@intentic/cli 1.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +80 -0
- package/dist/access.d.ts +16 -0
- package/dist/access.d.ts.map +1 -0
- package/dist/access.js +81 -0
- package/dist/access.js.map +1 -0
- package/dist/adopt-pipelines.d.ts +33 -0
- package/dist/adopt-pipelines.d.ts.map +1 -0
- package/dist/adopt-pipelines.js +97 -0
- package/dist/adopt-pipelines.js.map +1 -0
- package/dist/adopt.d.ts +23 -0
- package/dist/adopt.d.ts.map +1 -0
- package/dist/adopt.js +34 -0
- package/dist/adopt.js.map +1 -0
- package/dist/app.d.ts +3 -0
- package/dist/app.d.ts.map +1 -0
- package/dist/app.js +341 -0
- package/dist/app.js.map +1 -0
- package/dist/artifact.d.ts +18 -0
- package/dist/artifact.d.ts.map +1 -0
- package/dist/artifact.js +32 -0
- package/dist/artifact.js.map +1 -0
- package/dist/cli.d.ts +3 -0
- package/dist/cli.d.ts.map +1 -0
- package/dist/cli.js +5 -0
- package/dist/cli.js.map +1 -0
- package/dist/control-plane-sync.d.ts +24 -0
- package/dist/control-plane-sync.d.ts.map +1 -0
- package/dist/control-plane-sync.js +61 -0
- package/dist/control-plane-sync.js.map +1 -0
- package/dist/demo.d.ts +2 -0
- package/dist/demo.d.ts.map +1 -0
- package/dist/demo.js +309 -0
- package/dist/demo.js.map +1 -0
- package/dist/generated-secrets.d.ts +5 -0
- package/dist/generated-secrets.d.ts.map +1 -0
- package/dist/generated-secrets.js +31 -0
- package/dist/generated-secrets.js.map +1 -0
- package/dist/index.d.ts +4 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +4 -0
- package/dist/index.js.map +1 -0
- package/dist/init.d.ts +5 -0
- package/dist/init.d.ts.map +1 -0
- package/dist/init.js +63 -0
- package/dist/init.js.map +1 -0
- package/dist/known-hosts.d.ts +3 -0
- package/dist/known-hosts.d.ts.map +1 -0
- package/dist/known-hosts.js +18 -0
- package/dist/known-hosts.js.map +1 -0
- package/dist/output.d.ts +16 -0
- package/dist/output.d.ts.map +1 -0
- package/dist/output.js +50 -0
- package/dist/output.js.map +1 -0
- package/dist/resolve.d.ts +4 -0
- package/dist/resolve.d.ts.map +1 -0
- package/dist/resolve.js +30 -0
- package/dist/resolve.js.map +1 -0
- package/dist/secrets.d.ts +11 -0
- package/dist/secrets.d.ts.map +1 -0
- package/dist/secrets.js +53 -0
- package/dist/secrets.js.map +1 -0
- package/package.json +61 -0
package/LICENSE
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 Artur Kurowski
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
package/README.md
ADDED
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
# @intentic/cli
|
|
2
|
+
|
|
3
|
+
The **runnable product** — the `intentic` CLI (`bin: intentic`). It turns a local intent file into a
|
|
4
|
+
desired-state artifact and executes it, with no remote control plane required. Depends on
|
|
5
|
+
`@intentic/engine`, `@intentic/providers`, `@intentic/need-resolver`, `@intentic/state-resolver`, `@intentic/graph`.
|
|
6
|
+
|
|
7
|
+
## Local control plane
|
|
8
|
+
|
|
9
|
+
The "control plane" is two local git repos: an **intent** repo holding `deploy.config.ts`, and a
|
|
10
|
+
**desired-state** repo holding the generated artifact (`desired-state.json`) and the
|
|
11
|
+
execution record (`status.json`). `intentic init` scaffolds both.
|
|
12
|
+
|
|
13
|
+
## Commands
|
|
14
|
+
|
|
15
|
+
Built on [stricli](https://github.com/bloomberg/stricli) with generated `--help` / `--version`.
|
|
16
|
+
|
|
17
|
+
- `intentic init [--dir .]` — scaffold the `intent` and `desired-state` git repos (intent seeded
|
|
18
|
+
with a starter `deploy.config.ts`).
|
|
19
|
+
- `intentic resolve [--config deploy.config.ts] [--out desired-state.json]` —
|
|
20
|
+
load the intent, resolve it to a `DesiredStateGraph`, and write it, along with `.env.example` (the
|
|
21
|
+
user-supplied secrets) and `.secrets.json` (the intentic-generated ones). No infra access.
|
|
22
|
+
- `intentic plan [--artifact desired-state.json]` — read-only preview of what `apply` would
|
|
23
|
+
create/update.
|
|
24
|
+
- `intentic apply [--artifact desired-state.json] [--max-iterations 5]` — reconcile the artifact
|
|
25
|
+
until state reads true, writing `status.json` beside it. Reads user-supplied secrets from `.env`
|
|
26
|
+
beside the artifact (or the environment) and generates the platform admin secrets it owns (see
|
|
27
|
+
below). On success it prints an **Access** summary and writes `access.md` beside the artifact: the
|
|
28
|
+
URL, the `intentic` username, and the password (the generated value on stdout; a pointer to
|
|
29
|
+
`.secrets.json` in the committed `access.md`) for Forgejo and Komodo, plus each app-environment URL.
|
|
30
|
+
|
|
31
|
+
## Secrets
|
|
32
|
+
|
|
33
|
+
Secrets split by who provides them:
|
|
34
|
+
|
|
35
|
+
- **User-supplied** (`source: env`) — credentials to systems intentic does **not** create:
|
|
36
|
+
`HOST_SSH_KEY`, `CLOUDFLARE_API_TOKEN`, and each environment's `*_DATABASE_URL`. You set these in
|
|
37
|
+
`.env` beside the artifact (or the ambient environment). The required set is more than what your
|
|
38
|
+
`deploy.config.ts` names, so `resolve` derives it from the graph and writes `desired-state/.env.example`.
|
|
39
|
+
- **intentic-generated** (`source: generated`) — admin credentials for the services intentic itself
|
|
40
|
+
provisions: `FORGEJO_ADMIN_PASSWORD`, `KOMODO_ADMIN_PASSWORD`, `KOMODO_WEBHOOK_SECRET`. `resolve`
|
|
41
|
+
generates each one (shell-safe hex) the first time and persists it to gitignored
|
|
42
|
+
`desired-state/.secrets.json`, reusing it forever after (`plan`/`apply` reuse it too; Forgejo/Komodo
|
|
43
|
+
bake the password in on first init and won't re-key, so it must be stable). intentic **owns** this
|
|
44
|
+
file — it's authoritative, so put platform keys here, not in `.env`; to pin your own value, edit
|
|
45
|
+
`.secrets.json`. The Forgejo/Komodo password is what you log in with, as user `intentic`.
|
|
46
|
+
|
|
47
|
+
Both `.env` and `.secrets.json` are gitignored, so no secret lands in the PR-managed repo.
|
|
48
|
+
|
|
49
|
+
## Workflow
|
|
50
|
+
|
|
51
|
+
```sh
|
|
52
|
+
intentic init
|
|
53
|
+
cd intent && intentic resolve --out ../desired-state/desired-state.json
|
|
54
|
+
cp ../desired-state/.env.example ../desired-state/.env # fill in the user-supplied values resolve listed
|
|
55
|
+
cd .. && intentic apply # generates the platform secrets, prints the logins
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
> A `deploy.config.ts` imports `@intentic/sdk` + `@intentic/graph`, so the project it lives in must have
|
|
59
|
+
> them installed. `apply` reconciles the per-host platform (Forgejo/Komodo/runner, Cloudflare tunnel + DNS)
|
|
60
|
+
> as ordinary nodes in the artifact — a future "PR-managed" phase (a remote Forgejo watching the intent
|
|
61
|
+
> repo) would layer on top of this same flow.
|
|
62
|
+
|
|
63
|
+
## Key files
|
|
64
|
+
|
|
65
|
+
- [src/cli.ts](src/cli.ts) / [src/app.ts](src/app.ts) — the stricli app and command wiring.
|
|
66
|
+
- [src/init.ts](src/init.ts) / [src/resolve.ts](src/resolve.ts) / [src/apply.ts](src/apply.ts) — the `init`/`resolve`/`apply` commands (plan lives alongside resolve/apply).
|
|
67
|
+
- [src/artifact.ts](src/artifact.ts) — `readArtifact`/`writeArtifact`/`writeStatus` (the desired-state files).
|
|
68
|
+
- [src/secrets.ts](src/secrets.ts) / [src/generated-secrets.ts](src/generated-secrets.ts) — the user-supplied vs intentic-generated secret split.
|
|
69
|
+
- [src/output.ts](src/output.ts) — honors `INTENTIC_OUTPUT` (`text`/`json`/`ndjson`); maps `EngineEvent`s to the chosen format.
|
|
70
|
+
- [src/adopt.ts](src/adopt.ts) / [src/adopt-pipelines.ts](src/adopt-pipelines.ts) — push the intent/desired-state repos into Forgejo + wire Actions.
|
|
71
|
+
- [src/access.ts](src/access.ts) — the post-apply Access summary + `access.md`; [src/known-hosts.ts](src/known-hosts.ts) — TOFU host-key pinning.
|
|
72
|
+
|
|
73
|
+
## Conventions
|
|
74
|
+
|
|
75
|
+
- Runs the engine as the **only** place providers are constructed (via `createProviders`); it owns reading `.env` and generating `.secrets.json`.
|
|
76
|
+
- Subprocess-friendly: a backend can drive it and parse `INTENTIC_OUTPUT=ndjson`/`json` instead of scraping prose (the platform's `provision.ts` does exactly this).
|
|
77
|
+
- Co-located unit tests + a gated [src/cli.e2e.test.ts](src/cli.e2e.test.ts) (real infra, opt-in).
|
|
78
|
+
|
|
79
|
+
**Key exports:** `loadIntent`; `readArtifact` / `writeArtifact` / `writeStatus`; `scaffold`; the
|
|
80
|
+
`CONFIG_FILE` / `ARTIFACT_FILE` / `STATUS_FILE` constants. See [ARCHITECTURE.md](../../ARCHITECTURE.md).
|
package/dist/access.d.ts
ADDED
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import type { DesiredStateGraph, SecretSource } from "@intentic/graph";
|
|
2
|
+
export interface AccessEntry {
|
|
3
|
+
readonly id: string;
|
|
4
|
+
readonly label: string;
|
|
5
|
+
readonly url: string;
|
|
6
|
+
readonly username?: string;
|
|
7
|
+
readonly password?: {
|
|
8
|
+
readonly source: SecretSource;
|
|
9
|
+
readonly key: string;
|
|
10
|
+
readonly value?: string;
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
export declare const collectAccess: (graph: DesiredStateGraph, outputs: Readonly<Record<string, Readonly<Record<string, unknown>>>>, env: Readonly<Record<string, string | undefined>>) => AccessEntry[];
|
|
14
|
+
export declare const formatAccessSummary: (entries: readonly AccessEntry[]) => string;
|
|
15
|
+
export declare const writeAccessFile: (path: string, entries: readonly AccessEntry[]) => Promise<void>;
|
|
16
|
+
//# sourceMappingURL=access.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access.d.ts","sourceRoot":"","sources":["../src/access.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAWvE,MAAM,WAAW,WAAW;IACxB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAG3B,QAAQ,CAAC,QAAQ,CAAC,EAAE;QAAE,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;QAAC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CACxG;AAKD,eAAO,MAAM,aAAa,GACtB,OAAO,iBAAiB,EACxB,SAAS,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,EACpE,KAAK,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC,KAClD,WAAW,EAuBb,CAAC;AAeF,eAAO,MAAM,mBAAmB,GAAI,SAAS,SAAS,WAAW,EAAE,KAAG,MASrE,CAAC;AAWF,eAAO,MAAM,eAAe,GAAU,MAAM,MAAM,EAAE,SAAS,SAAS,WAAW,EAAE,KAAG,OAAO,CAAC,IAAI,CAqBjG,CAAC"}
|
package/dist/access.js
ADDED
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
import { writeFile } from "node:fs/promises";
|
|
2
|
+
import { secretRef } from "./secrets.js";
|
|
3
|
+
const SERVICE_LABELS = {
|
|
4
|
+
forgejo: "Forgejo (git)",
|
|
5
|
+
komodo: "Komodo (deploys)",
|
|
6
|
+
signoz: "SignOz (observability)",
|
|
7
|
+
};
|
|
8
|
+
export const collectAccess = (graph, outputs, env) => {
|
|
9
|
+
const entries = [];
|
|
10
|
+
for (const node of Object.values(graph.resources)) {
|
|
11
|
+
if (node.type !== "deployment" && SERVICE_LABELS[node.type] === undefined) {
|
|
12
|
+
continue;
|
|
13
|
+
}
|
|
14
|
+
const url = outputs[node.id]?.["url"];
|
|
15
|
+
if (typeof url !== "string") {
|
|
16
|
+
continue;
|
|
17
|
+
}
|
|
18
|
+
const username = node.inputs["adminUser"];
|
|
19
|
+
const ref = secretRef(node.inputs["adminPassword"]);
|
|
20
|
+
const value = ref?.source === "generated" ? env[ref.key] : undefined;
|
|
21
|
+
const password = ref === undefined ? undefined : { source: ref.source, key: ref.key, ...(value !== undefined ? { value } : {}) };
|
|
22
|
+
entries.push({
|
|
23
|
+
id: node.id,
|
|
24
|
+
label: SERVICE_LABELS[node.type] ?? node.id,
|
|
25
|
+
url,
|
|
26
|
+
...(typeof username === "string" ? { username } : {}),
|
|
27
|
+
...(password !== undefined ? { password } : {}),
|
|
28
|
+
});
|
|
29
|
+
}
|
|
30
|
+
return entries;
|
|
31
|
+
};
|
|
32
|
+
const summaryPassword = (password) => {
|
|
33
|
+
if (password === undefined) {
|
|
34
|
+
return "";
|
|
35
|
+
}
|
|
36
|
+
if (password.source === "generated") {
|
|
37
|
+
return password.value !== undefined
|
|
38
|
+
? ` password: ${password.value} (saved in .secrets.json)`
|
|
39
|
+
: " password: (generated — see .secrets.json)";
|
|
40
|
+
}
|
|
41
|
+
return ` password: $${password.key}`;
|
|
42
|
+
};
|
|
43
|
+
export const formatAccessSummary = (entries) => {
|
|
44
|
+
const lines = ["", "Access:"];
|
|
45
|
+
for (const entry of entries) {
|
|
46
|
+
lines.push(` ${entry.label} ${entry.url}`);
|
|
47
|
+
if (entry.username !== undefined) {
|
|
48
|
+
lines.push(` user: ${entry.username}${summaryPassword(entry.password)}`);
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
return lines.join("\n");
|
|
52
|
+
};
|
|
53
|
+
const markdownPassword = (password) => {
|
|
54
|
+
if (password === undefined) {
|
|
55
|
+
return "";
|
|
56
|
+
}
|
|
57
|
+
return password.source === "generated" ? "generated (see `.secrets.json`)" : `\`$${password.key}\``;
|
|
58
|
+
};
|
|
59
|
+
export const writeAccessFile = async (path, entries) => {
|
|
60
|
+
const services = entries.filter((entry) => entry.username !== undefined);
|
|
61
|
+
const apps = entries.filter((entry) => entry.username === undefined);
|
|
62
|
+
const lines = [
|
|
63
|
+
"# Access",
|
|
64
|
+
"",
|
|
65
|
+
"Generated by `intentic apply`. User-supplied passwords are the values you set in `.env`; generated passwords are stored in `.secrets.json` (gitignored).",
|
|
66
|
+
];
|
|
67
|
+
if (services.length > 0) {
|
|
68
|
+
lines.push("", "| Service | URL | Username | Password |", "| --- | --- | --- | --- |");
|
|
69
|
+
for (const entry of services) {
|
|
70
|
+
lines.push(`| ${entry.label} | ${entry.url} | ${entry.username} | ${markdownPassword(entry.password)} |`);
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
if (apps.length > 0) {
|
|
74
|
+
lines.push("", "## App environments", "", "| Environment | URL |", "| --- | --- |");
|
|
75
|
+
for (const entry of apps) {
|
|
76
|
+
lines.push(`| ${entry.id} | ${entry.url} |`);
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
await writeFile(path, `${lines.join("\n")}\n`);
|
|
80
|
+
};
|
|
81
|
+
//# sourceMappingURL=access.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access.js","sourceRoot":"","sources":["../src/access.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAE7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAIzC,MAAM,cAAc,GAAqC;IACrD,OAAO,EAAE,eAAe;IACxB,MAAM,EAAE,kBAAkB;IAC1B,MAAM,EAAE,wBAAwB;CACnC,CAAC;AAeF,MAAM,CAAC,MAAM,aAAa,GAAG,CACzB,KAAwB,EACxB,OAAoE,EACpE,GAAiD,EACpC,EAAE;IACf,MAAM,OAAO,GAAkB,EAAE,CAAC;IAClC,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC;QAChD,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY,IAAI,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;YACxE,SAAS;QACb,CAAC;QACD,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC1B,SAAS;QACb,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC;QACpD,MAAM,KAAK,GAAG,GAAG,EAAE,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QACrE,MAAM,QAAQ,GAAG,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;QACjI,OAAO,CAAC,IAAI,CAAC;YACT,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,KAAK,EAAE,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,EAAE;YAC3C,GAAG;YACH,GAAG,CAAC,OAAO,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAClD,CAAC,CAAC;IACP,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC,CAAC;AAGF,MAAM,eAAe,GAAG,CAAC,QAAiC,EAAU,EAAE;IAClE,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QACzB,OAAO,EAAE,CAAC;IACd,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,QAAQ,CAAC,KAAK,KAAK,SAAS;YAC/B,CAAC,CAAC,gBAAgB,QAAQ,CAAC,KAAK,4BAA4B;YAC5D,CAAC,CAAC,8CAA8C,CAAC;IACzD,CAAC;IACD,OAAO,iBAAiB,QAAQ,CAAC,GAAG,EAAE,CAAC;AAC3C,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,OAA+B,EAAU,EAAE;IAC3E,MAAM,KAAK,GAAG,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IAC9B,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC1B,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;QAC7C,IAAI,KAAK,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC/B,KAAK,CAAC,IAAI,CAAC,aAAa,KAAK,CAAC,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAChF,CAAC;IACL,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC,CAAC;AAIF,MAAM,gBAAgB,GAAG,CAAC,QAAiC,EAAU,EAAE;IACnE,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QACzB,OAAO,EAAE,CAAC;IACd,CAAC;IACD,OAAO,QAAQ,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,MAAM,QAAQ,CAAC,GAAG,IAAI,CAAC;AACxG,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAAE,IAAY,EAAE,OAA+B,EAAiB,EAAE;IAClG,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IACzE,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IACrE,MAAM,KAAK,GAAG;QACV,UAAU;QACV,EAAE;QACF,0JAA0J;KAC7J,CAAC;IACF,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,yCAAyC,EAAE,2BAA2B,CAAC,CAAC;QACvF,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;YAC3B,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,KAAK,MAAM,KAAK,CAAC,GAAG,MAAM,KAAK,CAAC,QAAQ,MAAM,gBAAgB,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC9G,CAAC;IACL,CAAC;IACD,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClB,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,qBAAqB,EAAE,EAAE,EAAE,uBAAuB,EAAE,eAAe,CAAC,CAAC;QACpF,KAAK,MAAM,KAAK,IAAI,IAAI,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,EAAE,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;QACjD,CAAC;IACL,CAAC;IACD,MAAM,SAAS,CAAC,IAAI,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACnD,CAAC,CAAC"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import type { ForgejoApi } from "@intentic/providers";
|
|
2
|
+
export declare const GIT_USER_SECRET = "INTENTIC_GIT_USER";
|
|
3
|
+
export declare const GIT_TOKEN_SECRET = "INTENTIC_GIT_TOKEN";
|
|
4
|
+
export declare const GIT_USER_ENV = "GIT_USER";
|
|
5
|
+
export declare const GIT_TOKEN_ENV = "GIT_TOKEN";
|
|
6
|
+
export declare const INTENT_WORKFLOW_PATH = ".forgejo/workflows/resolve.yaml";
|
|
7
|
+
export declare const APPLY_WORKFLOW_PATH = ".forgejo/workflows/apply.yaml";
|
|
8
|
+
export declare const forgejoSecretName: (key: string) => string;
|
|
9
|
+
export interface PipelineInputs {
|
|
10
|
+
readonly cliVersion: string;
|
|
11
|
+
readonly user: string;
|
|
12
|
+
readonly domain: string;
|
|
13
|
+
readonly configFile: string;
|
|
14
|
+
readonly artifactFile: string;
|
|
15
|
+
readonly intentRepo: string;
|
|
16
|
+
readonly desiredStateRepo: string;
|
|
17
|
+
readonly applySecretKeys: readonly string[];
|
|
18
|
+
readonly forgejoPasswordKey: string;
|
|
19
|
+
}
|
|
20
|
+
export declare const intentWorkflowYaml: (inputs: PipelineInputs) => string;
|
|
21
|
+
export declare const applyWorkflowYaml: (inputs: PipelineInputs) => string;
|
|
22
|
+
export declare const writeWorkflow: (repoDir: string, workflowPath: string, content: string) => Promise<void>;
|
|
23
|
+
export declare const writeControlPlaneWorkflows: (intentDir: string, targetDir: string, inputs: PipelineInputs) => Promise<void>;
|
|
24
|
+
export declare const setRepoSecrets: (args: {
|
|
25
|
+
readonly api: ForgejoApi;
|
|
26
|
+
readonly baseUrl: string;
|
|
27
|
+
readonly user: string;
|
|
28
|
+
readonly password: string;
|
|
29
|
+
readonly owner: string;
|
|
30
|
+
readonly name: string;
|
|
31
|
+
readonly secrets: Readonly<Record<string, string>>;
|
|
32
|
+
}) => Promise<void>;
|
|
33
|
+
//# sourceMappingURL=adopt-pipelines.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"adopt-pipelines.d.ts","sourceRoot":"","sources":["../src/adopt-pipelines.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAItD,eAAO,MAAM,eAAe,sBAAsB,CAAC;AACnD,eAAO,MAAM,gBAAgB,uBAAuB,CAAC;AAIrD,eAAO,MAAM,YAAY,aAAa,CAAC;AACvC,eAAO,MAAM,aAAa,cAAc,CAAC;AAWzC,eAAO,MAAM,oBAAoB,oCAAoC,CAAC;AACtE,eAAO,MAAM,mBAAmB,kCAAkC,CAAC;AAOnE,eAAO,MAAM,iBAAiB,GAAI,KAAK,MAAM,KAAG,MAC+C,CAAC;AAEhG,MAAM,WAAW,cAAc;IAE3B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAE5B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAExB,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAE9B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAGlC,QAAQ,CAAC,eAAe,EAAE,SAAS,MAAM,EAAE,CAAC;IAG5C,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;CACvC;AAOD,eAAO,MAAM,kBAAkB,GAAI,QAAQ,cAAc,KAAG,MA6B5C,CAAC;AAKjB,eAAO,MAAM,iBAAiB,GAAI,QAAQ,cAAc,KAAG,MA+B1D,CAAC;AAIF,eAAO,MAAM,aAAa,GAAU,SAAS,MAAM,EAAE,cAAc,MAAM,EAAE,SAAS,MAAM,KAAG,OAAO,CAAC,IAAI,CAIxG,CAAC;AAGF,eAAO,MAAM,0BAA0B,GAAU,WAAW,MAAM,EAAE,WAAW,MAAM,EAAE,QAAQ,cAAc,KAAG,OAAO,CAAC,IAAI,CAG3H,CAAC;AAGF,eAAO,MAAM,cAAc,GAAU,MAAM;IACvC,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC;IACzB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CACtD,KAAG,OAAO,CAAC,IAAI,CAYf,CAAC"}
|
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
import { mkdir, writeFile } from "node:fs/promises";
|
|
2
|
+
import { dirname, join } from "node:path";
|
|
3
|
+
export const GIT_USER_SECRET = "INTENTIC_GIT_USER";
|
|
4
|
+
export const GIT_TOKEN_SECRET = "INTENTIC_GIT_TOKEN";
|
|
5
|
+
export const GIT_USER_ENV = "GIT_USER";
|
|
6
|
+
export const GIT_TOKEN_ENV = "GIT_TOKEN";
|
|
7
|
+
const CLI_PACKAGE = "@intentic/cli";
|
|
8
|
+
const APPLIED_TAG = "intentic-applied";
|
|
9
|
+
export const INTENT_WORKFLOW_PATH = ".forgejo/workflows/resolve.yaml";
|
|
10
|
+
export const APPLY_WORKFLOW_PATH = ".forgejo/workflows/apply.yaml";
|
|
11
|
+
const RESERVED_SECRET_PREFIXES = ["GITHUB_", "GITEA_", "FORGEJO_"];
|
|
12
|
+
export const forgejoSecretName = (key) => RESERVED_SECRET_PREFIXES.some((prefix) => key.startsWith(prefix)) ? `INTENTIC_${key}` : key;
|
|
13
|
+
const cloneUrl = (inputs, repo) => `https://${inputs.domain}/${inputs.user}/${repo}.git`;
|
|
14
|
+
export const intentWorkflowYaml = (inputs) => [
|
|
15
|
+
"# Generated by intentic: resolve deploy.config.ts and push the new artifact into the desired-state repo.",
|
|
16
|
+
"on:",
|
|
17
|
+
" push:",
|
|
18
|
+
' branches: [ "main" ]',
|
|
19
|
+
` paths: [ "${inputs.configFile}", "package.json", "pnpm-lock.yaml" ]`,
|
|
20
|
+
"jobs:",
|
|
21
|
+
" resolve:",
|
|
22
|
+
" runs-on: docker",
|
|
23
|
+
" env:",
|
|
24
|
+
` CLOUDFLARE_API_TOKEN: \${{ secrets.CLOUDFLARE_API_TOKEN }}`,
|
|
25
|
+
` ${GIT_USER_ENV}: \${{ secrets.${GIT_USER_SECRET} }}`,
|
|
26
|
+
` ${GIT_TOKEN_ENV}: \${{ secrets.${GIT_TOKEN_SECRET} }}`,
|
|
27
|
+
" steps:",
|
|
28
|
+
" - uses: https://github.com/actions/checkout@v4",
|
|
29
|
+
" - name: resolve and push desired-state",
|
|
30
|
+
" run: |",
|
|
31
|
+
" corepack enable",
|
|
32
|
+
" pnpm install --ignore-workspace",
|
|
33
|
+
' AUTH="$(printf \'%s:%s\' "$GIT_USER" "$GIT_TOKEN" | base64 -w0)"',
|
|
34
|
+
` git -c http.extraHeader="Authorization: basic $AUTH" clone ${cloneUrl(inputs, inputs.desiredStateRepo)} /tmp/ds`,
|
|
35
|
+
` pnpm dlx ${CLI_PACKAGE}@${inputs.cliVersion} resolve --config ${inputs.configFile} --out /tmp/ds/${inputs.artifactFile} --sync-control-plane`,
|
|
36
|
+
" cd /tmp/ds",
|
|
37
|
+
" git add -A",
|
|
38
|
+
" if git diff --cached --quiet; then echo 'desired-state unchanged'; exit 0; fi",
|
|
39
|
+
` git -c user.name="${inputs.user}" -c user.email="${inputs.user}@${inputs.domain}" commit -m "intentic resolve"`,
|
|
40
|
+
' git -c http.extraHeader="Authorization: basic $AUTH" push origin HEAD:main',
|
|
41
|
+
"",
|
|
42
|
+
].join("\n");
|
|
43
|
+
export const applyWorkflowYaml = (inputs) => {
|
|
44
|
+
const env = inputs.applySecretKeys.map((key) => ` ${key}: \${{ secrets.${forgejoSecretName(key)} }}`);
|
|
45
|
+
return [
|
|
46
|
+
"# Generated by intentic: apply the desired-state artifact, pruning resources it no longer declares.",
|
|
47
|
+
"on:",
|
|
48
|
+
" push:",
|
|
49
|
+
' branches: [ "main" ]',
|
|
50
|
+
` paths: [ "${inputs.artifactFile}" ]`,
|
|
51
|
+
"jobs:",
|
|
52
|
+
" apply:",
|
|
53
|
+
" runs-on: docker",
|
|
54
|
+
" env:",
|
|
55
|
+
...env,
|
|
56
|
+
" steps:",
|
|
57
|
+
" - uses: https://github.com/actions/checkout@v4",
|
|
58
|
+
" with:",
|
|
59
|
+
" fetch-depth: 0",
|
|
60
|
+
" - name: apply and prune",
|
|
61
|
+
" run: |",
|
|
62
|
+
" corepack enable",
|
|
63
|
+
" PREV=''",
|
|
64
|
+
` if git rev-parse -q --verify refs/tags/${APPLIED_TAG} >/dev/null; then \\`,
|
|
65
|
+
` git show ${APPLIED_TAG}:${inputs.artifactFile} > /tmp/previous.json && PREV="--previous /tmp/previous.json"; fi`,
|
|
66
|
+
` pnpm dlx ${CLI_PACKAGE}@${inputs.cliVersion} apply --artifact ${inputs.artifactFile} $PREV`,
|
|
67
|
+
" - name: mark applied",
|
|
68
|
+
" run: |",
|
|
69
|
+
` AUTH="$(printf '%s:%s' '${inputs.user}' "$${inputs.forgejoPasswordKey}" | base64 -w0)"`,
|
|
70
|
+
` git tag -f ${APPLIED_TAG} HEAD`,
|
|
71
|
+
` git -c http.extraHeader="Authorization: basic $AUTH" push -f origin refs/tags/${APPLIED_TAG}`,
|
|
72
|
+
"",
|
|
73
|
+
].join("\n");
|
|
74
|
+
};
|
|
75
|
+
export const writeWorkflow = async (repoDir, workflowPath, content) => {
|
|
76
|
+
const full = join(repoDir, workflowPath);
|
|
77
|
+
await mkdir(dirname(full), { recursive: true });
|
|
78
|
+
await writeFile(full, content);
|
|
79
|
+
};
|
|
80
|
+
export const writeControlPlaneWorkflows = async (intentDir, targetDir, inputs) => {
|
|
81
|
+
await writeWorkflow(intentDir, INTENT_WORKFLOW_PATH, intentWorkflowYaml(inputs));
|
|
82
|
+
await writeWorkflow(targetDir, APPLY_WORKFLOW_PATH, applyWorkflowYaml(inputs));
|
|
83
|
+
};
|
|
84
|
+
export const setRepoSecrets = async (args) => {
|
|
85
|
+
for (const [secretName, data] of Object.entries(args.secrets)) {
|
|
86
|
+
await args.api.setRepoSecret({
|
|
87
|
+
baseUrl: args.baseUrl,
|
|
88
|
+
user: args.user,
|
|
89
|
+
password: args.password,
|
|
90
|
+
owner: args.owner,
|
|
91
|
+
name: args.name,
|
|
92
|
+
secretName: forgejoSecretName(secretName),
|
|
93
|
+
data,
|
|
94
|
+
});
|
|
95
|
+
}
|
|
96
|
+
};
|
|
97
|
+
//# sourceMappingURL=adopt-pipelines.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"adopt-pipelines.js","sourceRoot":"","sources":["../src/adopt-pipelines.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAK1C,MAAM,CAAC,MAAM,eAAe,GAAG,mBAAmB,CAAC;AACnD,MAAM,CAAC,MAAM,gBAAgB,GAAG,oBAAoB,CAAC;AAIrD,MAAM,CAAC,MAAM,YAAY,GAAG,UAAU,CAAC;AACvC,MAAM,CAAC,MAAM,aAAa,GAAG,WAAW,CAAC;AAKzC,MAAM,WAAW,GAAG,eAAe,CAAC;AAIpC,MAAM,WAAW,GAAG,kBAAkB,CAAC;AAEvC,MAAM,CAAC,MAAM,oBAAoB,GAAG,iCAAiC,CAAC;AACtE,MAAM,CAAC,MAAM,mBAAmB,GAAG,+BAA+B,CAAC;AAMnE,MAAM,wBAAwB,GAAG,CAAC,SAAS,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;AACnE,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,GAAW,EAAU,EAAE,CACrD,wBAAwB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;AAuBhG,MAAM,QAAQ,GAAG,CAAC,MAAsB,EAAE,IAAY,EAAU,EAAE,CAAC,WAAW,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,IAAI,IAAI,MAAM,CAAC;AAKzH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,MAAsB,EAAU,EAAE,CACjE;IACI,0GAA0G;IAC1G,KAAK;IACL,SAAS;IACT,0BAA0B;IAC1B,iBAAiB,MAAM,CAAC,UAAU,uCAAuC;IACzE,OAAO;IACP,YAAY;IACZ,qBAAqB;IACrB,UAAU;IACV,kEAAkE;IAClE,SAAS,YAAY,kBAAkB,eAAe,KAAK;IAC3D,SAAS,aAAa,kBAAkB,gBAAgB,KAAK;IAC7D,YAAY;IACZ,sDAAsD;IACtD,8CAA8C;IAC9C,gBAAgB;IAChB,2BAA2B;IAC3B,2CAA2C;IAC3C,4EAA4E;IAC5E,wEAAwE,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC,gBAAgB,CAAC,UAAU;IAC3H,sBAAsB,WAAW,IAAI,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,UAAU,kBAAkB,MAAM,CAAC,YAAY,uBAAuB;IACxJ,sBAAsB;IACtB,sBAAsB;IACtB,yFAAyF;IACzF,+BAA+B,MAAM,CAAC,IAAI,oBAAoB,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,MAAM,gCAAgC;IAC1H,sFAAsF;IACtF,EAAE;CACL,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAKjB,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,MAAsB,EAAU,EAAE;IAChE,MAAM,GAAG,GAAG,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,SAAS,GAAG,kBAAkB,iBAAiB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC3G,OAAO;QACH,qGAAqG;QACrG,KAAK;QACL,SAAS;QACT,0BAA0B;QAC1B,iBAAiB,MAAM,CAAC,YAAY,KAAK;QACzC,OAAO;QACP,UAAU;QACV,qBAAqB;QACrB,UAAU;QACV,GAAG,GAAG;QACN,YAAY;QACZ,sDAAsD;QACtD,eAAe;QACf,0BAA0B;QAC1B,+BAA+B;QAC/B,gBAAgB;QAChB,2BAA2B;QAC3B,mBAAmB;QACnB,oDAAoD,WAAW,sBAAsB;QACrF,wBAAwB,WAAW,IAAI,MAAM,CAAC,YAAY,mEAAmE;QAC7H,sBAAsB,WAAW,IAAI,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,YAAY,QAAQ;QACtG,4BAA4B;QAC5B,gBAAgB;QAChB,qCAAqC,MAAM,CAAC,IAAI,OAAO,MAAM,CAAC,kBAAkB,kBAAkB;QAClG,wBAAwB,WAAW,OAAO;QAC1C,2FAA2F,WAAW,EAAE;QACxG,EAAE;KACL,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACjB,CAAC,CAAC;AAIF,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAAE,OAAe,EAAE,YAAoB,EAAE,OAAe,EAAiB,EAAE;IACzG,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IACzC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,MAAM,SAAS,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AACnC,CAAC,CAAC;AAGF,MAAM,CAAC,MAAM,0BAA0B,GAAG,KAAK,EAAE,SAAiB,EAAE,SAAiB,EAAE,MAAsB,EAAiB,EAAE;IAC5H,MAAM,aAAa,CAAC,SAAS,EAAE,oBAAoB,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC;IACjF,MAAM,aAAa,CAAC,SAAS,EAAE,mBAAmB,EAAE,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC;AACnF,CAAC,CAAC;AAGF,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,EAAE,IAQpC,EAAiB,EAAE;IAChB,KAAK,MAAM,CAAC,UAAU,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5D,MAAM,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC;YACzB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,UAAU,EAAE,iBAAiB,CAAC,UAAU,CAAC;YACzC,IAAI;SACP,CAAC,CAAC;IACP,CAAC;AACL,CAAC,CAAC"}
|
package/dist/adopt.d.ts
ADDED
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import type { ForgejoApi } from "@intentic/providers";
|
|
2
|
+
export type GitRunner = (dir: string, args: readonly string[]) => Promise<{
|
|
3
|
+
readonly stdout: string;
|
|
4
|
+
readonly stderr: string;
|
|
5
|
+
}>;
|
|
6
|
+
export interface AdoptRepo {
|
|
7
|
+
readonly dir: string;
|
|
8
|
+
readonly name: string;
|
|
9
|
+
}
|
|
10
|
+
export interface AdoptOptions {
|
|
11
|
+
readonly baseUrl: string;
|
|
12
|
+
readonly user: string;
|
|
13
|
+
readonly password: string;
|
|
14
|
+
readonly repos: readonly AdoptRepo[];
|
|
15
|
+
readonly log: (message: string) => void;
|
|
16
|
+
readonly api?: ForgejoApi;
|
|
17
|
+
readonly git?: GitRunner;
|
|
18
|
+
}
|
|
19
|
+
export declare const adoptRepos: (options: AdoptOptions) => Promise<{
|
|
20
|
+
readonly name: string;
|
|
21
|
+
readonly cloneUrl: string;
|
|
22
|
+
}[]>;
|
|
23
|
+
//# sourceMappingURL=adopt.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"adopt.d.ts","sourceRoot":"","sources":["../src/adopt.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAMtD,MAAM,MAAM,SAAS,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,MAAM,EAAE,KAAK,OAAO,CAAC;IAAE,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC;AAGhI,MAAM,WAAW,SAAS;IAEtB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,YAAY;IAEzB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,KAAK,EAAE,SAAS,SAAS,EAAE,CAAC;IACrC,QAAQ,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IACxC,QAAQ,CAAC,GAAG,CAAC,EAAE,UAAU,CAAC;IAC1B,QAAQ,CAAC,GAAG,CAAC,EAAE,SAAS,CAAC;CAC5B;AAKD,eAAO,MAAM,UAAU,GAAU,SAAS,YAAY,KAAG,OAAO,CAAC;IAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,EAAE,CA4BtH,CAAC"}
|
package/dist/adopt.js
ADDED
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
import { execFile } from "node:child_process";
|
|
2
|
+
import { promisify } from "node:util";
|
|
3
|
+
import { forgejoApi } from "@intentic/providers";
|
|
4
|
+
const exec = promisify(execFile);
|
|
5
|
+
const defaultGit = (dir, args) => exec("git", ["-C", dir, ...args]);
|
|
6
|
+
export const adoptRepos = async (options) => {
|
|
7
|
+
const api = options.api ?? forgejoApi;
|
|
8
|
+
const git = options.git ?? defaultGit;
|
|
9
|
+
const { baseUrl, user, password, repos, log } = options;
|
|
10
|
+
const email = `${user}@${new URL(baseUrl).host}`;
|
|
11
|
+
const authHeader = `AUTHORIZATION: basic ${Buffer.from(`${user}:${password}`).toString("base64")}`;
|
|
12
|
+
const pushed = [];
|
|
13
|
+
for (const { dir, name } of repos) {
|
|
14
|
+
const existing = await api.findRepo({ baseUrl, user, password, owner: user, name });
|
|
15
|
+
if (existing === undefined) {
|
|
16
|
+
await api.createRepo({ baseUrl, user, password, owner: user, ownerIsOrg: false, name, private: true, autoInit: false });
|
|
17
|
+
log(`created ${user}/${name} in Forgejo`);
|
|
18
|
+
}
|
|
19
|
+
await git(dir, ["add", "-A"]);
|
|
20
|
+
const status = await git(dir, ["status", "--porcelain"]);
|
|
21
|
+
if (status.stdout.trim() !== "") {
|
|
22
|
+
await git(dir, ["-c", `user.name=${user}`, "-c", `user.email=${email}`, "commit", "-m", "intentic adopt"]);
|
|
23
|
+
}
|
|
24
|
+
await git(dir, ["branch", "-M", "main"]);
|
|
25
|
+
const cloneUrl = `${baseUrl}/${user}/${name}.git`;
|
|
26
|
+
const remotes = (await git(dir, ["remote"])).stdout.split("\n").map((line) => line.trim());
|
|
27
|
+
await git(dir, remotes.includes("origin") ? ["remote", "set-url", "origin", cloneUrl] : ["remote", "add", "origin", cloneUrl]);
|
|
28
|
+
await git(dir, ["-c", `http.extraHeader=${authHeader}`, "push", "-u", "origin", "main"]);
|
|
29
|
+
log(`pushed ${dir} → ${cloneUrl}`);
|
|
30
|
+
pushed.push({ name, cloneUrl });
|
|
31
|
+
}
|
|
32
|
+
return pushed;
|
|
33
|
+
};
|
|
34
|
+
//# sourceMappingURL=adopt.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"adopt.js","sourceRoot":"","sources":["../src/adopt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;AAIjC,MAAM,UAAU,GAAc,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;AAsB/E,MAAM,CAAC,MAAM,UAAU,GAAG,KAAK,EAAE,OAAqB,EAAmE,EAAE;IACvH,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,UAAU,CAAC;IACtC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,UAAU,CAAC;IACtC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IACxD,MAAM,KAAK,GAAG,GAAG,IAAI,IAAI,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;IACjD,MAAM,UAAU,GAAG,wBAAwB,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;IACnG,MAAM,MAAM,GAAyC,EAAE,CAAC;IACxD,KAAK,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,KAAK,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACpF,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,GAAG,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;YACxH,GAAG,CAAC,WAAW,IAAI,IAAI,IAAI,aAAa,CAAC,CAAC;QAC9C,CAAC;QACD,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;QAC9B,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC,CAAC;QACzD,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC9B,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,aAAa,IAAI,EAAE,EAAE,IAAI,EAAE,cAAc,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC;QAC/G,CAAC;QAED,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;QACzC,MAAM,QAAQ,GAAG,GAAG,OAAO,IAAI,IAAI,IAAI,IAAI,MAAM,CAAC;QAClD,MAAM,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3F,MAAM,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;QAC/H,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,oBAAoB,UAAU,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;QACzF,GAAG,CAAC,UAAU,GAAG,MAAM,QAAQ,EAAE,CAAC,CAAC;QACnC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,MAAM,CAAC;AAClB,CAAC,CAAC"}
|
package/dist/app.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AA4ZpD,eAAO,MAAM,GAAG,qDAUf,CAAC"}
|