@hot-updater/cloudflare 0.31.4 → 0.32.0

package/dist/iac/index.mjs

@@ -28,7 +28,7 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __commonJSMin = (cb, mod) => () => (mod || (cb((mod = { exports: {} }).exports, mod), cb = null), mod.exports);
+var __commonJSMin = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
 var __copyProps = (to, from, except, desc) => {
 	if (from && typeof from === "object" || typeof from === "function") for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
 		key = keys[i];
@@ -10838,7 +10838,10 @@ const getConfigScaffold = (build) => {
 		configString: `r2Storage({
     bucketName: process.env.HOT_UPDATER_CLOUDFLARE_R2_BUCKET_NAME!,
     accountId: process.env.HOT_UPDATER_CLOUDFLARE_ACCOUNT_ID!,
-    cloudflareApiToken: process.env.HOT_UPDATER_CLOUDFLARE_API_TOKEN!,
+    credentials: {
+      accessKeyId: process.env.HOT_UPDATER_CLOUDFLARE_R2_ACCESS_KEY_ID!,
+      secretAccessKey: process.env.HOT_UPDATER_CLOUDFLARE_R2_SECRET_ACCESS_KEY!,
+    },
   })`
 	}).setDatabase({
 		imports: [{
@@ -10863,7 +10866,50 @@ export default HotUpdater.wrap({
   baseURL: "%%source%%",
   updateStrategy: "appVersion", // or "fingerprint"
 })(App);`;
-const deployWorker = async (oauth_token, accountId, { d1DatabaseId, d1DatabaseName, r2BucketName }) => {
+const HOT_UPDATER_ENV_PATH = ".env.hotupdater";
+const unquoteEnvValue = (value) => {
+	const trimmed = value.trim();
+	if (trimmed.startsWith("\"") && trimmed.endsWith("\"") || trimmed.startsWith("'") && trimmed.endsWith("'")) return trimmed.slice(1, -1);
+	return trimmed;
+};
+const readHotUpdaterEnv = async (cwd) => {
+	const envPath = path.join(cwd, HOT_UPDATER_ENV_PATH);
+	const content = await fs.readFile(envPath, "utf-8").catch(() => "");
+	const env = {};
+	for (const line of content.split("\n")) {
+		const trimmed = line.trim();
+		if (!trimmed || trimmed.startsWith("#") || !trimmed.includes("=")) continue;
+		const [key, ...valueParts] = trimmed.split("=");
+		if (!key) continue;
+		env[key.trim()] = unquoteEnvValue(valueParts.join("="));
+	}
+	return env;
+};
+const getEnvValue = (env, key) => {
+	return process.env[key]?.trim() || env[key]?.trim() || void 0;
+};
+const inputR2ApiCredentials = async ({ accountId, bucketName, accessKeyId, secretAccessKey }) => {
+	p.log.step(`R2 API Tokens dashboard: ${link(`https://dash.cloudflare.com/${accountId}/r2/api-tokens`)}`);
+	p.log.step("Required permission: Object Read & Write");
+	p.log.step(`Target bucket: ${bucketName}`);
+	let resolvedAccessKeyId = accessKeyId;
+	if (!resolvedAccessKeyId) {
+		const inputR2AccessKeyId = await p.password({ message: "Enter the R2 Access Key ID" });
+		if (p.isCancel(inputR2AccessKeyId)) process.exit(1);
+		resolvedAccessKeyId = inputR2AccessKeyId;
+	}
+	let resolvedSecretAccessKey = secretAccessKey;
+	if (!resolvedSecretAccessKey) {
+		const inputR2SecretAccessKey = await p.password({ message: "Enter the R2 Secret Access Key" });
+		if (p.isCancel(inputR2SecretAccessKey)) process.exit(1);
+		resolvedSecretAccessKey = inputR2SecretAccessKey;
+	}
+	return {
+		accessKeyId: resolvedAccessKeyId,
+		secretAccessKey: resolvedSecretAccessKey
+	};
+};
+const deployWorker = async (oauth_token, accountId, { d1DatabaseId, d1DatabaseName, r2BucketName, workerName }) => {
 	const cwd = getCwd();
 	const cloudflarePackagePath = __require.resolve("@hot-updater/cloudflare/package.json", { paths: [cwd] });
 	const { tmpDir, removeTmpDir } = await copyDirToTmp(path.dirname(cloudflarePackagePath));
@@ -10895,14 +10941,19 @@ const deployWorker = async (oauth_token, accountId, { d1DatabaseId, d1DatabaseNa
 			await fs.writeFile(filePath, transformTemplate(content, { BUCKET_NAME: r2BucketName }));
 		}
 		await wrangler("d1", "migrations", "apply", d1DatabaseName, "--remote");
-		const workerName = await p.text({
-			message: "Enter the name of the worker",
-			defaultValue: "hot-updater",
-			placeholder: "hot-updater"
-		});
-		if (p.isCancel(workerName)) process.exit(1);
-		await wrangler("deploy", "--name", workerName);
-		return workerName;
+		let resolvedWorkerName = workerName;
+		if (resolvedWorkerName) p.log.info("Using existing Cloudflare Worker name.");
+		else {
+			const inputWorkerName = await p.text({
+				message: "Enter the name of the worker",
+				defaultValue: "hot-updater",
+				placeholder: "hot-updater"
+			});
+			if (p.isCancel(inputWorkerName)) process.exit(1);
+			resolvedWorkerName = inputWorkerName;
+		}
+		await wrangler("deploy", "--name", resolvedWorkerName);
+		return resolvedWorkerName;
 	} catch (error) {
 		throw new Error("Failed to deploy worker", { cause: error });
 	} finally {
@@ -10911,6 +10962,7 @@ const deployWorker = async (oauth_token, accountId, { d1DatabaseId, d1DatabaseNa
 };
 const runInit = async ({ build }) => {
 	const cwd = getCwd();
+	const existingEnv = await readHotUpdaterEnv(cwd);
 	let auth = getWranglerLoginAuthToken();
 	if (!auth || (0, import_dayjs_min.default)(auth?.expiration_time).isBefore((0, import_dayjs_min.default)())) {
 		await execa("npx", [
@@ -10928,70 +10980,117 @@ const runInit = async ({ build }) => {
 	if (!auth) throw new Error("'npx wrangler login' is required to use this command");
 	const cf = new Cloudflare({ apiToken: auth.oauth_token });
 	const createKey = `create/${Math.random().toString(36).substring(2, 15)}`;
-	const accounts = [];
-	try {
-		await p.tasks([{
-			title: "Checking Account List...",
-			task: async () => {
-				accounts.push(...(await cf.accounts.list()).result.map((account) => ({
-					id: account.id,
-					name: account.name
-				})));
-			}
-		}]);
-	} catch (e) {
-		if (e instanceof Error) p.log.error(e.message);
-		throw e;
+	let accountId = getEnvValue(existingEnv, "HOT_UPDATER_CLOUDFLARE_ACCOUNT_ID");
+	if (accountId) p.log.info("Using existing Cloudflare account ID.");
+	else {
+		const accounts = [];
+		try {
+			await p.tasks([{
+				title: "Checking Account List...",
+				task: async () => {
+					accounts.push(...(await cf.accounts.list()).result.map((account) => ({
+						id: account.id,
+						name: account.name
+					})));
+				}
+			}]);
+		} catch (e) {
+			if (e instanceof Error) p.log.error(e.message);
+			throw e;
+		}
+		const selectedAccountId = await p.select({
+			message: "Account List",
+			options: accounts.map((account) => ({
+				value: account.id,
+				label: `${account.name} (${account.id})`
+			}))
+		});
+		if (p.isCancel(selectedAccountId)) process.exit(1);
+		accountId = selectedAccountId;
 	}
-	const accountId = await p.select({
-		message: "Account List",
-		options: accounts.map((account) => ({
-			value: account.id,
-			label: `${account.name} (${account.id})`
-		}))
-	});
-	if (p.isCancel(accountId)) process.exit(1);
-	p.log.step(`Please visit this link to create an API Token: ${link(`https://dash.cloudflare.com/${accountId}/api-tokens`)}`);
-	p.log.step("You need edit permissions for both D1 and R2");
-	const apiToken = await p.password({ message: "Enter the API Token" });
-	if (!apiToken) p.log.warn("Skipping API Token. You can set it later in .env HOT_UPDATER_CLOUDFLARE_API_TOKEN file.");
-	if (p.isCancel(apiToken)) process.exit(1);
-	const availableBuckets = [];
-	try {
-		await p.tasks([{
-			title: "Checking R2 Buckets...",
-			task: async () => {
-				const buckets = (await cf.r2.buckets.list({ account_id: accountId })).buckets ?? [];
-				availableBuckets.push(...buckets.filter((bucket) => bucket.name).map((bucket) => ({ name: bucket.name })));
-			}
-		}]);
-	} catch (e) {
-		if (e instanceof Error) p.log.error(e.message);
-		throw e;
+	let apiToken = getEnvValue(existingEnv, "HOT_UPDATER_CLOUDFLARE_API_TOKEN");
+	if (apiToken) p.log.info("Using existing Cloudflare API token.");
+	else {
+		p.log.step(`D1 API Token dashboard: ${link(`https://dash.cloudflare.com/${accountId}/api-tokens`)}`);
+		p.log.step("Required permission: D1 Edit");
+		p.log.step("Used for bundle metadata writes after init.");
+		const inputApiToken = await p.password({ message: "Enter the D1 API Token" });
+		if (p.isCancel(inputApiToken)) process.exit(1);
+		apiToken = inputApiToken;
+		if (!apiToken) p.log.warn("Skipping API Token. You can set it later in .env HOT_UPDATER_CLOUDFLARE_API_TOKEN file.");
+	}
+	const existingBucketName = getEnvValue(existingEnv, "HOT_UPDATER_CLOUDFLARE_R2_BUCKET_NAME");
+	let selectedBucketName;
+	if (existingBucketName) {
+		selectedBucketName = existingBucketName;
+		p.log.info("Using existing Cloudflare R2 bucket name.");
+	} else {
+		const availableBuckets = [];
+		try {
+			await p.tasks([{
+				title: "Checking R2 Buckets...",
+				task: async () => {
+					const buckets = (await cf.r2.buckets.list({ account_id: accountId })).buckets ?? [];
+					availableBuckets.push(...buckets.filter((bucket) => bucket.name).map((bucket) => ({ name: bucket.name })));
+				}
+			}]);
+		} catch (e) {
+			if (e instanceof Error) p.log.error(e.message);
+			throw e;
+		}
+		if (availableBuckets.length === 1) {
+			selectedBucketName = availableBuckets[0].name;
+			p.log.info("Using the only Cloudflare R2 bucket.");
+		} else {
+			const selectedR2BucketName = await p.select({
+				message: "R2 List",
+				options: [...availableBuckets.map((bucket) => ({
+					value: bucket.name,
+					label: bucket.name
+				})), {
+					value: createKey,
+					label: "Create New R2 Bucket"
+				}]
+			});
+			if (p.isCancel(selectedR2BucketName)) process.exit(1);
+			selectedBucketName = selectedR2BucketName;
+		}
+		if (selectedBucketName === createKey) {
+			const name = await p.text({ message: "Enter the name of the new R2 Bucket" });
+			if (p.isCancel(name)) process.exit(1);
+			const newR2 = await cf.r2.buckets.create({
+				account_id: accountId,
+				name
+			});
+			if (!newR2.name) throw new Error("Failed to create new R2 Bucket");
+			selectedBucketName = newR2.name;
+		}
 	}
-	let selectedBucketName = await p.select({
-		message: "R2 List",
-		options: [...availableBuckets.map((bucket) => ({
-			value: bucket.name,
-			label: bucket.name
-		})), {
-			value: createKey,
-			label: "Create New R2 Bucket"
-		}]
-	});
-	if (p.isCancel(selectedBucketName)) process.exit(1);
-	if (selectedBucketName === createKey) {
-		const name = await p.text({ message: "Enter the name of the new R2 Bucket" });
-		if (p.isCancel(name)) process.exit(1);
-		const newR2 = await cf.r2.buckets.create({
-			account_id: accountId,
-			name
+	p.log.info(`Selected R2: ${selectedBucketName}`);
+	const existingR2AccessKeyId = getEnvValue(existingEnv, "HOT_UPDATER_CLOUDFLARE_R2_ACCESS_KEY_ID");
+	const existingR2SecretAccessKey = getEnvValue(existingEnv, "HOT_UPDATER_CLOUDFLARE_R2_SECRET_ACCESS_KEY");
+	let r2AccessKeyId = existingR2AccessKeyId;
+	let r2SecretAccessKey = existingR2SecretAccessKey;
+	if (r2AccessKeyId && r2SecretAccessKey) p.log.info("Using existing Cloudflare R2 API credentials.");
+	else if (r2AccessKeyId || r2SecretAccessKey) {
+		p.log.warn("Existing Cloudflare R2 API credentials are incomplete.");
+		const credentials = await inputR2ApiCredentials({
+			accountId,
+			bucketName: selectedBucketName,
+			accessKeyId: r2AccessKeyId,
+			secretAccessKey: r2SecretAccessKey
+		});
+		r2AccessKeyId = credentials.accessKeyId;
+		r2SecretAccessKey = credentials.secretAccessKey;
+	} else {
+		const credentials = await inputR2ApiCredentials({
+			accountId,
+			bucketName: selectedBucketName
 		});
-		if (!newR2.name) throw new Error("Failed to create new R2 Bucket");
-		selectedBucketName = newR2.name;
+		r2AccessKeyId = credentials.accessKeyId;
+		r2SecretAccessKey = credentials.secretAccessKey;
 	}
-	p.log.info(`Selected R2: ${selectedBucketName}`);
-	if ((await cf.r2.buckets.domains.managed.list(selectedBucketName, { account_id: accountId })).enabled) {
+	if ((existingBucketName ? { enabled: false } : await cf.r2.buckets.domains.managed.list(selectedBucketName, { account_id: accountId })).enabled) {
 		if (await p.confirm({ message: "Make R2 bucket private?" })) try {
 			await p.tasks([{
 				title: "Making R2 bucket private...",
@@ -11023,17 +11122,27 @@ const runInit = async ({ build }) => {
 		if (e instanceof Error) p.log.error(e.message);
 		throw e;
 	}
-	let selectedD1DatabaseId = await p.select({
-		message: "D1 List",
-		options: [...availableD1List.map((d1) => ({
-			value: d1.uuid,
-			label: `${d1.name} (${d1.uuid})`
-		})), {
-			value: createKey,
-			label: "Create New D1 Database"
-		}]
-	});
-	if (p.isCancel(selectedD1DatabaseId)) process.exit(1);
+	const existingD1DatabaseId = getEnvValue(existingEnv, "HOT_UPDATER_CLOUDFLARE_D1_DATABASE_ID");
+	const hasExistingD1Database = availableD1List.some((d1) => d1.uuid === existingD1DatabaseId);
+	let selectedD1DatabaseId;
+	if (existingD1DatabaseId && hasExistingD1Database) {
+		selectedD1DatabaseId = existingD1DatabaseId;
+		p.log.info("Using existing Cloudflare D1 database ID.");
+	} else {
+		if (existingD1DatabaseId) p.log.warn("Existing Cloudflare D1 database ID was not found. Select a database again.");
+		const selectedD1 = await p.select({
+			message: "D1 List",
+			options: [...availableD1List.map((d1) => ({
+				value: d1.uuid,
+				label: `${d1.name} (${d1.uuid})`
+			})), {
+				value: createKey,
+				label: "Create New D1 Database"
+			}]
+		});
+		if (p.isCancel(selectedD1)) process.exit(1);
+		selectedD1DatabaseId = selectedD1;
+	}
 	if (selectedD1DatabaseId === createKey) {
 		const name = await p.text({ message: "Enter the name of the new D1 Database" });
 		if (p.isCancel(name)) process.exit(1);
@@ -11052,17 +11161,22 @@ const runInit = async ({ build }) => {
 	const d1DatabaseName = availableD1List.find((d1) => d1.uuid === selectedD1DatabaseId)?.name;
 	if (!d1DatabaseName) throw new Error("Failed to get D1 Database name");
 	const subdomains = await cf.workers.subdomains.get({ account_id: accountId });
+	const existingWorkerName = getEnvValue(existingEnv, "HOT_UPDATER_CLOUDFLARE_WORKER_NAME");
 	const workerName = await deployWorker(auth.oauth_token, accountId, {
 		d1DatabaseId: selectedD1DatabaseId,
 		d1DatabaseName,
-		r2BucketName: selectedBucketName
+		r2BucketName: selectedBucketName,
+		workerName: existingWorkerName
 	});
 	const configWriteResult = await writeHotUpdaterConfig(getConfigScaffold(build));
 	await makeEnv({
 		HOT_UPDATER_CLOUDFLARE_API_TOKEN: apiToken,
 		HOT_UPDATER_CLOUDFLARE_ACCOUNT_ID: accountId,
 		HOT_UPDATER_CLOUDFLARE_R2_BUCKET_NAME: selectedBucketName,
-		HOT_UPDATER_CLOUDFLARE_D1_DATABASE_ID: selectedD1DatabaseId
+		HOT_UPDATER_CLOUDFLARE_R2_ACCESS_KEY_ID: r2AccessKeyId,
+		HOT_UPDATER_CLOUDFLARE_R2_SECRET_ACCESS_KEY: r2SecretAccessKey,
+		HOT_UPDATER_CLOUDFLARE_D1_DATABASE_ID: selectedD1DatabaseId,
+		HOT_UPDATER_CLOUDFLARE_WORKER_NAME: workerName
 	});
 	p.log.success("Generated '.env.hotupdater' file with Cloudflare settings.");
 	if (configWriteResult.status === "created") p.log.success("Generated 'hot-updater.config.ts' file with Cloudflare settings.");

package/dist/index.cjs

@@ -6,7 +6,7 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __commonJSMin = (cb, mod) => () => (mod || (cb((mod = { exports: {} }).exports, mod), cb = null), mod.exports);
+var __commonJSMin = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
 var __copyProps = (to, from, except, desc) => {
 	if (from && typeof from === "object" || typeof from === "function") for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
 		key = keys[i];
@@ -25,21 +25,25 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
 let _hot_updater_core = require("@hot-updater/core");
 let _hot_updater_plugin_core = require("@hot-updater/plugin-core");
 let cloudflare = require("cloudflare");
-cloudflare = __toESM(cloudflare, 1);
+cloudflare = __toESM(cloudflare);
 let node_fs_promises = require("node:fs/promises");
-node_fs_promises = __toESM(node_fs_promises, 1);
+node_fs_promises = __toESM(node_fs_promises);
 let node_path = require("node:path");
-node_path = __toESM(node_path, 1);
+node_path = __toESM(node_path);
+let _aws_sdk_client_s3 = require("@aws-sdk/client-s3");
+let _aws_sdk_lib_storage = require("@aws-sdk/lib-storage");
+let _aws_sdk_s3_request_presigner = require("@aws-sdk/s3-request-presigner");
+let node_os = require("node:os");
+node_os = __toESM(node_os);
 let node_url = require("node:url");
 let node_child_process = require("node:child_process");
 let node_string_decoder = require("node:string_decoder");
 let node_util = require("node:util");
 let node_process = require("node:process");
-node_process = __toESM(node_process, 1);
+node_process = __toESM(node_process);
 let node_tty = require("node:tty");
-node_tty = __toESM(node_tty, 1);
+node_tty = __toESM(node_tty);
 let node_timers_promises = require("node:timers/promises");
-let node_os = require("node:os");
 let node_events = require("node:events");
 let node_v8 = require("node:v8");
 let node_fs = require("node:fs");
@@ -669,6 +673,112 @@ const d1Database = (0, _hot_updater_plugin_core.createDatabasePlugin)({
 	}
 });
 //#endregion
+//#region src/r2S3Storage.ts
+const ensureExpectedR2Bucket$1 = (bucket, bucketName) => {
+	if (bucket !== bucketName) throw new Error(`Bucket name mismatch: expected "${bucketName}", but found "${bucket}".`);
+};
+const isS3ObjectNotFoundError = (error) => {
+	if (error instanceof Error) return error.name === "NotFound" || error.name === "NoSuchKey";
+	if (typeof error === "object" && error !== null && "$metadata" in error) return error.$metadata?.httpStatusCode === 404;
+	return false;
+};
+const createS3Client = (config) => {
+	const { accountId, basePath: _basePath, bucketName: _bucketName, endpoint, forcePathStyle, region, ...s3Config } = config;
+	return new _aws_sdk_client_s3.S3Client({
+		...s3Config,
+		endpoint: endpoint ?? `https://${accountId}.r2.cloudflarestorage.com`,
+		forcePathStyle: forcePathStyle ?? true,
+		region: region ?? "auto"
+	});
+};
+const createS3StorageProfile = (config) => {
+	const { bucketName } = config;
+	const client = createS3Client(config);
+	const getStorageKey = (0, _hot_updater_plugin_core.createStorageKeyBuilder)(config.basePath);
+	return {
+		async delete(storageUri) {
+			const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			await client.send(new _aws_sdk_client_s3.DeleteObjectCommand({
+				Bucket: bucketName,
+				Key: key
+			}));
+		},
+		async upload(key, filePath) {
+			const Body = await node_fs_promises.default.readFile(filePath);
+			const ContentType = (0, _hot_updater_plugin_core.getContentType)(filePath);
+			const Key = getStorageKey(key, node_path.default.basename(filePath));
+			await new _aws_sdk_lib_storage.Upload({
+				client,
+				params: {
+					Body,
+					Bucket: bucketName,
+					CacheControl: "max-age=31536000",
+					ContentType,
+					Key
+				}
+			}).done();
+			return { storageUri: `r2://${bucketName}/${Key}` };
+		},
+		async exists(storageUri) {
+			const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			try {
+				await client.send(new _aws_sdk_client_s3.HeadObjectCommand({
+					Bucket: bucketName,
+					Key: key
+				}));
+				return true;
+			} catch (error) {
+				if (isS3ObjectNotFoundError(error)) return false;
+				throw error;
+			}
+		},
+		async downloadFile(storageUri, filePath) {
+			const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			const response = await client.send(new _aws_sdk_client_s3.GetObjectCommand({
+				Bucket: bucketName,
+				Key: key
+			}));
+			if (!response.Body) throw new Error("R2 object body is empty");
+			await node_fs_promises.default.mkdir(node_path.default.dirname(filePath), { recursive: true });
+			await node_fs_promises.default.writeFile(filePath, await response.Body.transformToByteArray());
+		}
+	};
+};
+const createS3RuntimeStorageProfile = (config) => {
+	const { bucketName } = config;
+	const client = createS3Client(config);
+	return {
+		async readText(storageUri) {
+			const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			try {
+				const response = await client.send(new _aws_sdk_client_s3.GetObjectCommand({
+					Bucket: bucketName,
+					Key: key
+				}));
+				if (!response.Body) return null;
+				return response.Body.transformToString();
+			} catch (error) {
+				if (isS3ObjectNotFoundError(error)) return null;
+				throw error;
+			}
+		},
+		async getDownloadUrl(storageUri) {
+			const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			const signedUrl = await (0, _aws_sdk_s3_request_presigner.getSignedUrl)(client, new _aws_sdk_client_s3.GetObjectCommand({
+				Bucket: bucketName,
+				Key: key
+			}), { expiresIn: 3600 });
+			if (!signedUrl) throw new Error("Failed to presign R2 URL");
+			return { fileUrl: signedUrl };
+		}
+	};
+};
+//#endregion
 //#region ../../node_modules/.pnpm/is-plain-obj@4.1.0/node_modules/is-plain-obj/index.js
 function isPlainObject(value) {
 	if (typeof value !== "object" || value === null) return false;
@@ -6842,55 +6952,108 @@ const createWrangler = ({ stdio, accountId, cloudflareApiToken, cwd }) => {
 	return (...command) => $("npx", ["wrangler", ...command]);
 };
 //#endregion
+//#region src/r2WranglerStorage.ts
+const ensureExpectedR2Bucket = (bucket, bucketName) => {
+	if (bucket !== bucketName) throw new Error(`Bucket name mismatch: expected "${bucketName}", but found "${bucket}".`);
+};
+const isR2ObjectNotFoundError = (error) => {
+	const output = [
+		error.stderr,
+		error.stdout,
+		error.shortMessage,
+		error.message
+	].filter(Boolean).join("\n").toLowerCase();
+	return output.includes("not found") || output.includes("no such object") || output.includes("does not exist");
+};
+const createWranglerStorageProfile = (config) => {
+	const { bucketName, cloudflareApiToken, accountId } = config;
+	const wrangler = createWrangler({
+		accountId,
+		cloudflareApiToken,
+		cwd: process.cwd()
+	});
+	const getStorageKey = (0, _hot_updater_plugin_core.createStorageKeyBuilder)(config.basePath);
+	return {
+		async delete(storageUri) {
+			const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
+			ensureExpectedR2Bucket(bucket, bucketName);
+			try {
+				await wrangler("r2", "object", "delete", [bucketName, key].join("/"), "--remote");
+			} catch {
+				throw new Error("Can not delete bundle");
+			}
+		},
+		async upload(key, filePath) {
+			const contentType = (0, _hot_updater_plugin_core.getContentType)(filePath);
+			const Key = getStorageKey(key, node_path.default.basename(filePath));
+			try {
+				const { stderr, exitCode } = await wrangler("r2", "object", "put", [bucketName, Key].join("/"), "--file", filePath, "--content-type", contentType, "--remote");
+				if (exitCode !== 0 && stderr) throw new Error(stderr);
+			} catch (error) {
+				if (error instanceof ExecaError) throw new Error(error.stderr || error.stdout);
+				throw error;
+			}
+			return { storageUri: `r2://${bucketName}/${Key}` };
+		},
+		async exists(storageUri) {
+			const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
+			ensureExpectedR2Bucket(bucket, bucketName);
+			const tempDir = await node_fs_promises.default.mkdtemp(node_path.default.join(node_os.default.tmpdir(), "hot-updater-r2-exists-"));
+			const tempFilePath = node_path.default.join(tempDir, "object");
+			try {
+				await wrangler("r2", "object", "get", [bucketName, key].join("/"), "--file", tempFilePath, "--remote");
+				return true;
+			} catch (error) {
+				if (error instanceof ExecaError && isR2ObjectNotFoundError(error)) return false;
+				throw error;
+			} finally {
+				await node_fs_promises.default.rm(tempDir, {
+					force: true,
+					recursive: true
+				});
+			}
+		},
+		async downloadFile(storageUri, filePath) {
+			const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
+			ensureExpectedR2Bucket(bucket, bucketName);
+			try {
+				await node_fs_promises.default.mkdir(node_path.default.dirname(filePath), { recursive: true });
+				const { stderr, exitCode } = await wrangler("r2", "object", "get", [bucketName, key].join("/"), "--file", filePath, "--remote");
+				if (exitCode !== 0 && stderr) throw new Error(stderr);
+			} catch (error) {
+				if (error instanceof ExecaError) throw new Error(error.stderr || error.stdout);
+				throw error;
+			}
+		}
+	};
+};
+const createWranglerRuntimeStorageProfile = () => {
+	const error = /* @__PURE__ */ new Error("r2Storage runtime profile requires R2 S3 credentials. Wrangler-based R2 access is only supported by the node profile.");
+	return {
+		async readText() {
+			throw error;
+		},
+		async getDownloadUrl() {
+			throw error;
+		}
+	};
+};
+//#endregion
 //#region src/r2Storage.ts
-/**
-* Cloudflare R2 storage plugin for Hot Updater.
-*/
-const r2Storage = (0, _hot_updater_plugin_core.createNodeStoragePlugin)({
+const hasS3Credentials = (config) => {
+	return Boolean(config.credentials);
+};
+const r2Storage = (0, _hot_updater_plugin_core.createUniversalStoragePlugin)({
 	name: "r2Storage",
 	supportedProtocol: "r2",
 	factory: (config) => {
-		const { bucketName, cloudflareApiToken, accountId } = config;
-		const wrangler = createWrangler({
-			accountId,
-			cloudflareApiToken,
-			cwd: process.cwd()
-		});
-		const getStorageKey = (0, _hot_updater_plugin_core.createStorageKeyBuilder)(config.basePath);
+		if (hasS3Credentials(config)) return {
+			node: createS3StorageProfile(config),
+			runtime: createS3RuntimeStorageProfile(config)
+		};
 		return {
-			async delete(storageUri) {
-				const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
-				if (bucket !== bucketName) throw new Error(`Bucket name mismatch: expected "${bucketName}", but found "${bucket}".`);
-				try {
-					await wrangler("r2", "object", "delete", [bucketName, key].join("/"), "--remote");
-				} catch {
-					throw new Error("Can not delete bundle");
-				}
-			},
-			async upload(key, filePath) {
-				const contentType = (0, _hot_updater_plugin_core.getContentType)(filePath);
-				const Key = getStorageKey(key, node_path.default.basename(filePath));
-				try {
-					const { stderr, exitCode } = await wrangler("r2", "object", "put", [bucketName, Key].join("/"), "--file", filePath, "--content-type", contentType, "--remote");
-					if (exitCode !== 0 && stderr) throw new Error(stderr);
-				} catch (error) {
-					if (error instanceof ExecaError) throw new Error(error.stderr || error.stdout);
-					throw error;
-				}
-				return { storageUri: `r2://${bucketName}/${Key}` };
-			},
-			async downloadFile(storageUri, filePath) {
-				const { bucket, key } = (0, _hot_updater_plugin_core.parseStorageUri)(storageUri, "r2");
-				if (bucket !== bucketName) throw new Error(`Bucket name mismatch: expected "${bucketName}", but found "${bucket}".`);
-				try {
-					await node_fs_promises.default.mkdir(node_path.default.dirname(filePath), { recursive: true });
-					const { stderr, exitCode } = await wrangler("r2", "object", "get", [bucketName, key].join("/"), "--file", filePath, "--remote");
-					if (exitCode !== 0 && stderr) throw new Error(stderr);
-				} catch (error) {
-					if (error instanceof ExecaError) throw new Error(error.stderr || error.stdout);
-					throw error;
-				}
-			}
+			node: createWranglerStorageProfile(config),
+			runtime: createWranglerRuntimeStorageProfile()
 		};
 	}
 });