npm - @hed-hog/cli - Versions diffs - 0.0.110 → 0.0.112 - Mend

@hed-hog/cli 0.0.110 → 0.0.112

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/src/templates/deployment/scripts.promote-production.js.ejs ADDED Viewed

@@ -0,0 +1,291 @@
+#!/usr/bin/env node
+const { spawnSync } = require('child_process');
+// ─── Colors & output helpers ──────────────────────────────────────────────────
+const TTY = process.stdout.isTTY;
+const ETTY = process.stderr.isTTY;
+const c = {
+  reset:  TTY ? '\x1b[0m'  : '',
+  bold:   TTY ? '\x1b[1m'  : '',
+  dim:    TTY ? '\x1b[2m'  : '',
+  red:    TTY ? '\x1b[31m' : '',
+  green:  TTY ? '\x1b[32m' : '',
+  yellow: TTY ? '\x1b[33m' : '',
+  cyan:   TTY ? '\x1b[36m' : '',
+  gray:   TTY ? '\x1b[90m' : '',
+};
+const ce = {
+  reset:  ETTY ? '\x1b[0m'  : '',
+  bold:   ETTY ? '\x1b[1m'  : '',
+  red:    ETTY ? '\x1b[31m' : '',
+  yellow: ETTY ? '\x1b[33m' : '',
+  gray:   ETTY ? '\x1b[90m' : '',
+};
+function paint(color, text) {
+  return `${color}${text}${c.reset}`;
+}
+function paintE(color, text) {
+  return `${color}${text}${ce.reset}`;
+}
+const SEP = paint(c.dim, '─'.repeat(52));
+let _stepActive = false;
+function printBanner(appsArg) {
+  const target = appsArg
+    ? paint(c.cyan + c.bold, appsArg)
+    : paint(c.cyan + c.bold, 'all apps');
+  console.log('');
+  console.log(`  🚀  ${paint(c.bold, 'Promoting')} ${paint(c.cyan, 'master')} → ${paint(c.cyan, 'production')}  ${paint(c.dim, '[target: ')}${target}${paint(c.dim, ']')}`);
+  console.log(`  ${SEP}`);
+}
+function printStep(message) {
+  process.stdout.write(`\n  ${paint(c.cyan, '◆')}  ${paint(c.bold, message)}...`);
+  _stepActive = true;
+}
+function printDone(detail) {
+  const suffix = detail ? `  ${paint(c.dim, detail)}` : '';
+  process.stdout.write(`  ${paint(c.green, '✓')}${suffix}\n`);
+  _stepActive = false;
+}
+function printInfo(message) {
+  console.log(`     ${paint(c.gray, '→')}  ${paint(c.dim, message)}`);
+}
+function printWarning(message) {
+  process.stderr.write(`\n  ${paintE(ce.yellow, '⚠')}  ${paintE(ce.yellow, message)}\n`);
+}
+function closeStepWithError() {
+  if (_stepActive) {
+    process.stderr.write(`  ${paintE(ce.red, '✗')}\n`);
+    _stepActive = false;
+  }
+}
+function printSuccess(appsArg) {
+  const trigger = appsArg
+    ? `GitHub Actions will deploy: ${paint(c.cyan + c.bold, appsArg)}`
+    : 'GitHub Actions will deploy all apps';
+  console.log('');
+  console.log(`  ${SEP}`);
+  console.log(`  ${paint(c.green + c.bold, '✓')}  ${paint(c.green + c.bold, 'Production promotion completed successfully!')}`);
+  console.log(`     ${paint(c.gray, '→')}  ${paint(c.dim, 'You are now on branch ')}${paint(c.cyan, 'master')}`);
+  console.log(`     ${paint(c.gray, '→')}  ${paint(c.dim, trigger)}`);
+  console.log('');
+}
+// ─── Git helpers ──────────────────────────────────────────────────────────────
+function runGit(args, options = {}) {
+  const { allowFailure = false } = options;
+  const result = spawnSync('git', args, {
+    encoding: 'utf8',
+    stdio: ['ignore', 'pipe', 'pipe'],
+  });
+  const stdout = (result.stdout || '').trim();
+  const stderr = (result.stderr || '').trim();
+  if (result.error) {
+    throw new Error(`Failed to execute git ${args.join(' ')}: ${result.error.message}`);
+  }
+  if (result.status !== 0 && !allowFailure) {
+    const output = stderr || stdout || `git ${args.join(' ')} failed`;
+    throw new Error(output);
+  }
+  return { ok: result.status === 0, status: result.status, stdout, stderr };
+}
+function hasLocalBranch(name) {
+  return runGit(['show-ref', '--verify', '--quiet', `refs/heads/${name}`], {
+    allowFailure: true,
+  }).ok;
+}
+function hasRemoteBranch(name) {
+  return runGit(['ls-remote', '--exit-code', '--heads', 'origin', name], {
+    allowFailure: true,
+  }).ok;
+}
+function switchBranch(name) {
+  runGit(['switch', name]);
+}
+function ensureCleanWorkingTree() {
+  const status = runGit(['status', '--porcelain']);
+  if (status.stdout.length > 0) {
+    throw new Error(
+      'Working tree has uncommitted changes.\n' +
+      '     Commit or stash your changes before running this script.',
+    );
+  }
+}
+function ensureMasterExists() {
+  if (hasLocalBranch('master')) return;
+  if (!hasRemoteBranch('master')) {
+    throw new Error('Branch "master" was not found locally or on origin.');
+  }
+  runGit(['branch', 'master', 'origin/master']);
+}
+function ensureOriginRemote() {
+  const hasOrigin = runGit(['remote', 'get-url', 'origin'], { allowFailure: true }).ok;
+  if (!hasOrigin) {
+    throw new Error('Remote "origin" is not configured for this repository.');
+  }
+}
+function ensureInsideGitRepo() {
+  const inside = runGit(['rev-parse', '--is-inside-work-tree']);
+  if (inside.stdout !== 'true') {
+    throw new Error('Current directory is not inside a git repository.');
+  }
+}
+function getCurrentBranch() {
+  const branch = runGit(['rev-parse', '--abbrev-ref', 'HEAD']).stdout;
+  if (branch === 'HEAD') {
+    throw new Error('Detached HEAD state is not supported. Checkout a branch first.');
+  }
+  return branch;
+}
+function tryReturnToMaster() {
+  try {
+    const current = getCurrentBranch();
+    if (current !== 'master') {
+      printStep('Returning to master');
+      switchBranch('master');
+      printDone();
+    }
+  } catch (err) {
+    printWarning(`Could not switch back to master automatically: ${err.message}`);
+  }
+}
+// ─── Main ─────────────────────────────────────────────────────────────────────
+function promote() {
+  let productionCreatedNow = false;
+  const VALID_APPS = <%- JSON.stringify(config.apps || []) %>;
+  const appsArg = process.argv[2] || null;
+  if (appsArg) {
+    const requested = appsArg.split(',').map((a) => a.trim());
+    const invalid = requested.filter((a) => !VALID_APPS.includes(a));
+    if (invalid.length > 0) {
+      throw new Error(
+        `Unknown app(s): ${invalid.join(', ')}.\n` +
+        `     Valid options: ${VALID_APPS.join(', ')}`,
+      );
+    }
+  }
+  printBanner(appsArg);
+  printStep('Validating git environment');
+  runGit(['--version']);
+  ensureInsideGitRepo();
+  ensureOriginRemote();
+  printDone();
+  const startBranch = getCurrentBranch();
+  printInfo(`Current branch: ${paint(c.cyan, startBranch)}`);
+  printStep('Checking for uncommitted changes');
+  ensureCleanWorkingTree();
+  printDone('working tree clean');
+  printStep('Fetching latest refs from origin');
+  runGit(['fetch', 'origin', '--prune']);
+  printDone();
+  printStep('Ensuring master branch exists');
+  ensureMasterExists();
+  printDone();
+  const productionLocalExists = hasLocalBranch('production');
+  const productionRemoteExists = hasRemoteBranch('production');
+  printStep('Switching to production branch');
+  if (productionLocalExists) {
+    switchBranch('production');
+    printDone('existing local branch');
+  } else if (productionRemoteExists) {
+    runGit(['switch', '--track', '-c', 'production', 'origin/production']);
+    printDone('tracking origin/production');
+  } else {
+    switchBranch('master');
+    runGit(['switch', '-c', 'production']);
+    productionCreatedNow = true;
+    printDone('new branch created');
+  }
+  printStep('Merging master → production');
+  const headBefore = runGit(['rev-parse', 'HEAD']).stdout;
+  const mergeArgs = appsArg
+    ? ['merge', '--no-ff', '-m', `chore: deploy to production [deploy:${appsArg}]`, 'master']
+    : ['merge', '--no-ff', '--no-edit', 'master'];
+  const mergeResult = runGit(mergeArgs, { allowFailure: true });
+  if (!mergeResult.ok) {
+    runGit(['merge', '--abort'], { allowFailure: true });
+    throw new Error(
+      'Merge conflict detected while merging master into production.\n' +
+      '     Resolve conflicts manually and retry.',
+    );
+  }
+  const headAfter = runGit(['rev-parse', 'HEAD']).stdout;
+  const alreadyUpToDate = headBefore === headAfter;
+  if (alreadyUpToDate) {
+    printDone('already up to date');
+    printInfo('No new commits from master — creating redeploy commit to trigger CI');
+    const redeployMsg = appsArg
+      ? `chore: redeploy [deploy:${appsArg}]`
+      : 'chore: redeploy all apps';
+    runGit(['commit', '--allow-empty', '-m', redeployMsg]);
+  } else {
+    printDone();
+  }
+  printStep('Pushing production to origin');
+  if (productionCreatedNow || !productionRemoteExists) {
+    runGit(['push', '-u', 'origin', 'production']);
+  } else {
+    runGit(['push', 'origin', 'production']);
+  }
+  printDone();
+  switchBranch('master');
+  printSuccess(appsArg);
+}
+try {
+  promote();
+} catch (error) {
+  closeStepWithError();
+  process.stderr.write(
+    `\n  ${paintE(ce.red, '✗')}  ${paintE(ce.red + ce.bold, 'Error:')}  ${paintE(ce.red, error.message)}\n\n`,
+  );
+  tryReturnToMaster();
+  process.exitCode = 1;
+}

package/dist/src/templates/deployment/workflow.deploy.yml.ejs CHANGED Viewed

@@ -4,6 +4,11 @@ on:
     branches:
       - <%= config.deployBranch %>
   workflow_dispatch:
+    inputs:
+      apps:
+        description: 'Apps para deploy (ex: api, admin, api,admin) ou "all" para todos'
+        required: false
+        default: 'all'
 env:
   REGISTRY: <%= config.containerRegistry %>
   NAMESPACE: <%= config.namespace %>
@@ -18,6 +23,10 @@ env:
   NEXT_PUBLIC_API_BASE_URL: <%= config.apiDomain || '' %>
   INTERNAL_API_URL: <%= config.apiDomain || '' %>
 <% } %>
+<% (config.apps || []).filter(function(a) { return a !== 'api' && a !== 'admin'; }).forEach(function(app) { %>
+  # <%= app %> environment
+  <%= app.toUpperCase() %>_API_BASE_URL: <%= config.apiDomain || '' %>
+<% }); %>
 jobs:
   apply-cluster-config:
     name: Apply Kubernetes and Helm configs
@@ -53,6 +62,14 @@ jobs:
     name: Deploy API
     runs-on: ubuntu-latest
     needs: apply-cluster-config
+    if: >-
+      (github.event_name == 'push' &&
+       (!contains(github.event.head_commit.message, '[deploy:') ||
+        contains(github.event.head_commit.message, '[deploy:api]'))) ||
+      (github.event_name == 'workflow_dispatch' &&
+       (github.event.inputs.apps == '' ||
+        github.event.inputs.apps == 'all' ||
+        contains(github.event.inputs.apps, 'api')))
     # Required GitHub Secrets for API deployment:
     # - DATABASE_URL: PostgreSQL connection string (format: postgresql://user:pass@host:port/dbname)
     # - JWT_SECRET: 64-char hex string or base64 key for JWT signing
@@ -361,6 +378,19 @@ jobs:
 <% if ((config.apps || []).includes('api')) { %>
       - deploy-api
 <% } %>
+    if: >-
+      always() &&
+      needs.apply-cluster-config.result == 'success' &&
+<% if ((config.apps || []).includes('api')) { %>
+      (needs.deploy-api.result == 'success' || needs.deploy-api.result == 'skipped') &&
+<% } %>
+      ((github.event_name == 'push' &&
+        (!contains(github.event.head_commit.message, '[deploy:') ||
+         contains(github.event.head_commit.message, '[deploy:admin]'))) ||
+       (github.event_name == 'workflow_dispatch' &&
+        (github.event.inputs.apps == '' ||
+         github.event.inputs.apps == 'all' ||
+         contains(github.event.inputs.apps, 'admin'))))
     steps:
       - name: Checkout code
         uses: actions/checkout@v6
@@ -534,3 +564,147 @@ jobs:
             doctl registry repository delete-manifest "${REGISTRY_NAME}/${REPOSITORY}" "${DIGEST}" --force
           done
 <% } %>
+<% (config.apps || []).filter(function(a) { return a !== 'api' && a !== 'admin'; }).forEach(function(app) { var appUpper = app.toUpperCase(); var appCapitalized = app.charAt(0).toUpperCase() + app.slice(1); %>
+  deploy-<%= app %>:
+    name: Deploy <%= appCapitalized %>
+    runs-on: ubuntu-latest
+    needs:
+      - apply-cluster-config
+<% if ((config.apps || []).includes('api')) { %>
+      - deploy-api
+<% } %>
+    if: >-
+      always() &&
+      needs.apply-cluster-config.result == 'success' &&
+<% if ((config.apps || []).includes('api')) { %>
+      (needs.deploy-api.result == 'success' || needs.deploy-api.result == 'skipped') &&
+<% } %>
+      ((github.event_name == 'push' &&
+        (!contains(github.event.head_commit.message, '[deploy:') ||
+         contains(github.event.head_commit.message, '[deploy:<%= app %>]'))) ||
+       (github.event_name == 'workflow_dispatch' &&
+        (github.event.inputs.apps == '' ||
+         github.event.inputs.apps == 'all' ||
+         contains(github.event.inputs.apps, '<%= app %>'))))
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v6
+      - name: Install doctl
+        run: |
+          set -eu
+          DOCTL_VERSION="1.119.1"
+          curl -fsSL "https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-amd64.tar.gz" -o /tmp/doctl.tar.gz
+          tar -xzf /tmp/doctl.tar.gz -C /tmp
+          sudo mv /tmp/doctl /usr/local/bin/doctl
+          doctl version
+      - name: Authenticate doctl
+        run: doctl auth init -t '${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}'
+      - name: Validate DigitalOcean token
+        run: |
+          doctl auth validate
+          doctl account get
+      - name: Log in to Container Registry
+        run: doctl registry login --expiry-seconds 1200
+      - name: Build Docker image
+        run: |
+          docker build -t ${{ env.REGISTRY }}/<%= config.appName %>-<%= app %>:${{ github.sha }} \
+            --build-arg <%= appUpper %>_API_BASE_URL='${{ env.<%= appUpper %>_API_BASE_URL }}' \
+            -f apps/<%= app %>/Dockerfile apps/<%= app %>/
+      - name: Push Docker image (sha)
+        run: |
+          docker push ${{ env.REGISTRY }}/<%= config.appName %>-<%= app %>:${{ github.sha }}
+      - name: Push Docker image (latest)
+        run: |
+          docker tag ${{ env.REGISTRY }}/<%= config.appName %>-<%= app %>:${{ github.sha }} \
+            ${{ env.REGISTRY }}/<%= config.appName %>-<%= app %>:latest
+          docker push ${{ env.REGISTRY }}/<%= config.appName %>-<%= app %>:latest
+      - name: Save DigitalOcean kubeconfig
+        run: doctl kubernetes cluster kubeconfig save ${{ env.K8S_CLUSTER_ID }}
+      - name: Ensure <%= app %> config exists
+        run: |
+          kubectl create configmap <%= config.appName %>-<%= app %>-config \
+            -n ${{ env.NAMESPACE }} \
+            --from-literal=<%= appUpper %>_API_BASE_URL='${{ env.<%= appUpper %>_API_BASE_URL }}' \
+            --dry-run=client -o yaml | kubectl apply -f -
+      - name: Deploy to Kubernetes
+        run: |
+          kubectl set image deployment/<%= config.appName %>-<%= app %> \
+            <%= config.appName %>-<%= app %>=${{ env.REGISTRY }}/<%= config.appName %>-<%= app %>:${{ github.sha }} \
+            -n ${{ env.NAMESPACE }}
+          kubectl rollout status deployment/<%= config.appName %>-<%= app %> -n ${{ env.NAMESPACE }} --timeout=5m || (
+            echo "--- Rollout timed out. Pod status:"
+            kubectl get pods -l app=<%= config.appName %>-<%= app %> -n ${{ env.NAMESPACE }}
+            echo "--- Recent events:"
+            kubectl describe deployment/<%= config.appName %>-<%= app %> -n ${{ env.NAMESPACE }} | tail -20
+            POD_NAME=$(kubectl get pods -l app=<%= config.appName %>-<%= app %> -n ${{ env.NAMESPACE }} --sort-by=.metadata.creationTimestamp -o name | tail -n 1 | cut -d/ -f2)
+            if [ -n "$POD_NAME" ]; then
+              echo "--- Describe newest pod: $POD_NAME"
+              kubectl describe pod "$POD_NAME" -n ${{ env.NAMESPACE }}
+              echo "--- Current logs from $POD_NAME:"
+              kubectl logs "$POD_NAME" -n ${{ env.NAMESPACE }} --tail=120 || true
+            fi
+            exit 1
+          )
+      - name: Cleanup old registry manifests (<%= appCapitalized %>)
+        run: |
+          set -eu
+          REGISTRY_NAME="${REGISTRY##*/}"
+          REPOSITORY="<%= config.appName %>-<%= app %>"
+          DIGEST_REGEX='^sha256:[a-f0-9]{64}$'
+          echo "Inspecting repository ${REPOSITORY} in registry ${REGISTRY_NAME}"
+          TAG_ROWS="$(doctl registry repository list-tags "${REGISTRY_NAME}/${REPOSITORY}" --format Tag,ManifestDigest --no-header || true)"
+          if [ -z "${TAG_ROWS}" ]; then
+            echo "No tags found for ${REPOSITORY}; skipping cleanup."
+            exit 0
+          fi
+          CURRENT_DIGEST="$(printf '%s\n' "${TAG_ROWS}" | awk -v target="${{ github.sha }}" -v regex="${DIGEST_REGEX}" '
+            $1 == target {
+              for (i = 1; i <= NF; i++) {
+                if ($i ~ regex) {
+                  print $i;
+                  exit;
+                }
+              }
+            }
+          ')"
+          if [ -z "${CURRENT_DIGEST}" ]; then
+            echo "::error::Unable to determine current manifest digest for ${REPOSITORY}:${{ github.sha }}"
+            exit 1
+          fi
+          OLD_DIGESTS="$(printf '%s\n' "${TAG_ROWS}" | awk -v keep="${CURRENT_DIGEST}" -v regex="${DIGEST_REGEX}" '
+            {
+              for (i = 1; i <= NF; i++) {
+                if ($i ~ regex && $i != keep) {
+                  print $i;
+                }
+              }
+            }
+          ' | sort -u)"
+          if [ -z "${OLD_DIGESTS}" ]; then
+            echo "No old manifests to delete for ${REPOSITORY}."
+            exit 0
+          fi
+          echo "Deleting old manifests from ${REPOSITORY}:"
+          printf '%s\n' "${OLD_DIGESTS}"
+          printf '%s\n' "${OLD_DIGESTS}" | while IFS= read -r DIGEST; do
+            if [ -z "${DIGEST}" ]; then
+              continue
+            fi
+            if ! printf '%s\n' "${DIGEST}" | grep -Eq "${DIGEST_REGEX}"; then
+              echo "Skipping invalid digest candidate: ${DIGEST}"
+              continue
+            fi
+            doctl registry repository delete-manifest "${REGISTRY_NAME}/${REPOSITORY}" "${DIGEST}" --force
+          done
+<% }); %>