npm - @highstate/backend - Versions diffs - 0.9.18 → 0.9.19 - Mend

@highstate/backend 0.9.18 → 0.9.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (331) hide show

package/dist/chunk-5WVU2AK4.js +1535 -0
package/dist/chunk-5WVU2AK4.js.map +1 -0
package/dist/{chunk-OU5OQBLB.js → chunk-I7BWSAN6.js} +3 -28
package/dist/{chunk-OU5OQBLB.js.map → chunk-I7BWSAN6.js.map} +1 -1
package/dist/chunk-VB4YL327.js +139 -0
package/dist/chunk-VB4YL327.js.map +1 -0
package/dist/database/local/prisma.config.js +26 -0
package/dist/database/local/prisma.config.js.map +1 -0
package/dist/highstate.manifest.json +2 -1
package/dist/index.js +7587 -7291
package/dist/index.js.map +1 -1
package/dist/library/package-resolution-worker.js +1 -1
package/dist/library/package-resolution-worker.js.map +1 -1
package/dist/library/worker/main.js +35 -29
package/dist/library/worker/main.js.map +1 -1
package/dist/shared/index.js +2 -2
package/package.json +18 -9
package/prisma/backend/_schema/layout.prisma +7 -0
package/prisma/backend/_schema/library.prisma +17 -0
package/prisma/backend/_schema/project.prisma +101 -0
package/prisma/backend/_schema/pulumi.prisma +17 -0
package/prisma/backend/postgresql/main.prisma +17 -0
package/prisma/backend/sqlite/main.prisma +17 -0
package/prisma/backend/sqlite/migrations/20250817070609_initiial/migration.sql +34 -0
package/prisma/backend/sqlite/migrations/20250817104948_add_fields/migration.sql +59 -0
package/prisma/backend/sqlite/migrations/20250818082732_add_models/migration.sql +41 -0
package/prisma/backend/sqlite/migrations/20250818083106_a/migration.sql +19 -0
package/prisma/backend/sqlite/migrations/20250818101945_hi/migration.sql +1 -0
package/prisma/backend/sqlite/migrations/20250819082315_a/migration.sql +5 -0
package/prisma/backend/sqlite/migrations/migration_lock.toml +3 -0
package/prisma/project/api-key.prisma +27 -0
package/prisma/project/artifact.prisma +52 -0
package/prisma/project/custom-status.prisma +46 -0
package/prisma/project/evaluation.prisma +35 -0
package/prisma/project/instance.prisma +160 -0
package/prisma/project/layout.prisma +23 -0
package/prisma/project/lock.prisma +18 -0
package/prisma/project/main.prisma +17 -0
package/prisma/project/migrations/20250816081310_initial/migration.sql +300 -0
package/prisma/project/migrations/20250816082523_test/migration.sql +72 -0
package/prisma/project/migrations/20250818065643_update/migration.sql +42 -0
package/prisma/project/migrations/20250818070758_a/migration.sql +8 -0
package/prisma/project/migrations/20250818070913_a/migration.sql +8 -0
package/prisma/project/migrations/20250818082720_add_motels/migration.sql +11 -0
package/prisma/project/migrations/20250818112523_hello/migration.sql +35 -0
package/prisma/project/migrations/20250819082305_a/migration.sql +14 -0
package/prisma/project/migrations/20250819165004_add_missing_fields/migration.sql +216 -0
package/prisma/project/migrations/20250819171309_a/migration.sql +22 -0
package/prisma/project/migrations/20250820113949_a/migration.sql +66 -0
package/prisma/project/migrations/20250820144256_b/migration.sql +31 -0
package/prisma/project/migrations/20250820145547_a/migration.sql +24 -0
package/prisma/project/migrations/20250820182517_b/migration.sql +2 -0
package/prisma/project/migrations/20250821172324_a/migration.sql +2 -0
package/prisma/project/migrations/20250822081339_a/migration.sql +219 -0
package/prisma/project/migrations/20250822083742_b/migration.sql +1 -0
package/prisma/project/migrations/20250822105134_boom/migration.sql +1 -0
package/prisma/project/migrations/20250822141028_b/migration.sql +1 -0
package/prisma/project/migrations/20250822142342_b/migration.sql +16 -0
package/prisma/project/migrations/20250824072720_a/migration.sql +1 -0
package/prisma/project/migrations/20250824093656_b/migration.sql +21 -0
package/prisma/project/migrations/20250825082518_a/migration.sql +1 -0
package/prisma/project/migrations/20250825085343_b/migration.sql +1 -0
package/prisma/project/migrations/20250825091312_a/migration.sql +1 -0
package/prisma/project/migrations/20250903095431_hi/migration.sql +44 -0
package/prisma/project/migrations/20250903174255_a/migration.sql +24 -0
package/prisma/project/migrations/20250908095205_hi/migration.sql +18 -0
package/prisma/project/migrations/20250909155857_hi/migration.sql +15 -0
package/prisma/project/migrations/migration_lock.toml +3 -0
package/prisma/project/model.prisma +37 -0
package/prisma/project/operation.prisma +148 -0
package/prisma/project/page.prisma +41 -0
package/prisma/project/secret.prisma +42 -0
package/prisma/project/service-account.prisma +36 -0
package/prisma/project/terminal.prisma +90 -0
package/prisma/project/trigger.prisma +31 -0
package/prisma/project/unlock-method.prisma +32 -0
package/prisma/project/worker.prisma +138 -0
package/src/artifact/abstractions.ts +13 -13
package/src/artifact/encryption.ts +30 -54
package/src/artifact/factory.ts +6 -9
package/src/artifact/local.ts +33 -46
package/src/business/api-key.ts +24 -36
package/src/business/artifact.test.ts +978 -0
package/src/business/artifact.ts +136 -216
package/src/business/evaluation.ts +328 -0
package/src/business/index.ts +5 -2
package/src/business/instance-lock.test.ts +1060 -0
package/src/business/instance-lock.ts +387 -78
package/src/business/instance-state.test.ts +735 -0
package/src/business/instance-state.ts +582 -337
package/src/business/operation.test.ts +439 -0
package/src/business/operation.ts +174 -208
package/src/business/project-model.ts +258 -0
package/src/business/project-unlock.ts +168 -126
package/src/business/project.ts +287 -179
package/src/business/secret.test.ts +465 -130
package/src/business/secret.ts +186 -217
package/src/business/settings.test.ts +695 -0
package/src/business/settings.ts +855 -0
package/src/business/terminal-session.ts +90 -0
package/src/business/unit-extra.test.ts +539 -0
package/src/business/unit-extra.ts +160 -0
package/src/business/worker.test.ts +356 -579
package/src/business/worker.ts +238 -339
package/src/common/codebase.ts +65 -0
package/src/common/index.ts +3 -5
package/src/common/logger.ts +5 -0
package/src/common/utils.ts +4 -3
package/src/config.ts +10 -11
package/src/database/_generated/backend/postgresql/client.ts +72 -0
package/src/database/_generated/backend/postgresql/commonInputTypes.ts +350 -0
package/src/database/_generated/backend/postgresql/enums.ts +13 -0
package/src/database/_generated/backend/postgresql/internal/class.ts +320 -0
package/src/database/_generated/backend/postgresql/internal/prismaNamespace.ts +1238 -0
package/src/database/_generated/backend/postgresql/models/Library.ts +1263 -0
package/src/database/_generated/backend/postgresql/models/Project.ts +2175 -0
package/src/database/_generated/backend/postgresql/models/ProjectModelStorage.ts +1263 -0
package/src/database/_generated/backend/postgresql/models/ProjectSpace.ts +1602 -0
package/src/database/_generated/backend/postgresql/models/PulumiBackend.ts +1263 -0
package/src/database/_generated/backend/postgresql/models/UserWorkspaseLayout.ts +1065 -0
package/src/database/_generated/backend/postgresql/models.ts +16 -0
package/src/database/_generated/backend/postgresql/pjtg.ts +182 -0
package/src/database/_generated/backend/sqlite/client.ts +72 -0
package/src/database/_generated/backend/sqlite/commonInputTypes.ts +331 -0
package/src/database/_generated/backend/sqlite/enums.ts +13 -0
package/src/database/_generated/backend/sqlite/internal/class.ts +318 -0
package/src/database/_generated/backend/sqlite/internal/prismaNamespace.ts +1207 -0
package/src/database/_generated/backend/sqlite/models/Library.ts +1261 -0
package/src/database/_generated/backend/sqlite/models/Project.ts +2169 -0
package/src/database/_generated/backend/sqlite/models/ProjectModelStorage.ts +1261 -0
package/src/database/_generated/backend/sqlite/models/ProjectSpace.ts +1599 -0
package/src/database/_generated/backend/sqlite/models/PulumiBackend.ts +1261 -0
package/src/database/_generated/backend/sqlite/models/UserWorkspaseLayout.ts +1063 -0
package/src/database/_generated/backend/sqlite/models.ts +16 -0
package/src/database/_generated/backend/sqlite/pjtg.ts +182 -0
package/src/database/_generated/project/client.ts +204 -0
package/src/database/_generated/project/commonInputTypes.ts +827 -0
package/src/database/_generated/project/enums.ts +104 -0
package/src/database/_generated/project/internal/class.ts +479 -0
package/src/database/_generated/project/internal/prismaNamespace.ts +2974 -0
package/src/database/_generated/project/models/ApiKey.ts +1506 -0
package/src/database/_generated/project/models/Artifact.ts +2051 -0
package/src/database/_generated/project/models/HubModel.ts +1125 -0
package/src/database/_generated/project/models/InstanceCustomStatus.ts +1713 -0
package/src/database/_generated/project/models/InstanceEvaluationState.ts +1312 -0
package/src/database/_generated/project/models/InstanceLock.ts +1268 -0
package/src/database/_generated/project/models/InstanceModel.ts +1125 -0
package/src/database/_generated/project/models/InstanceOperationState.ts +1707 -0
package/src/database/_generated/project/models/InstanceState.ts +4613 -0
package/src/database/_generated/project/models/Operation.ts +1647 -0
package/src/database/_generated/project/models/OperationLog.ts +1455 -0
package/src/database/_generated/project/models/Page.ts +1838 -0
package/src/database/_generated/project/models/Secret.ts +1692 -0
package/src/database/_generated/project/models/ServiceAccount.ts +2165 -0
package/src/database/_generated/project/models/Terminal.ts +2038 -0
package/src/database/_generated/project/models/TerminalSession.ts +1454 -0
package/src/database/_generated/project/models/TerminalSessionLog.ts +1280 -0
package/src/database/_generated/project/models/Trigger.ts +1430 -0
package/src/database/_generated/project/models/UnlockMethod.ts +1220 -0
package/src/database/_generated/project/models/UserCompositeViewport.ts +1280 -0
package/src/database/_generated/project/models/UserProjectViewport.ts +1059 -0
package/src/database/_generated/project/models/Worker.ts +1459 -0
package/src/database/_generated/project/models/WorkerUnitRegistration.ts +1524 -0
package/src/database/_generated/project/models/WorkerVersion.ts +1974 -0
package/src/database/_generated/project/models/WorkerVersionLog.ts +1318 -0
package/src/database/_generated/project/models.ts +35 -0
package/src/database/_generated/project/pjtg.ts +182 -0
package/src/database/abstractions.ts +19 -0
package/src/database/factory.ts +37 -0
package/src/database/index.ts +6 -0
package/src/database/local/backend.ts +134 -0
package/src/database/local/index.ts +3 -0
package/src/database/local/meta.ts +46 -0
package/src/database/local/prisma.config.ts +25 -0
package/src/database/local/project.ts +39 -0
package/src/database/manager.ts +181 -0
package/src/database/migrate.ts +35 -0
package/src/database/prisma.ts +56 -0
package/src/database/well-known.ts +38 -0
package/src/index.ts +4 -4
package/src/library/abstractions.ts +3 -5
package/src/library/factory.ts +1 -1
package/src/library/local.ts +81 -26
package/src/library/package-resolution-worker.ts +1 -1
package/src/library/worker/evaluator.ts +40 -23
package/src/library/worker/loader.lite.ts +1 -1
package/src/library/worker/main.ts +3 -10
package/src/library/worker/protocol.ts +0 -1
package/src/lock/index.ts +0 -1
package/src/lock/manager.ts +0 -10
package/src/orchestrator/manager.ts +190 -104
package/src/orchestrator/operation-context.ts +357 -0
package/src/orchestrator/operation-plan.destroy.test.md +357 -0
package/src/orchestrator/operation-plan.destroy.test.ts +775 -0
package/src/orchestrator/operation-plan.fixtures.ts +213 -0
package/src/orchestrator/operation-plan.md +198 -0
package/src/orchestrator/operation-plan.refresh.test.md +199 -0
package/src/orchestrator/operation-plan.refresh.test.ts +367 -0
package/src/orchestrator/operation-plan.ts +709 -0
package/src/orchestrator/operation-plan.update.test.md +485 -0
package/src/orchestrator/operation-plan.update.test.ts +1066 -0
package/src/orchestrator/operation-workset.ts +233 -578
package/src/orchestrator/operation.ts +435 -948
package/src/orchestrator/plan-test-builder.ts +267 -0
package/src/project-model/abstractions.ts +118 -0
package/src/project-model/backends/codebase.ts +365 -0
package/src/project-model/backends/database.ts +440 -0
package/src/project-model/errors.ts +81 -0
package/src/project-model/factory.ts +24 -0
package/src/project-model/index.ts +4 -0
package/src/project-model/utils.test.ts +544 -0
package/src/project-model/utils.ts +242 -0
package/src/pubsub/abstractions.ts +10 -1
package/src/pubsub/factory.ts +4 -4
package/src/pubsub/index.ts +1 -0
package/src/pubsub/manager.ts +29 -13
package/src/pubsub/memory.ts +31 -0
package/src/runner/abstractions.ts +33 -41
package/src/runner/artifact-env.ts +19 -8
package/src/runner/factory.ts +6 -6
package/src/runner/force-abort.ts +3 -6
package/src/runner/local.ts +64 -67
package/src/runner/pulumi.ts +23 -63
package/src/services.ts +181 -123
package/src/shared/models/backend/index.ts +3 -1
package/src/shared/models/backend/library.ts +9 -1
package/src/shared/models/backend/project.ts +43 -42
package/src/shared/models/backend/pulumi.ts +14 -0
package/src/shared/models/backend/unlock-method.ts +1 -1
package/src/shared/models/backend/well-known.ts +58 -0
package/src/shared/models/base.ts +40 -26
package/src/shared/models/errors.ts +82 -1
package/src/shared/models/index.ts +3 -2
package/src/shared/models/prisma.ts +36 -0
package/src/shared/models/project/api-key.ts +37 -59
package/src/shared/models/project/artifact.ts +16 -76
package/src/shared/models/project/custom-status.ts +12 -0
package/src/shared/models/project/index.ts +8 -7
package/src/shared/models/project/lock.ts +10 -78
package/src/shared/models/project/model.ts +19 -1
package/src/shared/models/project/operation.ts +222 -99
package/src/shared/models/project/page.ts +37 -48
package/src/shared/models/project/secret.ts +29 -89
package/src/shared/models/project/service-account.ts +12 -17
package/src/shared/models/project/state.ts +100 -407
package/src/shared/models/project/terminal.ts +75 -88
package/src/shared/models/project/trigger.ts +13 -49
package/src/shared/models/project/unlock-method.ts +20 -26
package/src/shared/models/project/worker.ts +89 -90
package/src/shared/resolvers/graph-resolver.ts +21 -0
package/src/shared/resolvers/index.ts +1 -1
package/src/shared/resolvers/input-hash.ts +24 -14
package/src/shared/resolvers/input.ts +1 -1
package/src/shared/resolvers/registry.ts +5 -4
package/src/shared/resolvers/state.ts +12 -1
package/src/shared/resolvers/validation.ts +7 -3
package/src/shared/utils/index.ts +1 -2
package/src/shared/utils/promise-tracker.ts +30 -3
package/src/terminal/abstractions.ts +1 -1
package/src/terminal/docker.ts +3 -3
package/src/terminal/manager.ts +102 -118
package/src/test-utils/database.ts +119 -0
package/src/test-utils/index.ts +2 -0
package/src/test-utils/services.ts +134 -0
package/src/unlock/abstractions.ts +5 -23
package/src/unlock/memory.ts +9 -14
package/src/worker/abstractions.ts +7 -4
package/src/worker/docker.ts +14 -19
package/src/worker/manager.ts +366 -97
package/dist/chunk-NAAIDR4U.js +0 -8499
package/dist/chunk-NAAIDR4U.js.map +0 -1
package/dist/chunk-Y7DXREVO.js +0 -1745
package/dist/chunk-Y7DXREVO.js.map +0 -1
package/dist/magic-string.es-5ABAC4JN.js +0 -1292
package/dist/magic-string.es-5ABAC4JN.js.map +0 -1
package/src/business/__traces__/secret/update-instance-secrets/create-and-delete-secrets-simultaneously.md +0 -356
package/src/business/__traces__/secret/update-instance-secrets/create-new-secrets-for-instance.md +0 -274
package/src/business/__traces__/secret/update-instance-secrets/delete-existing-secrets.md +0 -223
package/src/business/__traces__/secret/update-instance-secrets/no-op-when-no-changes.md +0 -147
package/src/business/__traces__/secret/update-instance-secrets/update-existing-secrets.md +0 -280
package/src/business/__traces__/worker/update-unit-registrations/add-new-unit-registration-when-other-exists.md +0 -360
package/src/business/__traces__/worker/update-unit-registrations/add-new-unit-registration.md +0 -215
package/src/business/__traces__/worker/update-unit-registrations/create-multiple-workers-with-different-identities.md +0 -427
package/src/business/__traces__/worker/update-unit-registrations/handle-nonexistent-registration-id-gracefully.md +0 -217
package/src/business/__traces__/worker/update-unit-registrations/no-op-when-no-changes.md +0 -132
package/src/business/__traces__/worker/update-unit-registrations/recreate-worker-when-image-changes.md +0 -454
package/src/business/__traces__/worker/update-unit-registrations/recreate-worker-when-image-version-changes.md +0 -426
package/src/business/__traces__/worker/update-unit-registrations/recreate-worker-with-same-identity-reuses-service-account.md +0 -372
package/src/business/__traces__/worker/update-unit-registrations/remove-one-of-multiple-unit-registrations.md +0 -383
package/src/business/__traces__/worker/update-unit-registrations/remove-unit-registration.md +0 -245
package/src/business/__traces__/worker/update-unit-registrations/update-existing-unit-registration-when-params-change.md +0 -174
package/src/business/__traces__/worker/update-unit-registrations/update-params-and-image-simultaneously.md +0 -432
package/src/business/__traces__/worker/update-unit-registrations/worker-with-multiple-registrations-not-deleted-when-one-removed.md +0 -220
package/src/business/backend-unlock.ts +0 -10
package/src/common/clock.ts +0 -18
package/src/common/performance.ts +0 -44
package/src/common/random.ts +0 -68
package/src/common/test/index.ts +0 -2
package/src/common/test/render.ts +0 -98
package/src/common/test/tracer.ts +0 -359
package/src/hotstate/abstractions.ts +0 -48
package/src/hotstate/factory.ts +0 -17
package/src/hotstate/index.ts +0 -3
package/src/hotstate/manager.ts +0 -192
package/src/hotstate/memory.ts +0 -100
package/src/hotstate/validation.ts +0 -100
package/src/lock/test.ts +0 -108
package/src/project/abstractions.ts +0 -78
package/src/project/evaluation.ts +0 -248
package/src/project/factory.ts +0 -11
package/src/project/index.ts +0 -3
package/src/project/local.ts +0 -417
package/src/pubsub/local.ts +0 -36
package/src/pubsub/validation.ts +0 -33
package/src/shared/utils/args.ts +0 -25
package/src/state/abstractions.ts +0 -289
package/src/state/encryption.ts +0 -98
package/src/state/factory.ts +0 -20
package/src/state/index.ts +0 -7
package/src/state/local/backend.ts +0 -106
package/src/state/local/collection.ts +0 -361
package/src/state/local/index.ts +0 -2
package/src/state/manager.ts +0 -890
package/src/state/memory/backend.ts +0 -70
package/src/state/memory/collection.ts +0 -270
package/src/state/memory/index.ts +0 -2
package/src/state/repository/index.ts +0 -2
package/src/state/repository/repository.index.ts +0 -193
package/src/state/repository/repository.ts +0 -507
package/src/state/test.ts +0 -457
/package/src/{state → database/local}/keyring.ts +0 -0

package/src/runner/local.ts CHANGED Viewed

@@ -1,47 +1,52 @@
+/** biome-ignore-all lint/complexity/useLiteralKeys: не ори на меня */
 import type { ConfigMap, OutputMap, Stack } from "@pulumi/pulumi/automation/index.js"
-import type { LibraryBackend, ResolvedUnitSource } from "../library"
-import type { ArtifactBackend, ArtifactService } from "../artifact"
 import type { Logger } from "pino"
+import type { ArtifactBackend, ArtifactService } from "../artifact"
+import type { LibraryBackend, ResolvedUnitSource } from "../library"
+import type {
+  OperationType,
+  RunnerBackend,
+  TypedUnitStateUpdate,
+  UnitDestroyOptions,
+  UnitOptions,
+  UnitStateUpdate,
+  UnitUpdateOptions,
+} from "./abstractions"
 import type { DualAbortSignal } from "./force-abort"
 import { EventEmitter, on } from "node:events"
-import { resolve, join } from "node:path"
-import { tmpdir } from "node:os"
 import { mkdtemp, rm } from "node:fs/promises"
-import { getInstanceId, unitArtifactSchema, unitSecretSchema } from "@highstate/contract"
-import { ensureDependencyInstalled } from "nypm"
-import { mapValues, omitBy } from "remeda"
-import { z } from "zod"
-import { sha256 } from "@noble/hashes/sha2"
-import { bytesToHex } from "@noble/hashes/utils"
-import { encode } from "@msgpack/msgpack"
-import { runWithRetryOnError } from "../common"
+import { tmpdir } from "node:os"
+import { join, resolve } from "node:path"
+import { crc32 } from "node:zlib"
 import {
-  unitInstanceStatusFieldSchema,
+  getInstanceId,
+  HighstateConfigKey,
+  type InstanceId,
+  instanceStatusFieldSchema,
+  unitArtifactSchema,
   unitPageSchema,
   unitTerminalSchema,
   unitTriggerSchema,
   unitWorkerSchema,
-} from "../shared"
+} from "@highstate/contract"
+import { encode } from "@msgpack/msgpack"
+import { sha256 } from "@noble/hashes/sha2"
+import { ensureDependencyInstalled } from "nypm"
+import { omitBy } from "remeda"
+import { z } from "zod"
+import { runWithRetryOnError } from "../common"
+import {
+  type ArtifactEnvironment,
+  collectAndStoreArtifacts,
+  setupArtifactEnvironment,
+} from "./artifact-env"
 import {
   getOperationSummary,
+  type LocalPulumiHost,
   pulumiErrorToString,
   updateResourceCount,
-  type LocalPulumiHost,
 } from "./pulumi"
-import {
-  setupArtifactEnvironment,
-  collectAndStoreArtifacts,
-  type ArtifactEnvironment,
-} from "./artifact-env"
-import {
-  type RunnerBackend,
-  type UnitOptions,
-  type UnitUpdateOptions,
-  type UnitDestroyOptions,
-  type UnitStateUpdate,
-  type TypedUnitStateUpdate,
-  type RunnerArtifact,
-} from "./abstractions"
 type Events = {
   [K in `update:${string}`]: [UnitStateUpdate]
@@ -83,32 +88,23 @@ export class LocalRunnerBackend implements RunnerBackend {
   }
   update(options: UnitUpdateOptions): Promise<void> {
-    const configMap: ConfigMap = {
-      ...mapValues(options.config, value => ({ value })),
-      ...mapValues(options.secrets, value => ({ value, secret: true })),
-    }
-    void this.updateWorker(options, configMap, false)
+    void this.updateWorker(options, false)
     return Promise.resolve()
   }
   preview(options: UnitUpdateOptions): Promise<void> {
-    const configMap: ConfigMap = {
-      ...mapValues(options.config, value => ({ value })),
-      ...mapValues(options.secrets, value => ({ value, secret: true })),
-    }
-    void this.updateWorker(options, configMap, true)
+    void this.updateWorker(options, true)
     return Promise.resolve()
   }
-  private async updateWorker(
-    options: UnitUpdateOptions,
-    configMap: ConfigMap,
-    preview: boolean,
-  ): Promise<void> {
+  private async updateWorker(options: UnitUpdateOptions, preview: boolean): Promise<void> {
+    const configMap: ConfigMap = {
+      [HighstateConfigKey.Config]: { value: JSON.stringify(options.config) },
+      [HighstateConfigKey.Secrets]: { value: JSON.stringify(options.secrets), secret: true },
+    }
     const unitId = LocalRunnerBackend.getInstanceId(options)
     const childLogger = this.logger.child({ unitId })
@@ -118,8 +114,6 @@ export class LocalRunnerBackend implements RunnerBackend {
     try {
       // create unit-specific temp directory for better cleanup reliability
-      // this provides a second layer of reliability: even if materialized files/folders
-      // cannot clean up their specific paths, this entire directory will be cleaned up
       unitTempPath = await mkdtemp(join(tmpdir(), `highstate-unit-${unitId}-`))
       childLogger.debug({ msg: "created unit temp directory", unitTempPath })
       options.signal?.throwIfAborted()
@@ -211,23 +205,27 @@ export class LocalRunnerBackend implements RunnerBackend {
               })
               const outputs = await stack.outputs()
-              const completionUpdate = this.createCompletionStateUpdate(unitId, outputs, stdout)
+              const completionUpdate = this.createCompletionStateUpdate(
+                "update",
+                unitId,
+                outputs,
+                stdout,
+              )
               if (outputs["$artifacts"]) {
                 const artifacts = z
                   .record(z.string(), unitArtifactSchema.array())
-                  // "id" of artifacts will be filled by collectAndStoreArtifacts
-                  .parse(outputs["$artifacts"].value) as Record<string, RunnerArtifact[]>
+                  .parse(outputs["$artifacts"].value)
                 await collectAndStoreArtifacts(
+                  // biome-ignore lint/style/noNonNullAssertion: writePath is guaranteed to be non-null here
                   artifactEnv!.writePath,
                   options.projectId,
+                  options.stateId,
                   this.arttifactManager,
                   Object.values(artifacts).flat(),
                   childLogger,
                 )
-                completionUpdate.exportedArtifacts = artifacts
               }
               this.emitStateUpdate(completionUpdate)
@@ -356,7 +354,7 @@ export class LocalRunnerBackend implements RunnerBackend {
                   },
                 })
-                await this.emitCompletionStateUpdate(unitId, stack, stdout)
+                await this.emitCompletionStateUpdate("destroy", unitId, stack, stdout)
               },
               error => this.pulumiProjectHost.tryUnlockStack(stack, error),
             )
@@ -375,6 +373,7 @@ export class LocalRunnerBackend implements RunnerBackend {
       if (error instanceof StackNotFoundError) {
         this.emitStateUpdate({
           type: "completion",
+          operationType: "destroy",
           unitId,
           outputHash: null,
           message: null,
@@ -462,6 +461,7 @@ export class LocalRunnerBackend implements RunnerBackend {
               this.emitStateUpdate({
                 type: "completion",
+                operationType: "refresh",
                 unitId,
                 message: getOperationSummary(stdout),
@@ -483,7 +483,8 @@ export class LocalRunnerBackend implements RunnerBackend {
   }
   private createCompletionStateUpdate(
-    unitId: string,
+    opType: "update" | "destroy" | "refresh",
+    unitId: InstanceId,
     outputs: OutputMap,
     stdout: string,
   ): TypedUnitStateUpdate<"completion"> {
@@ -492,12 +493,13 @@ export class LocalRunnerBackend implements RunnerBackend {
     return {
       unitId,
       type: "completion",
+      operationType: opType,
       message: getOperationSummary(stdout),
-      outputHash: bytesToHex(sha256(encode(unitOutputs))),
+      outputHash: crc32(sha256(encode(unitOutputs))),
       statusFields: outputs["$statusFields"]
-        ? z.array(unitInstanceStatusFieldSchema).parse(outputs["$statusFields"].value)
+        ? z.array(instanceStatusFieldSchema).parse(outputs["$statusFields"].value)
         : null,
       terminals: outputs["$terminals"]
@@ -514,25 +516,20 @@ export class LocalRunnerBackend implements RunnerBackend {
         ? z.array(unitWorkerSchema).parse(outputs["$workers"].value)
         : null,
-      exportedSecrets: outputs["$exportedSecrets"]
-        ? z
-            .record(z.string(), unitSecretSchema.omit({ value: true }).array())
-            .parse(outputs["$secrets"].value)
-        : null,
       secrets: outputs["$secrets"]
-        ? z.record(z.string(), z.string()).parse(outputs["$secrets"].value)
+        ? z.record(z.string(), z.unknown()).parse(outputs["$secrets"].value)
         : null,
     }
   }
   private async emitCompletionStateUpdate(
-    unitId: string,
+    opType: OperationType,
+    unitId: InstanceId,
     stack: Stack,
     stdout: string,
   ): Promise<TypedUnitStateUpdate<"completion">> {
     const output = await stack.outputs()
-    const update = this.createCompletionStateUpdate(unitId, output, stdout)
+    const update = this.createCompletionStateUpdate(opType, unitId, output, stdout)
     return this.emitStateUpdate(update)
   }
@@ -615,7 +612,7 @@ export class LocalRunnerBackend implements RunnerBackend {
   }
   private static getStackName(options: UnitOptions) {
-    return `${options.projectId}_${options.instanceName}`
+    return options.stateId
   }
   public static create(

package/src/runner/pulumi.ts CHANGED Viewed

@@ -1,15 +1,13 @@
-import type { Logger } from "pino"
-import type { StateManager } from "../state"
-import {
-  type ConfigMap,
-  type OpMap,
-  type OpType,
-  type Stack,
-  type WhoAmIResult,
+import type {
+  ConfigMap,
+  OpMap,
+  OpType,
+  Stack,
+  WhoAmIResult,
 } from "@pulumi/pulumi/automation/index.js"
+import type { Logger } from "pino"
+import type { SecretService } from "../business"
 import { BetterLock } from "better-lock"
-import { v4 as uuidv4, v7 as uuidv7 } from "uuid"
-import { formatSecretDescriptor, WellKnownSecretDescriptors, type Secret } from "../shared"
 import { AbortError, errorToString, runWithRetryOnError } from "../common/utils"
 import { createForceAbortableCommand } from "./force-abort"
@@ -29,7 +27,7 @@ export class LocalPulumiHost {
   private lock = new BetterLock()
   private constructor(
-    private readonly stateManager: StateManager,
+    private readonly secretService: SecretService,
     private readonly logger: Logger,
   ) {}
@@ -68,8 +66,9 @@ export class LocalPulumiHost {
             runtime: "nodejs",
           },
           envVars: {
-            PULUMI_CONFIG_PASSPHRASE: await this.getPassword(projectId),
+            PULUMI_CONFIG_PASSPHRASE: await this.secretService.getPulumiPassword(projectId),
             PULUMI_K8S_AWAIT_ALL: "true",
+            PULUMI_DEBUG_PROMISE_LEAKS: "true",
             ...envVars,
           },
           pulumiCommand: await createForceAbortableCommand(),
@@ -83,12 +82,12 @@ export class LocalPulumiHost {
           () => fn(stack),
           error => this.tryUnlockStack(stack, error),
         )
-      } catch (e) {
-        if (e instanceof Error && e.message.includes("canceled")) {
-          throw new AbortError()
+      } catch (error) {
+        if (error instanceof Error && error.message.includes("canceled")) {
+          throw new AbortError("Stack cancelled", { cause: error })
         }
-        throw e
+        throw error
       }
     })
   }
@@ -125,7 +124,7 @@ export class LocalPulumiHost {
               }
             : undefined,
           envVars: {
-            PULUMI_CONFIG_PASSPHRASE: await this.getPassword(projectId),
+            PULUMI_CONFIG_PASSPHRASE: await this.secretService.getPulumiPassword(projectId),
             PULUMI_K8S_AWAIT_ALL: "true",
             ...envVars,
           },
@@ -140,52 +139,13 @@ export class LocalPulumiHost {
           () => fn(stack),
           error => this.tryUnlockStack(stack, error),
         )
-      } catch (e) {
-        if (e instanceof Error && e.message.includes("canceled")) {
-          throw new AbortError()
+      } catch (error) {
+        if (error instanceof Error && error.message.includes("canceled")) {
+          throw new AbortError("Stack cancelled", { cause: error })
         }
-        throw e
-      }
-    })
-  }
-  private async getPassword(projectId: string): Promise<string> {
-    return await this.lock.acquire(`pulumi-password.${projectId}`, async () => {
-      const secretRepo = this.stateManager.getSecretRepository(projectId)
-      const secretContentRepo = this.stateManager.getSecretContentRepository(projectId)
-      const indexRepo = this.stateManager.getSecretIndexRepository(projectId)
-      const contentKey = formatSecretDescriptor(WellKnownSecretDescriptors.PulumiPassword)
-      const pulumiPasswordContent = await secretContentRepo.get(contentKey)
-      if (typeof pulumiPasswordContent === "string") {
-        return pulumiPasswordContent
+        throw error
       }
-      this.logger.info({ projectId }, "generating new Pulumi password")
-      const pulumiPassword = uuidv4()
-      const batch = this.stateManager.batch()
-      const pulumiPasswordSecret: Secret = {
-        id: uuidv7(),
-        descriptor: WellKnownSecretDescriptors.PulumiPassword,
-        meta: {
-          title: "Pulumi Password",
-          description: "The password used to encrypt the Pulumi state.",
-          icon: "devicon:pulumi",
-        },
-      }
-      await Promise.all([
-        secretRepo.putItem(pulumiPasswordSecret, batch),
-        secretContentRepo.put(contentKey, pulumiPassword, batch),
-        indexRepo.indexRepository.put(contentKey, pulumiPasswordSecret.id, batch),
-      ])
-      await batch.write()
-      return pulumiPassword
     })
   }
@@ -201,8 +161,8 @@ export class LocalPulumiHost {
     return false
   }
-  static create(stateManager: StateManager, logger: Logger) {
-    return new LocalPulumiHost(stateManager, logger.child({ service: "LocalPulumiHost" }))
+  static create(secretService: SecretService, logger: Logger) {
+    return new LocalPulumiHost(secretService, logger.child({ service: "LocalPulumiHost" }))
   }
 }
@@ -255,7 +215,7 @@ export async function pulumiErrorToString(error: unknown): Promise<string> {
   const { CommandError } = await import("@pulumi/pulumi/automation/index.js")
   if (error instanceof CommandError) {
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+    // biome-ignore lint/complexity/useLiteralKeys: не ори на отца
     const stderr = error["commandResult"].stderr as string
     let diagnosticsStart = stderr.indexOf("\u001b[38;5;13m\u001b[1mDiagnostics:")