile')
+	.description('Backfill missing custom secrets from workspace config')
+	.option('--stage <stage>', 'Stage name', 'development')
+	.action(async (options: { stage: string }) => {
+		try {
+			const globalOptions = program.opts();
+			if (globalOptions.cwd) {
+				process.chdir(globalOptions.cwd);
+			}
+			const { loadWorkspaceConfig } = await import('./config');
+			const { reconcileMissingSecrets } = await import('./secrets/reconcile');
+			const { readStageSecrets, writeStageSecrets } = await import(
+				'./secrets/storage'
+			);
+			const { workspace } = await loadWorkspaceConfig();
+			const secrets = await readStageSecrets(options.stage, workspace.root);
+			if (!secrets) {
+				console.error(
+					`No secrets found for stage "${options.stage}". Run "gkm secrets:init --stage ${options.stage}" first.`,
+				);
+				process.exit(1);
+			}
+			const result = reconcileMissingSecrets(secrets, workspace);
+			if (!result) {
+				console.log(`\n✓ Secrets for stage "${options.stage}" are up-to-date`);
+				return;
+			}
+			await writeStageSecrets(result.secrets, workspace.root);
+			console.log(
+				`\n✓ Reconciled ${result.addedKeys.length} missing secret(s) for stage "${options.stage}":`,
+			);
+			for (const key of result.addedKeys) {
+				console.log(`    + ${key}`);
+			}
+		} catch (error) {
+			console.error(error instanceof Error ? error.message : 'Command failed');
+			process.exit(1);
+		}
+	});
 // Deploy command
 program
 	.command('deploy')

package/src/init/versions.ts CHANGED Viewed

@@ -30,14 +30,14 @@ export const GEEKMIDAS_VERSIONS = {
 	'@geekmidas/audit': '~1.0.0',
 	'@geekmidas/auth': '~1.0.0',
 	'@geekmidas/cache': '~1.0.0',
-	'@geekmidas/client': '~2.0.0',
+	'@geekmidas/client': '~3.0.0',
 	'@geekmidas/cloud': '~1.0.0',
-	'@geekmidas/constructs': '~1.1.1',
+	'@geekmidas/constructs': '~2.0.0',
 	'@geekmidas/db': '~1.0.0',
 	'@geekmidas/emailkit': '~1.0.0',
 	'@geekmidas/envkit': '~1.0.3',
 	'@geekmidas/errors': '~1.0.0',
-	'@geekmidas/events': '~1.0.0',
+	'@geekmidas/events': '~1.1.0',
 	'@geekmidas/logger': '~1.0.0',
 	'@geekmidas/rate-limit': '~1.0.0',
 	'@geekmidas/schema': '~1.0.0',
@@ -45,7 +45,7 @@ export const GEEKMIDAS_VERSIONS = {
 	'@geekmidas/storage': '~1.0.0',
 	'@geekmidas/studio': '~1.0.0',
 	'@geekmidas/telescope': '~1.0.0',
-	'@geekmidas/testkit': '~1.0.1',
+	'@geekmidas/testkit': '~1.0.2',
 	'@geekmidas/cli': CLI_VERSION,
 } as const;

package/src/secrets/__tests__/reconcile.spec.ts ADDED Viewed

@@ -0,0 +1,123 @@
+import { describe, expect, it } from 'vitest';
+import { generateFullstackCustomSecrets } from '../../setup/fullstack-secrets';
+import type { NormalizedWorkspace } from '../../workspace/types';
+import { reconcileMissingSecrets } from '../reconcile';
+import type { StageSecrets } from '../types';
+function createMultiAppWorkspace(
+	overrides?: Partial<NormalizedWorkspace>,
+): NormalizedWorkspace {
+	return {
+		name: 'test-project',
+		root: '/tmp/test',
+		apps: {
+			api: {
+				type: 'backend',
+				path: 'apps/api',
+				port: 3000,
+				dependencies: [],
+				resolvedDeployTarget: 'dokploy',
+			},
+			web: {
+				type: 'frontend',
+				path: 'apps/web',
+				port: 3001,
+				dependencies: ['api'],
+				resolvedDeployTarget: 'dokploy',
+				framework: 'nextjs',
+			},
+		},
+		services: { db: true },
+		deploy: {},
+		shared: {},
+		secrets: {},
+		...overrides,
+	} as NormalizedWorkspace;
+}
+function createSecrets(custom: Record<string, string> = {}): StageSecrets {
+	return {
+		stage: 'development',
+		createdAt: '2024-01-01T00:00:00.000Z',
+		updatedAt: '2024-01-01T00:00:00.000Z',
+		services: {},
+		urls: {},
+		custom,
+	};
+}
+describe('reconcileMissingSecrets', () => {
+	it('should return null for single-app workspace', () => {
+		const workspace = createMultiAppWorkspace({
+			apps: {
+				api: {
+					type: 'backend',
+					path: 'apps/api',
+					port: 3000,
+					dependencies: [],
+					resolvedDeployTarget: 'dokploy',
+				},
+			},
+		}) as NormalizedWorkspace;
+		const result = reconcileMissingSecrets(createSecrets(), workspace);
+		expect(result).toBeNull();
+	});
+	it('should return null when no keys are missing', () => {
+		const workspace = createMultiAppWorkspace();
+		const expected = generateFullstackCustomSecrets(workspace);
+		const result = reconcileMissingSecrets(createSecrets(expected), workspace);
+		expect(result).toBeNull();
+	});
+	it('should backfill missing keys', () => {
+		const workspace = createMultiAppWorkspace();
+		const secrets = createSecrets();
+		const result = reconcileMissingSecrets(secrets, workspace);
+		expect(result).not.toBeNull();
+		expect(result!.addedKeys.length).toBeGreaterThan(0);
+		for (const key of result!.addedKeys) {
+			expect(result!.secrets.custom[key]).toBeDefined();
+		}
+	});
+	it('should never overwrite existing keys', () => {
+		const workspace = createMultiAppWorkspace();
+		const existingValue = 'my-custom-jwt-secret';
+		const secrets = createSecrets({
+			JWT_SECRET: existingValue,
+		});
+		const result = reconcileMissingSecrets(secrets, workspace);
+		expect(result).not.toBeNull();
+		expect(result!.secrets.custom.JWT_SECRET).toBe(existingValue);
+		expect(result!.addedKeys).not.toContain('JWT_SECRET');
+	});
+	it('should update updatedAt timestamp', () => {
+		const workspace = createMultiAppWorkspace();
+		const secrets = createSecrets();
+		const originalUpdatedAt = secrets.updatedAt;
+		const result = reconcileMissingSecrets(secrets, workspace);
+		expect(result).not.toBeNull();
+		expect(result!.secrets.updatedAt).not.toBe(originalUpdatedAt);
+	});
+	it('should backfill frontend URL keys', () => {
+		const workspace = createMultiAppWorkspace();
+		const secrets = createSecrets();
+		const result = reconcileMissingSecrets(secrets, workspace);
+		expect(result).not.toBeNull();
+		expect(result!.secrets.custom.WEB_URL).toBe('http://localhost:3001');
+		expect(result!.addedKeys).toContain('WEB_URL');
+	});
+});

package/src/secrets/reconcile.ts ADDED Viewed

@@ -0,0 +1,53 @@
+import { generateFullstackCustomSecrets } from '../setup/fullstack-secrets.js';
+import type { NormalizedWorkspace } from '../workspace/types.js';
+import type { StageSecrets } from './types.js';
+export interface ReconcileResult {
+	/** The updated secrets with missing keys backfilled */
+	secrets: StageSecrets;
+	/** Keys that were added */
+	addedKeys: string[];
+}
+/**
+ * Reconcile missing custom secrets for a workspace.
+ *
+ * Compares current secrets against what generateFullstackCustomSecrets()
+ * would produce and backfills any missing keys without overwriting
+ * existing values.
+ *
+ * @returns ReconcileResult if keys were added, null if secrets are up-to-date
+ */
+export function reconcileMissingSecrets(
+	secrets: StageSecrets,
+	workspace: NormalizedWorkspace,
+): ReconcileResult | null {
+	const isMultiApp = Object.keys(workspace.apps).length > 1;
+	if (!isMultiApp) {
+		return null;
+	}
+	const expectedCustom = generateFullstackCustomSecrets(workspace);
+	const addedKeys: string[] = [];
+	const mergedCustom = { ...secrets.custom };
+	for (const [key, value] of Object.entries(expectedCustom)) {
+		if (!(key in mergedCustom)) {
+			mergedCustom[key] = value;
+			addedKeys.push(key);
+		}
+	}
+	if (addedKeys.length === 0) {
+		return null;
+	}
+	return {
+		secrets: {
+			...secrets,
+			updatedAt: new Date().toISOString(),
+			custom: mergedCustom,
+		},
+		addedKeys,
+	};
+}

package/src/setup/fullstack-secrets.ts CHANGED Viewed

@@ -57,6 +57,8 @@ export function generateFullstackCustomSecrets(
 	for (const [appName, appConfig] of Object.entries(workspace.apps)) {
 		if (appConfig.type === 'frontend') {
 			frontendPorts.push(appConfig.port);
+			const upperName = appName.toUpperCase();
+			customs[`${upperName}_URL`] = `http://localhost:${appConfig.port}`;
 			continue;
 		}

package/dist/sync-BxFB34zW.cjs DELETED Viewed

@@ -1,4 +0,0 @@
-const require_sync = require('./sync-BOS0jKLn.cjs');
-exports.pullSecrets = require_sync.pullSecrets;
-exports.pushSecrets = require_sync.pushSecrets;