npm - @just-be/deploy - Versions diffs - 0.10.0 → 0.11.0 - Mend

@just-be/deploy 0.10.0 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/index.ts CHANGED Viewed

@@ -45,8 +45,9 @@
 import { $ } from "bun";
 import { readdir, stat, access } from "fs/promises";
 import { join, relative, resolve } from "path";
-import { intro, outro, spinner } from "@clack/prompts";
+import { intro, outro, spinner, password as passwordPrompt } from "@clack/prompts";
 import { z } from "zod";
+import { createHash } from "crypto";
 import packageJson from "./package.json" with { type: "json" };
 import {
   StaticConfigSchema,
@@ -80,14 +81,17 @@ function wrangler(...args: string[]) {
 const StaticRuleSchema = StaticConfigSchema.safeExtend({
   subdomain: subdomain(),
   dir: z.string().min(1),
+  password: z.string().optional(),
 });
 const RedirectRuleSchema = RedirectConfigSchema.safeExtend({
   subdomain: subdomain(),
+  password: z.string().optional(),
 });
 const RewriteRuleSchema = RewriteConfigSchema.safeExtend({
   subdomain: subdomain(),
+  password: z.string().optional(),
 });
 const RouteRuleSchema = z.discriminatedUnion("type", [
@@ -97,6 +101,7 @@ const RouteRuleSchema = z.discriminatedUnion("type", [
 ]);
 export const DeployConfigSchema = z.object({
+  $schema: z.string().optional(),
   rules: z.array(RouteRuleSchema).min(1, "At least one rule is required"),
 });
@@ -174,20 +179,140 @@ async function findFiles(dir: string): Promise<string[]> {
   return results;
 }
+/**
+ * Get content type based on file extension
+ */
+function getContentType(filePath: string): string | null {
+  const ext = filePath.toLowerCase().split(".").pop();
+  const contentTypes: Record<string, string> = {
+    // Text
+    html: "text/html",
+    css: "text/css",
+    js: "application/javascript",
+    json: "application/json",
+    xml: "application/xml",
+    txt: "text/plain",
+    // Images
+    png: "image/png",
+    jpg: "image/jpeg",
+    jpeg: "image/jpeg",
+    gif: "image/gif",
+    svg: "image/svg+xml",
+    webp: "image/webp",
+    // Audio
+    mp3: "audio/mpeg",
+    m4a: "audio/mp4",
+    wav: "audio/wav",
+    ogg: "audio/ogg",
+    aac: "audio/aac",
+    flac: "audio/flac",
+    // Video
+    mp4: "video/mp4",
+    webm: "video/webm",
+    // Fonts
+    woff: "font/woff",
+    woff2: "font/woff2",
+    ttf: "font/ttf",
+    otf: "font/otf",
+  };
+  return ext ? contentTypes[ext] || null : null;
+}
+/**
+ * Compute MD5 hash of a file
+ */
+async function computeFileMD5(filePath: string): Promise<string> {
+  const file = Bun.file(filePath);
+  const buffer = await file.arrayBuffer();
+  const hash = createHash("md5");
+  hash.update(new Uint8Array(buffer));
+  return hash.digest("hex");
+}
+/**
+ * Check if a file needs to be uploaded by comparing local MD5 with remote ETag
+ * Returns true if file should be uploaded (missing or different content)
+ */
+async function shouldUploadFile(
+  localPath: string,
+  r2Key: string,
+  subdomain: string,
+): Promise<boolean> {
+  try {
+    // Compute local file hash
+    const localHash = await computeFileMD5(localPath);
+    // Make HEAD request to check remote file (don't follow redirects)
+    const url = `https://${subdomain}.just-be.dev/${r2Key.replace(`${subdomain}/`, "")}`;
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 5000); // 5 second timeout
+    try {
+      const response = await fetch(url, {
+        method: "HEAD",
+        redirect: "manual",
+        signal: controller.signal,
+        headers: {
+          Connection: "close", // Ensure connection is closed
+        },
+      });
+      clearTimeout(timeoutId);
+      // If file doesn't exist (4xx/5xx), upload it
+      if (!response.ok) {
+        return true;
+      }
+      // Get ETag from response (remove quotes if present)
+      const etag = response.headers.get("etag")?.replace(/"/g, "");
+      // If no ETag or ETag doesn't match local hash, upload
+      if (!etag || etag !== localHash) {
+        return true;
+      }
+      // File exists with same content, skip upload
+      return false;
+    } catch (fetchError) {
+      clearTimeout(timeoutId);
+      // On fetch error (timeout, network error), default to uploading
+      if (DEBUG) {
+        console.error(`\nFetch error checking ${localPath}:`, fetchError);
+      }
+      return true;
+    }
+  } catch (error) {
+    // On error, default to uploading
+    if (DEBUG) {
+      console.error(`\nError checking if upload needed for ${localPath}:`, error);
+    }
+    return true;
+  }
+}
 /**
  * Upload a file to R2
  */
 async function uploadToR2(localPath: string, r2Key: string): Promise<boolean> {
   try {
-    await wrangler(
+    const args = [
       "r2",
       "object",
       "put",
       `${BUCKET_NAME}/${r2Key}`,
       "--file",
       localPath,
-      "--remote"
-    );
+      "--remote",
+    ];
+    // Add content-type if we can determine it
+    const contentType = getContentType(localPath);
+    if (contentType) {
+      args.push("--content-type", contentType);
+    }
+    await wrangler(...args);
     return true;
   } catch (error) {
     if (DEBUG) {
@@ -242,6 +367,52 @@ async function validateKVAccess(): Promise<boolean> {
   }
 }
+/**
+ * List secrets configured on the wildcard worker
+ */
+async function listWorkerSecrets(): Promise<string[]> {
+  try {
+    const output = await wrangler("secret", "list", "--name", "just-be-dev-wildcard").text();
+    const secrets = JSON.parse(output);
+    return Array.isArray(secrets) ? secrets.map((s: { name: string }) => s.name) : [];
+  } catch {
+    return [];
+  }
+}
+/**
+ * Ensure a secret exists on the wildcard worker, prompting the user if it doesn't
+ */
+async function ensureSecretExists(
+  secretName: string,
+  s: ReturnType<typeof spinner>,
+): Promise<void> {
+  s.start(`Checking if secret "${secretName}" exists`);
+  const existingSecrets = await listWorkerSecrets();
+  if (existingSecrets.includes(secretName)) {
+    s.stop(`Secret "${secretName}" already exists`);
+    return;
+  }
+  s.stop(`Secret "${secretName}" not found`);
+  const value = await passwordPrompt({
+    message: `Enter the password value for secret "${secretName}":`,
+  });
+  if (typeof value !== "string" || !value) {
+    console.error("Error: No password provided");
+    process.exit(1);
+  }
+  s.start(`Uploading secret "${secretName}"`);
+  await $`echo ${value}`.pipe(
+    wrangler("secret", "put", secretName, "--name", "just-be-dev-wildcard"),
+  );
+  s.stop(`Secret "${secretName}" uploaded`);
+}
 /**
  * Get the current git branch name
  */
@@ -286,7 +457,7 @@ async function createKVEntry(subdomain: string, routeConfig: RouteConfig): Promi
     KV_NAMESPACE_ID,
     subdomain,
     configJson,
-    "--remote"
+    "--remote",
   );
 }
@@ -330,12 +501,23 @@ async function deployStaticRule(rule: StaticRule, s: ReturnType<typeof spinner>)
   // Upload files to R2
   let uploadCount = 0;
+  let skippedCount = 0;
   const failedUploads: string[] = [];
   for (const filePath of filePaths) {
     const relativePath = relative(rule.dir, filePath);
     const r2Key = `${rule.subdomain}/${relativePath}`;
+    // Check if upload is needed
+    s.start(`Checking ${relativePath}`);
+    const needsUpload = await shouldUploadFile(filePath, r2Key, rule.subdomain);
+    if (!needsUpload) {
+      skippedCount++;
+      s.stop(`Skipped ${relativePath} (unchanged)`);
+      continue;
+    }
     s.start(`Uploading ${relativePath}`);
     const success = await uploadToR2(filePath, r2Key);
@@ -352,7 +534,12 @@ async function deployStaticRule(rule: StaticRule, s: ReturnType<typeof spinner>)
     throw new Error(`Failed to upload ${failedUploads.length} file(s)`);
   }
-  console.log(`✓ Uploaded ${uploadCount} files to R2`);
+  console.log(`✓ Uploaded ${uploadCount} files, skipped ${skippedCount} unchanged files`);
+  // Ensure password secret exists if configured
+  if (rule.password) {
+    await ensureSecretExists(rule.password, s);
+  }
   // Create KV entry (path is derived from subdomain at runtime)
   const routeConfig: RouteConfig = {
@@ -361,6 +548,7 @@ async function deployStaticRule(rule: StaticRule, s: ReturnType<typeof spinner>)
     ...(rule.fallback && { fallback: rule.fallback }),
     ...(rule.redirects?.length && { redirects: rule.redirects }),
     ...(rule.rewrites?.length && { rewrites: rule.rewrites }),
+    ...(rule.password && { password: rule.password }),
   };
   s.start(`Creating KV routing entry`);
@@ -373,17 +561,23 @@ async function deployStaticRule(rule: StaticRule, s: ReturnType<typeof spinner>)
  */
 async function deployRedirectRule(
   rule: RedirectRule,
-  s: ReturnType<typeof spinner>
+  s: ReturnType<typeof spinner>,
 ): Promise<void> {
   console.log(`\n🔀 Configuring redirect: ${rule.subdomain}.just-be.dev`);
   console.log(`   Target URL: ${rule.url}`);
   console.log(`   Permanent: ${rule.permanent ?? false}`);
+  // Ensure password secret exists if configured
+  if (rule.password) {
+    await ensureSecretExists(rule.password, s);
+  }
   const routeConfig: RouteConfig = {
     type: "redirect",
     url: rule.url,
     ...(rule.permanent !== undefined && { permanent: rule.permanent }),
     ...(rule.preservePath !== undefined && { preservePath: rule.preservePath }),
+    ...(rule.password && { password: rule.password }),
   };
   s.start(`Creating KV routing entry`);
@@ -399,10 +593,16 @@ async function deployRewriteRule(rule: RewriteRule, s: ReturnType<typeof spinner
   console.log(`   Target URL: ${rule.url}`);
   console.log(`   Allowed Methods: ${rule.allowedMethods?.join(", ") || "GET, HEAD, OPTIONS"}`);
+  // Ensure password secret exists if configured
+  if (rule.password) {
+    await ensureSecretExists(rule.password, s);
+  }
   const routeConfig: RouteConfig = {
     type: "rewrite",
     url: rule.url,
     ...(rule.allowedMethods && { allowedMethods: rule.allowedMethods }),
+    ...(rule.password && { password: rule.password }),
   };
   s.start(`Creating KV routing entry`);
@@ -562,8 +762,12 @@ if (import.meta.main) {
     process.exit(0);
   }
-  deploy().catch((error) => {
-    console.error("\n❌ Fatal error:", error);
-    process.exit(1);
-  });
+  deploy()
+    .then(() => {
+      process.exit(0);
+    })
+    .catch((error) => {
+      console.error("\n❌ Fatal error:", error);
+      process.exit(1);
+    });
 }

package/package.json CHANGED Viewed

@@ -1,41 +1,41 @@
 {
   "name": "@just-be/deploy",
-  "version": "0.10.0",
+  "version": "0.11.0",
   "description": "Deploy static sites to Cloudflare R2 with subdomain routing",
-  "type": "module",
-  "bin": {
-    "deploy": "index.ts"
-  },
-  "files": [
-    "index.ts",
-    "schema.json"
-  ],
-  "scripts": {
-    "generate-schema": "bun run scripts/generate-schema.ts"
-  },
   "keywords": [
     "cloudflare",
-    "r2",
     "deploy",
+    "r2",
     "static-site"
   ],
-  "author": "Justin Bennett",
   "license": "MIT",
+  "author": "Justin Bennett",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/just-be-dev/just-be.dev.git",
     "directory": "packages/deploy"
   },
-  "engines": {
-    "bun": ">=1.0.0"
+  "bin": {
+    "deploy": "index.ts"
+  },
+  "files": [
+    "index.ts",
+    "schema.json"
+  ],
+  "type": "module",
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "generate-schema": "bun run scripts/generate-schema.ts"
   },
   "dependencies": {
     "@clack/prompts": "^0.11.0",
-    "@just-be/wildcard": "0.2.0",
+    "@just-be/wildcard": "0.6.0",
     "wrangler": "4.48.0",
     "zod": "^4.1.13"
   },
-  "publishConfig": {
-    "access": "public"
+  "engines": {
+    "bun": ">=1.0.0"
   }
 }

package/schema.json CHANGED Viewed

@@ -2,6 +2,9 @@
   "$schema": "https://json-schema.org/draft/2020-12/schema",
   "type": "object",
   "properties": {
+    "$schema": {
+      "type": "string"
+    },
     "rules": {
       "minItems": 1,
       "type": "array",
@@ -75,6 +78,10 @@
               "dir": {
                 "type": "string",
                 "minLength": 1
+              },
+              "password": {
+                "type": "string",
+                "description": "Name of the Cloudflare Worker secret containing the password for HTTP Basic Auth protection"
               }
             },
             "required": ["type", "subdomain", "dir"],
@@ -99,6 +106,10 @@
               },
               "subdomain": {
                 "type": "string"
+              },
+              "password": {
+                "type": "string",
+                "description": "Name of the Cloudflare Worker secret containing the password for HTTP Basic Auth protection"
               }
             },
             "required": ["type", "url", "subdomain"],
@@ -125,6 +136,10 @@
               },
               "subdomain": {
                 "type": "string"
+              },
+              "password": {
+                "type": "string",
+                "description": "Name of the Cloudflare Worker secret containing the password for HTTP Basic Auth protection"
               }
             },
             "required": ["type", "url", "allowedMethods", "subdomain"],