@highstate/common 0.9.15 → 0.9.18

package/dist/units/ssh/key-pair/index.js

@@ -1,22 +1,27 @@
-import {
-  generatePrivateKey,
-  privateKeyToKeyPair
-} from "../../../chunk-NISDP46H.js";
+import { ensureSshKeyPair } from '../../../chunk-YYNV3MVT.js';
+import { ssh } from '@highstate/library';
+import { forUnit } from '@highstate/pulumi';
 
-// src/units/ssh/key-pair/index.ts
-import { ssh } from "@highstate/library";
-import { forUnit, getOrCreateSecret } from "@highstate/pulumi";
-var { secrets, outputs } = forUnit(ssh.keyPair);
-var privateKey = getOrCreateSecret(secrets, "privateKey", generatePrivateKey);
-var keyPair = privateKeyToKeyPair(privateKey);
+var { name, secrets, outputs } = forUnit(ssh.keyPair);
+var keyPair = ensureSshKeyPair(secrets.privateKey);
 var key_pair_default = outputs({
-  keyPair: privateKeyToKeyPair(privateKey),
-  $status: {
+  keyPair,
+  publicKeyFile: {
+    meta: {
+      name: `${name}.pub`,
+      mode: 420
+    },
+    content: {
+      type: "embedded",
+      value: keyPair.publicKey
+    }
+  },
+  $statusFields: {
     fingerprint: keyPair.fingerprint,
     publicKey: keyPair.publicKey
   }
 });
-export {
-  key_pair_default as default
-};
+
+export { key_pair_default as default };
+//# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map

package/dist/units/ssh/key-pair/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/units/ssh/key-pair/index.ts"],"sourcesContent":["import { ssh } from \"@highstate/library\"\nimport { forUnit, getOrCreateSecret } from \"@highstate/pulumi\"\nimport { generatePrivateKey, privateKeyToKeyPair } from \"../../../shared\"\n\nconst { secrets, outputs } = forUnit(ssh.keyPair)\n\nconst privateKey = getOrCreateSecret(secrets, \"privateKey\", generatePrivateKey)\nconst keyPair = privateKeyToKeyPair(privateKey)\n\nexport default outputs({\n  keyPair: privateKeyToKeyPair(privateKey),\n  $status: {\n    fingerprint: keyPair.fingerprint,\n    publicKey: keyPair.publicKey,\n  },\n})\n"],"mappings":";;;;;;AAAA,SAAS,WAAW;AACpB,SAAS,SAAS,yBAAyB;AAG3C,IAAM,EAAE,SAAS,QAAQ,IAAI,QAAQ,IAAI,OAAO;AAEhD,IAAM,aAAa,kBAAkB,SAAS,cAAc,kBAAkB;AAC9E,IAAM,UAAU,oBAAoB,UAAU;AAE9C,IAAO,mBAAQ,QAAQ;AAAA,EACrB,SAAS,oBAAoB,UAAU;AAAA,EACvC,SAAS;AAAA,IACP,aAAa,QAAQ;AAAA,IACrB,WAAW,QAAQ;AAAA,EACrB;AACF,CAAC;","names":[]}
+{"version":3,"sources":["../../../../src/units/ssh/key-pair/index.ts"],"names":[],"mappings":";;;;AAIA,IAAM,EAAE,IAAA,EAAM,OAAA,EAAS,SAAQ,GAAI,OAAA,CAAQ,IAAI,OAAO,CAAA;AAEtD,IAAM,OAAA,GAAU,gBAAA,CAAiB,OAAA,CAAQ,UAAU,CAAA;AAEnD,IAAO,mBAAQ,OAAA,CAAQ;AAAA,EACrB,OAAA;AAAA,EACA,aAAA,EAAe;AAAA,IACb,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,GAAG,IAAI,CAAA,IAAA,CAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACR;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,UAAA;AAAA,MACN,OAAO,OAAA,CAAQ;AAAA;AACjB,GACF;AAAA,EACA,aAAA,EAAe;AAAA,IACb,aAAa,OAAA,CAAQ,WAAA;AAAA,IACrB,WAAW,OAAA,CAAQ;AAAA;AAEvB,CAAC","file":"index.js","sourcesContent":["import { ssh } from \"@highstate/library\"\nimport { forUnit } from \"@highstate/pulumi\"\nimport { ensureSshKeyPair } from \"../../../shared\"\n\nconst { name, secrets, outputs } = forUnit(ssh.keyPair)\n\nconst keyPair = ensureSshKeyPair(secrets.privateKey)\n\nexport default outputs({\n  keyPair,\n  publicKeyFile: {\n    meta: {\n      name: `${name}.pub`,\n      mode: 0o644,\n    },\n    content: {\n      type: \"embedded\",\n      value: keyPair.publicKey,\n    },\n  },\n  $statusFields: {\n    fingerprint: keyPair.fingerprint,\n    publicKey: keyPair.publicKey,\n  },\n})\n"]}

package/package.json

@@ -1,11 +1,19 @@
 {
   "name": "@highstate/common",
-  "version": "0.9.15",
+  "version": "0.9.18",
   "type": "module",
   "files": [
     "dist",
     "src"
   ],
+  "highstate": {
+    "sourceHash": {
+      ".": {
+        "mode": "manual",
+        "version": "1"
+      }
+    }
+  },
   "exports": {
     ".": {
       "types": "./src/index.ts",
@@ -28,15 +36,21 @@
     "update-images": "../../scripts/update-images.sh ./assets/images.json"
   },
   "dependencies": {
-    "@highstate/library": "^0.9.15",
-    "@highstate/pulumi": "^0.9.15",
+    "@highstate/contract": "^0.9.18",
+    "@highstate/library": "^0.9.18",
+    "@highstate/pulumi": "^0.9.18",
     "@noble/hashes": "^1.7.1",
     "@pulumi/command": "^1.0.2",
     "micro-key-producer": "^0.7.3",
-    "remeda": "^2.21.0"
+    "minimatch": "^10.0.3",
+    "remeda": "^2.21.0",
+    "tar": "^7.4.3",
+    "unzipper": "^0.12.3"
   },
   "devDependencies": {
-    "@highstate/cli": "^0.9.15"
+    "@highstate/cli": "^0.9.18",
+    "@types/tar": "^6.1.13",
+    "@types/unzipper": "^0.10.11"
   },
-  "gitHead": "f61b9905d4cd50511b03331411f42595403ebc06"
+  "gitHead": "9ebcd7da56b00b8ca08bf52cc8438f527338cd64"
 }

package/src/shared/command.ts

@@ -1,16 +1,26 @@
+import { homedir } from "node:os"
 import { local, remote, type types } from "@pulumi/command"
 import {
   ComponentResource,
   interpolate,
   output,
+  toPromise,
   type ComponentResourceOptions,
   type Input,
+  type InputMap,
   type InputOrArray,
   type Output,
 } from "@highstate/pulumi"
 import { common, ssh } from "@highstate/library"
+import { flat } from "remeda"
 import { l3EndpointToString } from "./network"
 
+/**
+ * Creates a connection object for the given SSH credentials.
+ *
+ * @param ssh The SSH credentials.
+ * @returns An output connection object for Pulumi remote commands.
+ */
 export function getServerConnection(
   ssh: Input<ssh.Credentials>,
 ): Output<types.input.remote.ConnectionArgs> {
@@ -25,108 +35,282 @@ export function getServerConnection(
   }))
 }
 
-export type CommandHost = "local" | common.Server
+export type CommandHost = "local" | Input<common.Server> | Input<types.input.remote.ConnectionArgs>
+export type CommandRunMode = "auto" | "prefer-host"
 
 export type CommandArgs = {
-  host: Input<CommandHost>
-  create: Input<string>
-  update?: Input<string>
-  delete?: Input<string>
-  logging?: Input<remote.Logging>
+  /**
+   * The host to run the command on.
+   *
+   * Can be "local" for local execution or a server object for remote execution.
+   */
+  host: CommandHost
+
+  /**
+   * The command to run when the resource is created.
+   *
+   * If an array is provided, it will be joined with spaces.
+   */
+  create: InputOrArray<string>
+
+  /**
+   * The command to run when the resource is updated or one of the triggers changes.
+   *
+   * If not set, the `create` command will be used.
+   */
+  update?: InputOrArray<string>
+
+  /**
+   * The command to run when the resource is deleted.
+   */
+  delete?: InputOrArray<string>
+
+  /**
+   * The stdin content to pass to the command.
+   */
+  stdin?: Input<string>
+
+  /**
+   * The logging level for the command.
+   */
+  logging?: Input<local.Logging>
+
+  /**
+   * The triggers for the command.
+   *
+   * They will be captured in the command's state and will trigger the command to run again
+   * if they change.
+   */
   triggers?: InputOrArray<unknown>
+
+  /**
+   * The working directory for the command.
+   *
+   * If not set, the command will run in the user's home directory (for both local and remote hosts).
+   */
+  cwd?: Input<string>
+
+  /**
+   * The environment variables to set for the command.
+   */
+  environment?: Input<InputMap<string>>
+
+  /**
+   * The run mode for the command.
+   *
+   * - `auto` (default): if the `image` is set, it will always run in a container, never on the host;
+   * otherwise, it will run on the host.
+   *
+   * - `prefer-host`: it will try to run on the host if the executable is available;
+   * otherwise, it will run in a container or throw an error if the `image` is not set.
+   */
+  runMode?: CommandRunMode
+
+  /**
+   * The container image to use to run the command.
+   */
+  image?: Input<string>
+
+  /**
+   * The paths to mount if the command runs in a container.
+   *
+   * They will be mounted to the same paths in the container.
+   */
+  mounts?: InputOrArray<string>
 }
 
 export type TextFileArgs = {
+  /**
+   * The host to run the command on.
+   */
   host: CommandHost
+
+  /**
+   * The absolute path to the file on the host.
+   */
   path: Input<string>
+
+  /**
+   * The content to write to the file.
+   */
   content: Input<string>
 }
 
-export class Command extends ComponentResource {
-  public readonly command: Output<local.Command | remote.Command>
+export type WaitForArgs = CommandArgs & {
+  /**
+   * The timeout in seconds to wait for the command to complete.
+   *
+   * Defaults to 5 minutes (300 seconds).
+   */
+  timeout?: Input<number>
 
+  /**
+   * The interval in seconds to wait between checks.
+   *
+   * Defaults to 5 seconds.
+   */
+  interval?: Input<number>
+}
+
+function createCommand(command: string | string[]): string {
+  if (Array.isArray(command)) {
+    return command.join(" ")
+  }
+
+  return command
+}
+
+function wrapWithWorkDir(dir?: Input<string>) {
+  if (!dir) {
+    return (command: string) => output(command)
+  }
+
+  return (command: string) => interpolate`cd "${dir}" && ${command}`
+}
+
+function wrapWithWaitFor(timeout: Input<number> = 300, interval: Input<number> = 5) {
+  return (command: string | string[]) =>
+    // TOD: escape the command
+    interpolate`timeout ${timeout} bash -c 'while ! ${createCommand(command)}; do sleep ${interval}; done'`
+}
+
+export class Command extends ComponentResource {
   public readonly stdout: Output<string>
   public readonly stderr: Output<string>
 
   constructor(name: string, args: CommandArgs, opts?: ComponentResourceOptions) {
     super("highstate:common:Command", name, args, opts)
 
-    this.command = output(args).apply(args => {
-      if (args.host === "local") {
-        return new local.Command(
-          name,
-          {
-            create: args.create,
-            update: args.update,
-            delete: args.delete,
-            logging: args.logging,
-            triggers: args.triggers,
-          },
-          { ...opts, parent: this },
-        )
-      }
-
-      if (!args.host.ssh) {
-        throw new Error(`The host "${args.host.hostname}" has no SSH credentials`)
-      }
-
-      return new remote.Command(
-        name,
-        {
-          connection: getServerConnection(args.host.ssh),
-          create: args.create,
-          update: args.update,
-          delete: args.delete,
-          logging: args.logging,
-          triggers: args.triggers,
-        },
-        { ...opts, parent: this },
-      )
-    })
-
-    this.stdout = this.command.stdout
-    this.stderr = this.command.stderr
+    const command =
+      args.host === "local"
+        ? new local.Command(
+            name,
+            {
+              create: output(args.create).apply(createCommand),
+              update: args.update ? output(args.update).apply(createCommand) : undefined,
+              delete: args.delete ? output(args.delete).apply(createCommand) : undefined,
+              logging: args.logging,
+              triggers: args.triggers ? output(args.triggers).apply(flat) : undefined,
+              dir: args.cwd ?? homedir(),
+              environment: args.environment as local.CommandArgs["environment"],
+              stdin: args.stdin,
+            },
+            { ...opts, parent: this },
+          )
+        : new remote.Command(
+            name,
+            {
+              connection: output(args.host).apply(server => {
+                if ("host" in server) {
+                  return output(server)
+                }
+
+                if (!server.ssh) {
+                  throw new Error(`The server "${server.hostname}" has no SSH credentials`)
+                }
+
+                return getServerConnection(server.ssh)
+              }),
+
+              create: output(args.create).apply(createCommand).apply(wrapWithWorkDir(args.cwd)),
+
+              update: args.update
+                ? output(args.update).apply(createCommand).apply(wrapWithWorkDir(args.cwd))
+                : undefined,
+
+              delete: args.delete
+                ? output(args.delete).apply(createCommand).apply(wrapWithWorkDir(args.cwd))
+                : undefined,
+
+              logging: args.logging,
+              triggers: args.triggers ? output(args.triggers).apply(flat) : undefined,
+              stdin: args.stdin,
+              environment: args.environment as remote.CommandArgs["environment"],
+            },
+            { ...opts, parent: this },
+          )
+
+    this.stdout = command.stdout
+    this.stderr = command.stderr
   }
 
+  /**
+   * Waits for the command to complete and returns its output.
+   * The standard output will be returned.
+   */
+  async wait(): Promise<string> {
+    return await toPromise(this.stdout)
+  }
+
+  /**
+   * Creates a command that writes the given content to a file on the host.
+   * The file will be created if it does not exist, and overwritten if it does.
+   *
+   * Use for small text files like configuration files.
+   */
   static createTextFile(
     name: string,
     options: TextFileArgs,
     opts?: ComponentResourceOptions,
-  ): Output<Command> {
-    return output(options).apply(options => {
-      const escapedContent = options.content.replace(/"/g, '\\"')
-
-      const command = new Command(
-        name,
-        {
-          host: options.host,
-          create: interpolate`mkdir -p $(dirname ${options.path}) && echo "${escapedContent}" > ${options.path}`,
-          delete: interpolate`rm -rf ${options.path}`,
-        },
-        opts,
-      )
-
-      return command
-    })
+  ): Command {
+    return new Command(
+      name,
+      {
+        host: options.host,
+        create: interpolate`mkdir -p $(dirname "${options.path}") && cat > ${options.path}`,
+        delete: interpolate`rm -rf ${options.path}`,
+        stdin: options.content,
+      },
+      opts,
+    )
   }
 
+  /**
+   * Creates a command that waits for a file to be created and then reads its content.
+   * This is useful for waiting for a file to be generated by another process.
+   *
+   * Use for small text files like configuration files.
+   */
   static receiveTextFile(
     name: string,
     options: Omit<TextFileArgs, "content">,
     opts?: ComponentResourceOptions,
-  ): Output<Command> {
-    return output(options).apply(options => {
-      const command = new Command(
-        name,
-        {
-          host: options.host,
-          create: interpolate`while ! test -f ${options.path}; do sleep 1; done; cat ${options.path}`,
-          logging: "stderr",
-        },
-        opts,
-      )
-
-      return command
-    })
+  ): Command {
+    return new Command(
+      name,
+      {
+        host: options.host,
+        create: interpolate`while ! test -f "${options.path}"; do sleep 1; done; cat "${options.path}"`,
+        logging: "stderr",
+      },
+      opts,
+    )
+  }
+
+  /**
+   * Creates a command that waits for a condition to be met.
+   * The command will run until the condition is met or the timeout is reached.
+   *
+   * The condition is considered met if the command returns a zero exit code.
+   *
+   * @param name The name of the command resource.
+   * @param args The arguments for the command, including the condition to check.
+   * @param opts Optional resource options.
+   */
+  static waitFor(name: string, args: WaitForArgs, opts?: ComponentResourceOptions): Command {
+    return new Command(
+      name,
+      {
+        ...args,
+        create: output(args.create).apply(wrapWithWaitFor(args.timeout, args.interval)),
+        update: args.update
+          ? output(args.update).apply(wrapWithWaitFor(args.timeout, args.interval))
+          : undefined,
+        delete: args.delete
+          ? output(args.delete).apply(wrapWithWaitFor(args.timeout, args.interval))
+          : undefined,
+      },
+      opts,
+    )
   }
 }