@opengeni/runtime 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. package/dist/chunk-2PO56VAL.js +3478 -0
  2. package/dist/chunk-2PO56VAL.js.map +1 -0
  3. package/dist/index.d.ts +912 -0
  4. package/dist/index.js +3663 -0
  5. package/dist/index.js.map +1 -0
  6. package/dist/sandbox/index.d.ts +1738 -0
  7. package/dist/sandbox/index.js +187 -0
  8. package/dist/sandbox/index.js.map +1 -0
  9. package/package.json +49 -0
  10. package/src/bundled_hashicorp_terraform_skills/LICENSE +373 -0
  11. package/src/bundled_hashicorp_terraform_skills/README.md +18 -0
  12. package/src/bundled_hashicorp_terraform_skills/UPSTREAM_GIT_SHA +1 -0
  13. package/src/bundled_hashicorp_terraform_skills/azure-verified-modules/SKILL.md +613 -0
  14. package/src/bundled_hashicorp_terraform_skills/checkov/SKILL.md +43 -0
  15. package/src/bundled_hashicorp_terraform_skills/refactor-module/SKILL.md +538 -0
  16. package/src/bundled_hashicorp_terraform_skills/social-media-marketing/SKILL.md +35 -0
  17. package/src/bundled_hashicorp_terraform_skills/terraform-search-import/SKILL.md +372 -0
  18. package/src/bundled_hashicorp_terraform_skills/terraform-search-import/references/MANUAL-IMPORT.md +113 -0
  19. package/src/bundled_hashicorp_terraform_skills/terraform-search-import/scripts/list_resources.sh +38 -0
  20. package/src/bundled_hashicorp_terraform_skills/terraform-stacks/SKILL.md +480 -0
  21. package/src/bundled_hashicorp_terraform_skills/terraform-stacks/references/api-monitoring.md +543 -0
  22. package/src/bundled_hashicorp_terraform_skills/terraform-stacks/references/component-blocks.md +476 -0
  23. package/src/bundled_hashicorp_terraform_skills/terraform-stacks/references/deployment-blocks.md +391 -0
  24. package/src/bundled_hashicorp_terraform_skills/terraform-stacks/references/examples.md +1529 -0
  25. package/src/bundled_hashicorp_terraform_skills/terraform-stacks/references/linked-stacks.md +187 -0
  26. package/src/bundled_hashicorp_terraform_skills/terraform-stacks/references/troubleshooting.md +671 -0
  27. package/src/bundled_hashicorp_terraform_skills/terraform-style-guide/SKILL.md +353 -0
  28. package/src/bundled_hashicorp_terraform_skills/terraform-test/SKILL.md +451 -0
  29. package/src/bundled_hashicorp_terraform_skills/terraform-test/references/CI_CD.md +80 -0
  30. package/src/bundled_hashicorp_terraform_skills/terraform-test/references/EXAMPLES.md +314 -0
  31. package/src/bundled_hashicorp_terraform_skills/terraform-test/references/MOCK_PROVIDERS.md +171 -0
  32. package/src/codex-tool-search.ts +267 -0
  33. package/src/context-compaction.ts +538 -0
  34. package/src/history-sanitizer.ts +719 -0
  35. package/src/index.ts +3299 -0
  36. package/src/sandbox/capabilities.ts +69 -0
  37. package/src/sandbox/channel-a.ts +1031 -0
  38. package/src/sandbox/display-stack.ts +231 -0
  39. package/src/sandbox/errors.ts +34 -0
  40. package/src/sandbox/index.ts +832 -0
  41. package/src/sandbox/providers/blaxel.ts +35 -0
  42. package/src/sandbox/providers/cloudflare.ts +24 -0
  43. package/src/sandbox/providers/daytona.ts +34 -0
  44. package/src/sandbox/providers/docker.ts +17 -0
  45. package/src/sandbox/providers/e2b.ts +36 -0
  46. package/src/sandbox/providers/index.ts +107 -0
  47. package/src/sandbox/providers/local.ts +13 -0
  48. package/src/sandbox/providers/modal.ts +55 -0
  49. package/src/sandbox/providers/none.ts +13 -0
  50. package/src/sandbox/providers/runloop.ts +32 -0
  51. package/src/sandbox/providers/selfhosted.ts +96 -0
  52. package/src/sandbox/providers/types.ts +38 -0
  53. package/src/sandbox/providers/vercel.ts +29 -0
  54. package/src/sandbox/recording.ts +286 -0
  55. package/src/sandbox/routing/backend-resolver.ts +189 -0
  56. package/src/sandbox/routing/routing-session.ts +455 -0
  57. package/src/sandbox/select.ts +371 -0
  58. package/src/sandbox/selfhosted/capabilities.ts +255 -0
  59. package/src/sandbox/selfhosted/control-rpc.ts +351 -0
  60. package/src/sandbox/selfhosted/session.ts +930 -0
  61. package/src/sandbox/selfhosted/testing.ts +230 -0
  62. package/src/sandbox/stream-port.ts +185 -0
  63. package/src/sandbox/stream-token.ts +90 -0
  64. package/src/sandbox/terminal-server.ts +203 -0
  65. package/src/sandbox-computer.ts +835 -0
@@ -0,0 +1,391 @@
1
+ # Deployment Configuration Block Reference
2
+
3
+ Complete reference for all blocks available in Terraform Stack deployment configuration files (`.tfdeploy.hcl`).
4
+
5
+ ## Table of Contents
6
+
7
+ 1. [Identity Token Block](#identity-token-block)
8
+ 2. [Locals Block](#locals-block)
9
+ 3. [Deployment Block](#deployment-block)
10
+ 4. [Deployment Group Block](#deployment-group-block)
11
+ 5. [Deployment Auto-Approve Block](#deployment-auto-approve-block)
12
+
13
+ **Note**: For Publish Output and Upstream Input blocks (linked Stacks), see `linked-stacks.md`.
14
+
15
+ ## Identity Token Block
16
+
17
+ Generates JWT tokens for OIDC authentication with cloud providers.
18
+
19
+ ### Syntax
20
+
21
+ ```hcl
22
+ identity_token "<token_name>" {
23
+ audience = [<audience_strings>]
24
+ }
25
+ ```
26
+
27
+ ### Arguments
28
+
29
+ - **token_name** (label, required): Unique identifier for this token
30
+ - **audience** (required): List of audience strings for the JWT
31
+
32
+ ### Accessing Token
33
+
34
+ Reference the JWT using: `identity_token.<n>.jwt`
35
+
36
+ ### Cloud Provider Audiences
37
+
38
+ **AWS:**
39
+ ```hcl
40
+ identity_token "aws" {
41
+ audience = ["aws.workload.identity"]
42
+ }
43
+ ```
44
+
45
+ **Azure:**
46
+ ```hcl
47
+ identity_token "azure" {
48
+ audience = ["api://AzureADTokenExchange"]
49
+ }
50
+ ```
51
+
52
+ **Google Cloud:**
53
+ ```hcl
54
+ identity_token "gcp" {
55
+ audience = ["//iam.googleapis.com/projects/<PROJECT_NUMBER>/locations/global/workloadIdentityPools/<POOL_ID>/providers/<PROVIDER_ID>"]
56
+ }
57
+ ```
58
+
59
+ **Setup Documentation:** For detailed instructions on configuring OIDC/workload identity for each cloud provider (including IAM roles, trust policies, and federated credentials), see: https://developer.hashicorp.com/terraform/cloud-docs/dynamic-provider-credentials
60
+
61
+ ### Examples
62
+
63
+ **Single Token:**
64
+
65
+ ```hcl
66
+ identity_token "aws" {
67
+ audience = ["aws.workload.identity"]
68
+ }
69
+
70
+ deployment "production" {
71
+ inputs = {
72
+ identity_token = identity_token.aws.jwt
73
+ role_arn = var.role_arn
74
+ }
75
+ }
76
+ ```
77
+
78
+ For complete working examples including multi-region identity token usage, see `examples.md`.
79
+
80
+ ## Locals Block
81
+
82
+ Defines local values for reuse within deployment configuration.
83
+
84
+ ### Syntax
85
+
86
+ ```hcl
87
+ locals {
88
+ <n> = <expression>
89
+ }
90
+ ```
91
+
92
+ ### Example
93
+
94
+ ```hcl
95
+ locals {
96
+ aws_regions = ["us-west-1", "us-east-1", "eu-west-1"]
97
+ role_arn = "arn:aws:iam::123456789012:role/hcp-terraform-stacks"
98
+
99
+ common_inputs = {
100
+ project_name = "my-app"
101
+ environment = "production"
102
+ }
103
+ }
104
+ ```
105
+
106
+ ## Deployment Block
107
+
108
+ Defines deployment instances of the Stack.
109
+
110
+ ### Syntax
111
+
112
+ ```hcl
113
+ deployment "<deployment_name>" {
114
+ inputs = {
115
+ <input_name> = <value>
116
+ }
117
+ }
118
+ ```
119
+
120
+ ### Arguments
121
+
122
+ - **deployment_name** (label, required): Unique identifier for this deployment
123
+ - **inputs** (required): Map of input variable values
124
+ - **destroy** (optional, default: false): Boolean flag to destroy this deployment
125
+
126
+ ### Constraints
127
+
128
+ - Minimum 1 deployment per Stack
129
+ - Maximum 20 deployments per Stack
130
+ - No meta-arguments supported (no `for_each`, `count`)
131
+
132
+ ### Destroying a Deployment
133
+
134
+ To safely remove a deployment from your Stack:
135
+
136
+ 1. Set `destroy = true` in the deployment block
137
+ 2. Apply the plan through HCP Terraform
138
+ 3. After successful destruction, remove the deployment block from your configuration
139
+
140
+ **Important**: Using the `destroy` argument ensures your configuration has the provider authentication necessary to properly destroy the deployment's resources.
141
+
142
+ **Example:**
143
+ ```hcl
144
+ deployment "old_environment" {
145
+ inputs = {
146
+ aws_region = "us-west-1"
147
+ instance_count = 2
148
+ role_arn = local.role_arn
149
+ identity_token = identity_token.aws.jwt
150
+ }
151
+ destroy = true # Mark for destruction
152
+ }
153
+ ```
154
+
155
+ After applying this plan and the deployment is destroyed, remove the entire `deployment "old_environment"` block from your configuration.
156
+
157
+ ### Examples
158
+
159
+ **Single Deployment:**
160
+
161
+ ```hcl
162
+ deployment "production" {
163
+ inputs = {
164
+ aws_region = "us-west-1"
165
+ instance_count = 5
166
+ instance_type = "t3.large"
167
+ role_arn = local.role_arn
168
+ identity_token = identity_token.aws.jwt
169
+ }
170
+ }
171
+ ```
172
+
173
+ **Using Locals for Multiple Deployments:**
174
+
175
+ ```hcl
176
+ locals {
177
+ common_inputs = {
178
+ role_arn = "arn:aws:iam::123456789012:role/terraform"
179
+ identity_token = identity_token.aws.jwt
180
+ project_name = "my-app"
181
+ }
182
+ }
183
+
184
+ deployment "dev" {
185
+ inputs = merge(local.common_inputs, {
186
+ aws_region = "us-east-1"
187
+ instance_count = 1
188
+ environment = "dev"
189
+ })
190
+ }
191
+
192
+ deployment "prod" {
193
+ inputs = merge(local.common_inputs, {
194
+ aws_region = "us-west-1"
195
+ instance_count = 5
196
+ environment = "prod"
197
+ })
198
+ }
199
+ ```
200
+
201
+ For complete multi-environment and multi-region deployment examples, see `examples.md`.
202
+
203
+ ## Deployment Group Block
204
+
205
+ Groups deployments together to configure shared settings and auto-approval rules (HCP Terraform Premium tier feature).
206
+
207
+ ### Syntax
208
+
209
+ ```hcl
210
+ deployment_group "<group_name>" {
211
+ deployments = [<deployment_references>]
212
+ }
213
+ ```
214
+
215
+ ### Arguments
216
+
217
+ - **group_name** (label, required): Unique identifier for this deployment group
218
+ - **deployments** (required): List of deployment references to include in this group
219
+
220
+ ### Purpose
221
+
222
+ Deployment groups allow you to:
223
+ - Organize deployments logically (by environment, team, region, etc.)
224
+ - Configure shared auto-approval rules for multiple deployments
225
+ - Manage deployments more effectively at scale
226
+ - Establish consistent configuration patterns across all Stacks
227
+
228
+ ### Examples
229
+
230
+ **Single Deployment Group (Best Practice):**
231
+
232
+ ```hcl
233
+ deployment "production" {
234
+ inputs = {
235
+ aws_region = "us-west-1"
236
+ instance_count = 5
237
+ role_arn = local.role_arn
238
+ identity_token = identity_token.aws.jwt
239
+ }
240
+ }
241
+
242
+ deployment_group "production" {
243
+ deployments = [deployment.production]
244
+ }
245
+ ```
246
+
247
+ **Multiple Deployment Groups:**
248
+
249
+ ```hcl
250
+ deployment_group "non_production" {
251
+ deployments = [
252
+ deployment.development,
253
+ deployment.staging
254
+ ]
255
+ }
256
+
257
+ deployment_group "production" {
258
+ deployments = [
259
+ deployment.prod_us_east,
260
+ deployment.prod_us_west,
261
+ deployment.prod_eu_west
262
+ ]
263
+ }
264
+ ```
265
+
266
+ ## Deployment Auto-Approve Block
267
+
268
+ Defines rules that automatically approve deployment plans based on specific conditions (HCP Terraform Premium feature).
269
+
270
+ ### Syntax
271
+
272
+ ```hcl
273
+ deployment_auto_approve "<rule_name>" {
274
+ deployment_group = deployment_group.<group_name>
275
+
276
+ check {
277
+ condition = <boolean_expression>
278
+ reason = "<failure_message>"
279
+ }
280
+ }
281
+ ```
282
+
283
+ ### Arguments
284
+
285
+ - **rule_name** (label, required): Unique identifier for this auto-approve rule
286
+ - **deployment_group** (required): Reference to the deployment group this rule applies to
287
+ - **check** (required, one or more): Condition that must be met for auto-approval
288
+
289
+ ### Context Variables
290
+
291
+ Access plan information through `context` object:
292
+
293
+ - `context.plan.applyable` - Boolean: plan succeeded without errors
294
+ - `context.plan.changes.add` - Number: resources to add
295
+ - `context.plan.changes.change` - Number: resources to change
296
+ - `context.plan.changes.remove` - Number: resources to remove
297
+ - `context.plan.changes.import` - Number: resources to import
298
+
299
+ ### Important Notes
300
+
301
+ - All checks must pass for auto-approval to occur
302
+ - If any check fails, manual approval is required
303
+ - HCP Terraform displays the failure reason from failed checks
304
+ - Auto-approve rules only apply to deployments in the specified deployment group
305
+
306
+ ### Examples
307
+
308
+ **Auto-approve Successful Plans:**
309
+
310
+ ```hcl
311
+ deployment_group "canary" {
312
+ deployments = [
313
+ deployment.dev,
314
+ deployment.staging
315
+ ]
316
+ }
317
+
318
+ deployment_auto_approve "applyable_plans" {
319
+ deployment_group = deployment_group.canary
320
+
321
+ check {
322
+ condition = context.plan.applyable
323
+ reason = "Plan must be applyable without errors"
324
+ }
325
+ }
326
+ ```
327
+
328
+ **Auto-approve Non-Destructive Changes:**
329
+
330
+ ```hcl
331
+ deployment_group "production" {
332
+ deployments = [
333
+ deployment.prod_primary,
334
+ deployment.prod_secondary
335
+ ]
336
+ }
337
+
338
+ deployment_auto_approve "safe_production_changes" {
339
+ deployment_group = deployment_group.production
340
+
341
+ check {
342
+ condition = context.plan.changes.remove == 0
343
+ reason = "Production deletions require manual approval"
344
+ }
345
+
346
+ check {
347
+ condition = context.plan.applyable
348
+ reason = "Plan must be successful"
349
+ }
350
+ }
351
+ ```
352
+
353
+ **Graduated Rollout Pattern:**
354
+
355
+ ```hcl
356
+ deployment_group "canary" {
357
+ deployments = [deployment.canary]
358
+ }
359
+
360
+ deployment_group "production" {
361
+ deployments = [
362
+ deployment.prod_us,
363
+ deployment.prod_eu,
364
+ deployment.prod_asia
365
+ ]
366
+ }
367
+
368
+ # Canary auto-approves with strict checks
369
+ deployment_auto_approve "canary_strict" {
370
+ deployment_group = deployment_group.canary
371
+
372
+ check {
373
+ condition = context.plan.changes.remove == 0
374
+ reason = "Canary cannot delete resources"
375
+ }
376
+
377
+ check {
378
+ condition = context.plan.changes.change <= 5
379
+ reason = "Canary limited to 5 resource changes"
380
+ }
381
+
382
+ check {
383
+ condition = context.plan.applyable
384
+ reason = "Plan must be applyable"
385
+ }
386
+ }
387
+
388
+ # Production requires manual approval after canary validation
389
+ ```
390
+
391
+ For complete deployment configuration examples with all blocks, see `examples.md`.