npm - @lark-apaas/miaoda-cli - Versions diffs - 0.1.3 → 0.1.4-alpha.abaa17f - Mend

@lark-apaas/miaoda-cli 0.1.3 → 0.1.4-alpha.abaa17f

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (103) hide show

package/dist/api/app/api.js +3 -3
package/dist/api/app/schemas.js +43 -43
package/dist/api/db/api.js +398 -55
package/dist/api/db/client.js +155 -28
package/dist/api/db/index.js +12 -1
package/dist/api/db/parsers.js +20 -20
package/dist/api/db/sql-keywords.js +87 -87
package/dist/api/deploy/api.js +5 -5
package/dist/api/deploy/index.js +12 -1
package/dist/api/deploy/modern-types.js +23 -0
package/dist/api/deploy/modern.js +70 -0
package/dist/api/deploy/plugin-instances-types.js +6 -0
package/dist/api/deploy/plugin-instances.js +30 -0
package/dist/api/deploy/schemas.js +32 -32
package/dist/api/file/api.js +89 -87
package/dist/api/file/client.js +62 -22
package/dist/api/file/detect.js +3 -3
package/dist/api/file/index.js +2 -1
package/dist/api/file/parsers.js +18 -7
package/dist/api/observability/api.js +6 -6
package/dist/api/observability/schemas.js +14 -14
package/dist/api/plugin/api.js +31 -31
package/dist/cli/commands/app/index.js +94 -13
package/dist/cli/commands/db/index.js +602 -54
package/dist/cli/commands/deploy/index.js +28 -28
package/dist/cli/commands/deploy/modern.js +48 -0
package/dist/cli/commands/file/index.js +85 -58
package/dist/cli/commands/index.js +31 -5
package/dist/cli/commands/observability/index.js +69 -69
package/dist/cli/commands/plugin/index.js +27 -27
package/dist/cli/commands/shared.js +10 -10
package/dist/cli/handlers/app/index.js +6 -1
package/dist/cli/handlers/app/init.js +86 -0
package/dist/cli/handlers/app/update.js +2 -2
package/dist/cli/handlers/db/_destructive.js +67 -0
package/dist/cli/handlers/db/_env.js +26 -0
package/dist/cli/handlers/db/_operator.js +35 -0
package/dist/cli/handlers/db/audit.js +383 -0
package/dist/cli/handlers/db/changelog.js +160 -0
package/dist/cli/handlers/db/data.js +32 -31
package/dist/cli/handlers/db/index.js +17 -1
package/dist/cli/handlers/db/migration.js +234 -0
package/dist/cli/handlers/db/quota.js +68 -0
package/dist/cli/handlers/db/recovery.js +413 -0
package/dist/cli/handlers/db/schema.js +33 -33
package/dist/cli/handlers/db/sql.js +69 -69
package/dist/cli/handlers/deploy/deploy.js +4 -4
package/dist/cli/handlers/deploy/error-log.js +1 -1
package/dist/cli/handlers/deploy/get.js +3 -3
package/dist/cli/handlers/deploy/modern.js +32 -0
package/dist/cli/handlers/deploy/polling.js +11 -11
package/dist/cli/handlers/file/cp.js +30 -30
package/dist/cli/handlers/file/index.js +3 -1
package/dist/cli/handlers/file/ls.js +5 -5
package/dist/cli/handlers/file/quota.js +66 -0
package/dist/cli/handlers/file/rm.js +32 -30
package/dist/cli/handlers/file/sign.js +3 -3
package/dist/cli/handlers/file/stat.js +10 -9
package/dist/cli/handlers/observability/analytics.js +47 -47
package/dist/cli/handlers/observability/helpers.js +2 -2
package/dist/cli/handlers/observability/log.js +9 -9
package/dist/cli/handlers/observability/metric.js +26 -26
package/dist/cli/handlers/observability/trace.js +5 -5
package/dist/cli/handlers/plugin/plugin-local.js +53 -53
package/dist/cli/handlers/plugin/plugin.js +15 -15
package/dist/cli/help.js +16 -16
package/dist/main.js +12 -12
package/dist/services/app/init/index.js +14 -0
package/dist/services/app/init/install.js +101 -0
package/dist/services/app/init/steering.js +74 -0
package/dist/services/app/init/template.js +85 -0
package/dist/services/deploy/modern/atoms/build.js +54 -0
package/dist/services/deploy/modern/atoms/context.js +30 -0
package/dist/services/deploy/modern/atoms/index.js +17 -0
package/dist/services/deploy/modern/atoms/local-release.js +27 -0
package/dist/services/deploy/modern/atoms/pre-release.js +13 -0
package/dist/services/deploy/modern/atoms/save-plugin-instances.js +72 -0
package/dist/services/deploy/modern/atoms/upload.js +192 -0
package/dist/services/deploy/modern/check.js +58 -0
package/dist/services/deploy/modern/constants.js +13 -0
package/dist/services/deploy/modern/index.js +16 -0
package/dist/services/deploy/modern/pipelines/index.js +5 -0
package/dist/services/deploy/modern/pipelines/local.js +75 -0
package/dist/services/deploy/modern/protocol.js +43 -0
package/dist/services/deploy/modern/run-types.js +4 -0
package/dist/services/deploy/modern/run.js +13 -0
package/dist/services/deploy/modern/template-key-map.js +29 -0
package/dist/utils/args.js +1 -1
package/dist/utils/colors.js +2 -2
package/dist/utils/config.js +2 -2
package/dist/utils/devops-error.js +9 -9
package/dist/utils/error.js +2 -2
package/dist/utils/git.js +4 -4
package/dist/utils/http.js +27 -21
package/dist/utils/index.js +3 -1
package/dist/utils/npm-pack.js +55 -0
package/dist/utils/output.js +67 -45
package/dist/utils/poll.js +35 -0
package/dist/utils/render.js +27 -27
package/dist/utils/spark-meta.js +48 -0
package/dist/utils/spinner.js +46 -0
package/dist/utils/time.js +47 -42
package/package.json +1 -1

package/dist/api/db/api.js CHANGED Viewed

@@ -4,30 +4,43 @@ exports.execSql = execSql;
 exports.getSchema = getSchema;
 exports.importData = importData;
 exports.exportData = exportData;
+exports.listDDLChangelog = listDDLChangelog;
+exports.getAuditStatus = getAuditStatus;
+exports.setAuditConfig = setAuditConfig;
+exports.listAuditLog = listAuditLog;
+exports.migrationInit = migrationInit;
+exports.migrate = migrate;
+exports.getMigrationStatus = getMigrationStatus;
+exports.recover = recover;
+exports.getRecoveryPreview = getRecoveryPreview;
+exports.getRecoveryStatus = getRecoveryStatus;
+exports.getDbQuota = getDbQuota;
 const http_1 = require("../../utils/http");
 const error_1 = require("../../utils/error");
 const http_client_1 = require("@lark-apaas/http-client");
 const client_1 = require("./client");
-/**
- * 把 SDK 抛出的 HttpError 统一映射成 CLI 层错误：
- *   1. 先尝试从 response body 解 envelope，命中 dataloom 业务 code → AppError
- *   2. 兜底返 HttpError，保留真实 status 码与上下文
- *
- * 配合调用点的 try/catch + traceHttp，让 --verbose 在错误路径上也能拿到
- * x-tt-logid 与 status，方便定位线上问题。
- */
-async function mapDbHttpError(err, url, ctx,
-/**
- * 可选 hook：解析到响应 body 后，如果 envelope 命中业务错误并抛出 AppError，
- * 调用方可以借此把 body 里的额外字段（如 multi-statement 的 partial results）
- * 挂到 AppError 上。
- */
-onErrorBody) {
+const DEFAULT_TIMEOUT_HINT = 'The server may still be processing your request. Retry the command if needed.';
+async function mapDbHttpError(err, url, ctx, opts) {
     if (err instanceof error_1.AppError)
         throw err;
+    // 客户端超时 / abort：SdkHttpError 时 response 通常缺失（status=0），落到 throw 时
+    // message 形如 'Failed to recover: 0' 让用户看不懂。识别 abort / timeout 关键字后
+    // 单独抛专用 AppError（带领域可定制的 message + hint），不再包成通用 "Failed to X"。
+    if (err instanceof Error) {
+        const lower = err.message.toLowerCase();
+        if (lower.includes('aborted') ||
+            lower.includes('timeout') ||
+            err.name === 'AbortError' ||
+            err.name === 'TimeoutError') {
+            const code = opts?.timeout?.code ?? 'REQUEST_TIMEOUT';
+            const message = opts?.timeout?.message ?? 'Request timed out after 30s';
+            const hint = opts?.timeout?.hint ?? DEFAULT_TIMEOUT_HINT;
+            throw new error_1.AppError(code, message, { next_actions: [hint] });
+        }
+    }
     if (err instanceof http_client_1.HttpError) {
         const status = err.response?.status ?? 0;
-        const statusText = err.response?.statusText ?? "";
+        const statusText = err.response?.statusText ?? '';
         try {
             const body = (await err.response?.json());
             if (body) {
@@ -35,8 +48,13 @@ onErrorBody) {
                     (0, client_1.extractData)(body); // 业务 code 命中 → 抛 AppError；不命中走兜底
                 }
                 catch (appErr) {
-                    if (appErr instanceof error_1.AppError && onErrorBody) {
-                        onErrorBody(body, appErr);
+                    if (appErr instanceof error_1.AppError) {
+                        // env 上下文存在时把"env not exist"系列错误统一重写成 UNKNOWN_ENV_VALUE
+                        // —— 用户视角 vocab 错和 state 错都是「这个 env 不能用」，文案统一更好理解。
+                        const decorated = (0, client_1.decorateEnvError)(appErr, opts?.env);
+                        if (opts?.onErrorBody)
+                            opts.onErrorBody(body, decorated);
+                        throw decorated;
                     }
                     throw appErr;
                 }
@@ -79,18 +97,29 @@ function attachSqlPartialResults(body, appErr) {
  */
 async function execSql(opts) {
     const client = (0, http_1.getHttpClient)();
-    const url = (0, client_1.buildInnerUrl)(opts.appId, "/db/sql", {
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/sql', {
         dbBranch: opts.dbBranch,
     });
     const start = Date.now();
     let response;
     try {
         response = await client.post(url, { sql: opts.sql });
-        (0, client_1.traceHttp)("POST", url, start, response);
+        (0, client_1.traceHttp)('POST', url, start, response);
     }
     catch (err) {
-        (0, client_1.traceHttp)("POST", url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
-        await mapDbHttpError(err, url, "Failed to execute SQL", attachSqlPartialResults);
+        (0, client_1.traceHttp)('POST', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to execute SQL', {
+            env: opts.dbBranch,
+            onErrorBody: attachSqlPartialResults,
+            // SQL 路径单独的超时文案：PG 的 statement_timeout 会回滚整条事务，所以这里
+            // 明示「事务已回滚、没有改动落地」，并把 hint 引导到「简化 SQL / 加 LIMIT / 拆条」。
+            timeout: {
+                code: 'SQL_EXECUTION_TIMEOUT',
+                message: 'SQL execution timed out after 30s',
+                hint: 'The transaction was rolled back; no changes were applied. ' +
+                    'Simplify the SQL, add filters or LIMIT for queries, or split it into smaller statements.',
+            },
+        });
         throw err; // 不可达
     }
     const body = (await response.json());
@@ -101,11 +130,11 @@ async function execSql(opts) {
         // results 末尾追加一条 SqlType="ERROR" 的哨兵，data 字段是 {code,message} JSON。
         // 这样网关在错误路径不会吞业务字段，CLI 拿到完整 partial_results + statement_index。
         const last = results.at(-1);
-        if (last?.sqlType === "ERROR") {
+        if (last?.sqlType === 'ERROR') {
             const appErr = parseSqlErrorSentinel(last.data);
             appErr.partial_results = results.slice(0, -1);
             const stmtIdx = data.errorStatementIndex;
-            if (typeof stmtIdx === "number")
+            if (typeof stmtIdx === 'number')
                 appErr.statement_index = stmtIdx;
             throw appErr;
         }
@@ -137,12 +166,12 @@ async function execSql(opts) {
 function parseSqlErrorSentinel(payload) {
     try {
         const parsed = JSON.parse(payload);
-        const code = typeof parsed.code === "string" && parsed.code !== "" ? parsed.code : "INTERNAL_DB_ERROR";
-        const message = typeof parsed.message === "string" ? parsed.message : payload;
+        const code = typeof parsed.code === 'string' && parsed.code !== '' ? parsed.code : 'INTERNAL_DB_ERROR';
+        const message = typeof parsed.message === 'string' ? parsed.message : payload;
         return (0, client_1.mapDataloomBizError)(code, message);
     }
     catch {
-        return new error_1.AppError("INTERNAL_DB_ERROR", payload);
+        return new error_1.AppError('INTERNAL_DB_ERROR', payload);
     }
 }
 // ── db schema → InnerGetSchema ──
@@ -154,21 +183,21 @@ function parseSqlErrorSentinel(payload) {
  */
 async function getSchema(opts) {
     const client = (0, http_1.getHttpClient)();
-    const url = (0, client_1.buildInnerUrl)(opts.appId, "/db/schema", {
-        format: opts.format ?? "schema",
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/schema', {
+        format: opts.format ?? 'schema',
         tableNames: opts.tableNames,
-        includeStats: opts.includeStats ? "true" : undefined,
+        includeStats: opts.includeStats ? 'true' : undefined,
         dbBranch: opts.dbBranch,
     });
     const start = Date.now();
     let response;
     try {
         response = await client.get(url);
-        (0, client_1.traceHttp)("GET", url, start, response);
+        (0, client_1.traceHttp)('GET', url, start, response);
     }
     catch (err) {
-        (0, client_1.traceHttp)("GET", url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
-        await mapDbHttpError(err, url, "Failed to get schema");
+        (0, client_1.traceHttp)('GET', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to get schema', { env: opts.dbBranch });
         throw err; // 不可达
     }
     const body = (await response.json());
@@ -188,24 +217,25 @@ async function getSchema(opts) {
  */
 async function importData(opts) {
     const client = (0, http_1.getHttpClient)();
-    const url = (0, client_1.buildInnerUrl)(opts.appId, "/data/import");
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/data/import');
     const reqBody = {
         tableName: opts.tableName,
         format: opts.format,
-        records: opts.body.toString("utf8"),
+        records: opts.body.toString('utf8'),
     };
-    if (opts.dbBranch !== undefined && opts.dbBranch !== "") {
-        reqBody.dbBranch = opts.dbBranch;
+    if (opts.dbBranch !== undefined && opts.dbBranch !== '') {
+        // 兼容 `online` 别名 → 后端实际 dbBranch 名为 `main`
+        reqBody.dbBranch = opts.dbBranch === 'online' ? 'main' : opts.dbBranch;
     }
     const start = Date.now();
     let response;
     try {
         response = await client.post(url, reqBody);
-        (0, client_1.traceHttp)("POST", url, start, response);
+        (0, client_1.traceHttp)('POST', url, start, response);
     }
     catch (err) {
-        (0, client_1.traceHttp)("POST", url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
-        await mapDbHttpError(err, url, "Failed to import data");
+        (0, client_1.traceHttp)('POST', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to import data', { env: opts.dbBranch });
         throw err; // 不可达
     }
     // 后端 InnerAdminImportData 响应里 data 直接返 {tableName, recordCount, durationMs}
@@ -229,7 +259,7 @@ async function importData(opts) {
  */
 async function exportData(opts) {
     const client = (0, http_1.getHttpClient)();
-    const url = (0, client_1.buildInnerUrl)(opts.appId, "/data/export", {
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/data/export', {
         tableName: opts.tableName,
         format: opts.format,
         limit: String(opts.limit ?? 5000),
@@ -239,43 +269,48 @@ async function exportData(opts) {
     const start = Date.now();
     let response;
     try {
-        response = await client.request({ method: "POST", url });
-        (0, client_1.traceHttp)("POST", url, start, response);
+        response = await client.request({ method: 'POST', url });
+        (0, client_1.traceHttp)('POST', url, start, response);
     }
     catch (err) {
-        (0, client_1.traceHttp)("POST", url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
-        await mapDbHttpError(err, url, "Failed to export data");
+        (0, client_1.traceHttp)('POST', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to export data', { env: opts.dbBranch });
         throw err; // 不可达
     }
-    // 成功路径：响应 body 通常是原始 CSV/JSON 字节，但部分错误场景下网关会返
+    // 成功路径：响应 body 通常是原始 CSV/SQL/JSON 字节，但部分错误场景下网关会返
     // HTTP 200 + JSON envelope（status_code != "0"），需要在这里嗅探兜底。
-    const contentType = response.headers.get("Content-Type") ??
-        (opts.format === "csv" ? "text/csv" : "application/json");
+    const defaultContentType = {
+        csv: 'text/csv',
+        sql: 'text/plain',
+        json: 'application/json',
+    };
+    const contentType = response.headers.get('Content-Type') ?? defaultContentType[opts.format];
     const ab = await response.arrayBuffer();
     const buf = Buffer.from(new Uint8Array(ab));
     if (buf.length === 0) {
-        throw new error_1.AppError("INTERNAL_DB_ERROR", "Empty export response body");
+        throw new error_1.AppError('INTERNAL_DB_ERROR', 'Empty export response body');
     }
     // Envelope sniff：HTTP 200 + Content-Type 为 application/json + body 解析得到
     // InnerEnvelope 且 status_code 非 "0" 时，按业务错误抛出。
-    // 仅 CSV 格式做 sniff —— JSON 格式正常成功响应也是 application/json，会误判。
-    if (opts.format === "csv" && /application\/json/i.test(contentType)) {
+    // CSV / SQL 都是非 JSON 输出，application/json 响应必是错误信封；JSON 格式
+    // 成功响应自身就是 application/json，跳过 sniff 避免误判。
+    if (opts.format !== 'json' && /application\/json/i.test(contentType)) {
         try {
-            const parsed = JSON.parse(buf.toString("utf8"));
-            if (parsed.status_code != null && parsed.status_code !== "0") {
+            const parsed = JSON.parse(buf.toString('utf8'));
+            if (parsed.status_code != null && parsed.status_code !== '0') {
                 // 复用 extractData 的错误映射逻辑（throw AppError）
                 (0, client_1.extractData)(parsed);
             }
         }
         catch (err) {
             // 已经被 extractData 抛成 AppError → 透传；否则 JSON.parse 失败说明 body
-            // 真的是 CSV 文本，继续按成功流程走
+            // 真的是 CSV / SQL 文本，继续按成功流程走
             if (err instanceof error_1.AppError)
                 throw err;
         }
     }
     // 后端通过响应头回传记录数（避免污染 body）；header 缺失或解析失败 → undefined
-    const recordCountHeader = response.headers.get("X-Miaoda-Record-Count");
+    const recordCountHeader = response.headers.get('X-Miaoda-Record-Count');
     const parsedCount = recordCountHeader != null ? Number(recordCountHeader) : NaN;
     const recordCount = Number.isFinite(parsedCount) && parsedCount >= 0 ? parsedCount : undefined;
     return {
@@ -286,3 +321,311 @@ async function exportData(opts) {
         recordCount,
     };
 }
+// ── db changelog → InnerAdminListDDLChangelog ──
+/**
+ * 后端：GET /v1/dataloom/app/{appId}/db/changelog?table=&since=&until=&limit=&cursor=&dbBranch=
+ *
+ * 时间字段 since/until 由 CLI 端归一化为 ISO 8601 UTC 后透传；后端按 created_at 比较。
+ */
+async function listDDLChangelog(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/changelog', {
+        table: opts.table,
+        since: opts.since,
+        until: opts.until,
+        changeId: opts.changeId,
+        limit: opts.limit !== undefined ? String(opts.limit) : undefined,
+        cursor: opts.cursor,
+        dbBranch: opts.dbBranch,
+    });
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.get(url);
+        (0, client_1.traceHttp)('GET', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('GET', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to list DDL changelog', { env: opts.dbBranch });
+        throw err; // 不可达
+    }
+    const body = (await response.json());
+    const data = (0, client_1.extractData)(body);
+    return {
+        items: data.items ?? [],
+        nextCursor: data.nextCursor && data.nextCursor !== '' ? data.nextCursor : null,
+        hasMore: Boolean(data.hasMore),
+    };
+}
+// ── db audit → InnerAdminGetAuditStatus / InnerAdminSetAuditConfig ──
+/**
+ * 后端：GET /v1/dataloom/app/{appId}/db/audit/status?table=&dbBranch=
+ * 查表审计开关状态。table 非空 → 单表过滤；空 → 返当前 workspace 全部已配置表。
+ */
+async function getAuditStatus(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/audit/status', {
+        table: opts.table,
+        dbBranch: opts.dbBranch,
+    });
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.get(url);
+        (0, client_1.traceHttp)('GET', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('GET', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to get audit status', { env: opts.dbBranch });
+        throw err; // 不可达
+    }
+    const respBody = (await response.json());
+    const data = (0, client_1.extractData)(respBody);
+    return data.items ?? [];
+}
+/**
+ * 后端：POST /v1/dataloom/app/{appId}/db/audit/config
+ * 写：enabled=true 开启 / false 关闭。retention 仅 enabled=true 生效。
+ */
+async function setAuditConfig(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/audit/config');
+    const body = {
+        table: opts.table,
+        enabled: opts.enabled,
+    };
+    if (opts.retention !== undefined && opts.retention !== '')
+        body.retention = opts.retention;
+    if (opts.dbBranch !== undefined && opts.dbBranch !== '') {
+        // 兼容 `online` 别名 → 后端实际 dbBranch 名为 `main`
+        body.dbBranch = opts.dbBranch === 'online' ? 'main' : opts.dbBranch;
+    }
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.post(url, body);
+        (0, client_1.traceHttp)('POST', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('POST', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to set audit config', { env: opts.dbBranch });
+        throw err; // 不可达
+    }
+    const respBody = (await response.json());
+    const data = (0, client_1.extractData)(respBody);
+    if (!data.status) {
+        throw new error_1.AppError('INTERNAL_DB_ERROR', 'audit config response missing status field');
+    }
+    return data.status;
+}
+// ── db audit log → InnerAdminListAuditLog ──
+/**
+ * 后端：GET /v1/dataloom/app/{appId}/db/audit/log?tables=&since=&until=&limit=&cursor=&dbBranch=
+ *
+ * 走 admin-inner 接口而不是 InnerAdminExecuteSQL 直接 SELECT pg_audit：
+ *   - operator 在 details JSONB 内是 user_id，服务端解析成 username
+ *   - summary 后端按 type + before/after diff 合成（pg_audit 表无此列）
+ *   - before/after JSONB 后端 JSON.stringify 后透传字符串，CLI 按需 parse
+ *
+ * 多表用逗号拼接走 query；后端按 target_table IN (...) 一次查。skipped 字段返
+ * 多表中无记录的表名，便于 CLI 展示 hint。
+ */
+async function listAuditLog(opts) {
+    if (opts.tables.length === 0) {
+        throw new error_1.AppError('ARGS_INVALID', 'at least one table is required');
+    }
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/audit/log', {
+        // IDL `Tables list<string>` 走重复 query key（?tables=A&tables=B）—— join(',')
+        // 会让 Hertz/Kitex 网关绑成 ["A,B"] 单元素切片，命中单表错误分支报错文案错乱。
+        tables: opts.tables,
+        since: opts.since,
+        until: opts.until,
+        limit: opts.limit !== undefined ? String(opts.limit) : undefined,
+        cursor: opts.cursor,
+        dbBranch: opts.dbBranch,
+    });
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.get(url);
+        (0, client_1.traceHttp)('GET', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('GET', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to list audit log', { env: opts.dbBranch });
+        throw err; // 不可达
+    }
+    const body = (await response.json());
+    const data = (0, client_1.extractData)(body);
+    return {
+        items: data.items ?? [],
+        nextCursor: data.nextCursor && data.nextCursor !== '' ? data.nextCursor : null,
+        hasMore: Boolean(data.hasMore),
+        skipped: data.skipped ?? [],
+    };
+}
+// ── db migration → InnerAdminMigrationInit / InnerAdminMigrate ──
+/**
+ * 后端：POST /v1/dataloom/app/{appId}/db/enableMultiEnv
+ * 单库 → dev/online 双库初始化，不可逆。对应公开 API EnableMultiEnvDB 的 admin-inner 通道。
+ */
+async function migrationInit(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/enableMultiEnv');
+    const body = {};
+    if (opts.syncData !== undefined)
+        body.syncData = opts.syncData;
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.post(url, body);
+        (0, client_1.traceHttp)('POST', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('POST', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to init migration');
+        throw err; // 不可达
+    }
+    const respBody = (await response.json());
+    return (0, client_1.extractData)(respBody);
+}
+/**
+ * 后端：POST /v1/dataloom/app/{appId}/db/migration
+ * 合并 diff + apply：dryRun=true 只返 changes 不下发；dryRun=false 才执行。
+ */
+async function migrate(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/migration');
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.post(url, { dryRun: opts.dryRun });
+        (0, client_1.traceHttp)('POST', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('POST', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to migrate');
+        throw err; // 不可达
+    }
+    const respBody = (await response.json());
+    return (0, client_1.extractData)(respBody);
+}
+/**
+ * 后端：GET /v1/dataloom/app/{appId}/db/migration/status?taskId=...
+ * CLI 拿到 migration apply 的 taskId 后定时调本接口，直到 status=success/failed。
+ * 网络层超时仍走 mapDbHttpError → 单次 30s；轮询节奏由 CLI handler 自行控制。
+ */
+async function getMigrationStatus(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/migration/status', {
+        taskId: opts.taskId,
+        dbBranch: opts.dbBranch,
+    });
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.get(url);
+        (0, client_1.traceHttp)('GET', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('GET', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to get migration status', { env: opts.dbBranch });
+        throw err; // 不可达
+    }
+    const body = (await response.json());
+    return (0, client_1.extractData)(body);
+}
+// ── db recovery → InnerAdminRecover ──
+/**
+ * 后端：POST /v1/dataloom/app/{appId}/db/recovery
+ * 合并 PITR diff + apply：dryRun=true 预览影响；dryRun=false 触发恢复。
+ */
+async function recover(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/recovery');
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.post(url, {
+            target: opts.target,
+            dryRun: opts.dryRun,
+        });
+        (0, client_1.traceHttp)('POST', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('POST', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to recover');
+        throw err; // 不可达
+    }
+    const respBody = (await response.json());
+    return (0, client_1.extractData)(respBody);
+}
+/**
+ * 后端：GET /v1/dataloom/app/{appId}/db/recovery/preview?previewRequestId=...
+ * CLI 拿到 recovery diff 的 previewRequestId 后定时调本接口直到 previewStatus=success/failed。
+ */
+async function getRecoveryPreview(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/recovery/preview', {
+        previewRequestId: opts.previewRequestId,
+        dbBranch: opts.dbBranch,
+    });
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.get(url);
+        (0, client_1.traceHttp)('GET', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('GET', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to get recovery preview', { env: opts.dbBranch });
+        throw err; // 不可达
+    }
+    const body = (await response.json());
+    return (0, client_1.extractData)(body);
+}
+/**
+ * 后端：GET /v1/dataloom/app/{appId}/db/recovery/status
+ * CLI apply 触发后定时调本接口直到 status=success/failed。dataloom 内部 Redis
+ * 维护 workspace 级 restore 状态，无需传 task id；workspace+dbBranch 维度同时
+ * 只允许一个 restore 进行中。
+ */
+async function getRecoveryStatus(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/recovery/status', { dbBranch: opts.dbBranch });
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.get(url);
+        (0, client_1.traceHttp)('GET', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('GET', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to get recovery status', { env: opts.dbBranch });
+        throw err; // 不可达
+    }
+    const body = (await response.json());
+    return (0, client_1.extractData)(body);
+}
+// ── db quota → InnerAdminGetDbQuota ──
+/**
+ * 后端：GET /v1/dataloom/app/{appId}/db/quota?dbBranch=
+ */
+async function getDbQuota(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, '/db/quota', { dbBranch: opts.dbBranch });
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.get(url);
+        (0, client_1.traceHttp)('GET', url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)('GET', url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, 'Failed to get db quota', { env: opts.dbBranch });
+        throw err; // 不可达
+    }
+    const respBody = (await response.json());
+    return (0, client_1.extractData)(respBody);
+}