@openpalm/lib 0.11.0-beta.2 → 0.11.0-beta.6

package/src/control-plane/lock.test.ts

@@ -1,194 +0,0 @@
-/**
- * Tests for orchestrator lock — acquisition, contention, stale cleanup,
- * corrupt file handling, release, and idempotent release.
- */
-import { describe, it, expect, beforeEach, afterEach } from "bun:test";
-import { mkdirSync, mkdtempSync, rmSync, writeFileSync, existsSync, readFileSync } from "node:fs";
-import { join } from "node:path";
-import { tmpdir } from "node:os";
-import {
-  acquireLock,
-  releaseLock,
-  lockPath,
-  LockAcquisitionError,
-} from "./lock.js";
-import type { LockHandle, LockInfo } from "./lock.js";
-
-let opHome: string;
-
-beforeEach(() => {
-  opHome = mkdtempSync(join(tmpdir(), "lock-test-"));
-  mkdirSync(join(opHome, "data"), { recursive: true });
-});
-
-afterEach(() => {
-  rmSync(opHome, { recursive: true, force: true });
-});
-
-// ── Acquisition ──────────────────────────────────────────────────────────
-
-describe("acquireLock", () => {
-  it("creates a lock file with correct JSON content", () => {
-    const handle = acquireLock(opHome, "install");
-    expect(existsSync(handle.path)).toBe(true);
-
-    const content = JSON.parse(readFileSync(handle.path, "utf-8"));
-    expect(content.pid).toBe(process.pid);
-    expect(content.operation).toBe("install");
-    expect(typeof content.acquiredAt).toBe("string");
-
-    releaseLock(handle);
-  });
-
-  it("returns a handle with correct info", () => {
-    const handle = acquireLock(opHome, "update");
-    expect(handle.info.pid).toBe(process.pid);
-    expect(handle.info.operation).toBe("update");
-    expect(handle.path).toBe(lockPath(opHome));
-
-    releaseLock(handle);
-  });
-
-  it("places lock at {opHome}/data/.openpalm.lock", () => {
-    const handle = acquireLock(opHome, "test");
-    expect(handle.path).toBe(join(opHome, "data", ".openpalm.lock"));
-    releaseLock(handle);
-  });
-});
-
-// ── Contention ───────────────────────────────────────────────────────────
-
-describe("contention", () => {
-  it("throws LockAcquisitionError when lock is already held by this process", () => {
-    const handle = acquireLock(opHome, "install");
-
-    try {
-      expect(() => acquireLock(opHome, "update")).toThrow(LockAcquisitionError);
-    } finally {
-      releaseLock(handle);
-    }
-  });
-
-  it("error includes holder details", () => {
-    const handle = acquireLock(opHome, "install");
-
-    try {
-      acquireLock(opHome, "update");
-      expect.unreachable("should have thrown");
-    } catch (err) {
-      expect(err).toBeInstanceOf(LockAcquisitionError);
-      const lockErr = err as LockAcquisitionError;
-      expect(lockErr.holder.pid).toBe(process.pid);
-      expect(lockErr.holder.operation).toBe("install");
-    } finally {
-      releaseLock(handle);
-    }
-  });
-});
-
-// ── Stale PID cleanup ────────────────────────────────────────────────────
-
-describe("stale PID cleanup", () => {
-  it("cleans up stale lock from a dead PID and acquires", () => {
-    // Write a lock file with a PID that does not exist
-    const stalePid = 99999999; // Very unlikely to be a real process
-    const staleInfo: LockInfo = {
-      pid: stalePid,
-      operation: "old-install",
-      acquiredAt: "2020-01-01T00:00:00.000Z",
-    };
-    writeFileSync(lockPath(opHome), JSON.stringify(staleInfo) + "\n");
-
-    // Should succeed because the PID is dead
-    const handle = acquireLock(opHome, "new-install");
-    expect(handle.info.pid).toBe(process.pid);
-    expect(handle.info.operation).toBe("new-install");
-
-    releaseLock(handle);
-  });
-});
-
-// ── Corrupt file handling ────────────────────────────────────────────────
-
-describe("corrupt lock file", () => {
-  it("recovers from a corrupt lock file", () => {
-    writeFileSync(lockPath(opHome), "not valid json{{{");
-
-    const handle = acquireLock(opHome, "install");
-    expect(handle.info.pid).toBe(process.pid);
-
-    releaseLock(handle);
-  });
-
-  it("recovers from an empty lock file", () => {
-    writeFileSync(lockPath(opHome), "");
-
-    const handle = acquireLock(opHome, "install");
-    expect(handle.info.pid).toBe(process.pid);
-
-    releaseLock(handle);
-  });
-
-  it("recovers from a lock file with missing fields", () => {
-    writeFileSync(lockPath(opHome), JSON.stringify({ pid: 1 }));
-
-    const handle = acquireLock(opHome, "install");
-    expect(handle.info.pid).toBe(process.pid);
-
-    releaseLock(handle);
-  });
-});
-
-// ── Release ──────────────────────────────────────────────────────────────
-
-describe("releaseLock", () => {
-  it("removes the lock file", () => {
-    const handle = acquireLock(opHome, "install");
-    expect(existsSync(handle.path)).toBe(true);
-
-    releaseLock(handle);
-    expect(existsSync(handle.path)).toBe(false);
-  });
-
-  it("is idempotent — second release is a no-op", () => {
-    const handle = acquireLock(opHome, "install");
-    releaseLock(handle);
-    expect(existsSync(handle.path)).toBe(false);
-
-    // Second release should not throw
-    releaseLock(handle);
-    expect(existsSync(handle.path)).toBe(false);
-  });
-
-  it("does not remove lock owned by a different PID", () => {
-    // Simulate a lock file owned by someone else
-    const otherInfo: LockInfo = {
-      pid: 99999999,
-      operation: "other",
-      acquiredAt: new Date().toISOString(),
-    };
-    writeFileSync(lockPath(opHome), JSON.stringify(otherInfo) + "\n");
-
-    // Create a handle that claims to own the lock
-    const fakeHandle: LockHandle = {
-      path: lockPath(opHome),
-      info: {
-        pid: process.pid, // Different from file content
-        operation: "mine",
-        acquiredAt: new Date().toISOString(),
-      },
-    };
-
-    releaseLock(fakeHandle);
-    // Lock file should still exist because PID doesn't match
-    expect(existsSync(lockPath(opHome))).toBe(true);
-  });
-});
-
-// ── lockPath ─────────────────────────────────────────────────────────────
-
-describe("lockPath", () => {
-  it("returns the correct path", () => {
-    expect(lockPath("/home/user/.openpalm")).toBe("/home/user/.openpalm/data/.openpalm.lock");
-  });
-});

package/src/control-plane/lock.ts

@@ -1,176 +0,0 @@
-/**
- * Orchestrator lock — prevents concurrent mutating operations.
- *
- * Uses O_CREAT | O_EXCL for atomic exclusive file creation.
- * Lock file lives at {dataDir}/.openpalm.lock containing JSON
- * with { pid, operation, acquiredAt }.
- *
- * Uses node:fs (not Bun) since lib must be Node-compatible for SvelteKit admin.
- */
-import { openSync, writeSync, closeSync, readFileSync, unlinkSync, mkdirSync, constants } from "node:fs";
-import { dirname } from "node:path";
-
-// ── Types ────────────────────────────────────────────────────────────────
-
-export type LockInfo = {
-  pid: number;
-  operation: string;
-  acquiredAt: string;
-};
-
-export type LockHandle = {
-  path: string;
-  info: LockInfo;
-};
-
-// ── Error ────────────────────────────────────────────────────────────────
-
-export class LockAcquisitionError extends Error {
-  public readonly holder: LockInfo;
-
-  constructor(holder: LockInfo) {
-    super(
-      `Cannot acquire lock: already held by PID ${holder.pid} ` +
-      `for "${holder.operation}" since ${holder.acquiredAt}`
-    );
-    this.name = "LockAcquisitionError";
-    this.holder = holder;
-  }
-}
-
-// ── Path ─────────────────────────────────────────────────────────────────
-
-export function lockPath(opHome: string): string {
-  return `${opHome}/data/.openpalm.lock`;
-}
-
-// ── Stale PID Detection ──────────────────────────────────────────────────
-
-function isProcessAlive(pid: number): boolean {
-  try {
-    process.kill(pid, 0);
-    return true;
-  } catch {
-    return false;
-  }
-}
-
-// ── Read existing lock info ──────────────────────────────────────────────
-
-function readLockInfo(path: string): LockInfo | null {
-  try {
-    const content = readFileSync(path, "utf-8");
-    const parsed = JSON.parse(content);
-    if (
-      typeof parsed.pid === "number" &&
-      typeof parsed.operation === "string" &&
-      typeof parsed.acquiredAt === "string"
-    ) {
-      return parsed as LockInfo;
-    }
-    return null;
-  } catch {
-    return null;
-  }
-}
-
-// ── Acquire / Release ────────────────────────────────────────────────────
-
-export function acquireLock(opHome: string, operation: string): LockHandle {
-  const path = lockPath(opHome);
-  mkdirSync(dirname(path), { recursive: true });
-  const info: LockInfo = {
-    pid: process.pid,
-    operation,
-    acquiredAt: new Date().toISOString(),
-  };
-  const content = JSON.stringify(info) + "\n";
-
-  try {
-    // Atomic exclusive create — fails if file already exists
-    const fd = openSync(path, constants.O_WRONLY | constants.O_CREAT | constants.O_EXCL, 0o644);
-    try {
-      writeSync(fd, content);
-    } finally {
-      closeSync(fd);
-    }
-    return { path, info };
-  } catch (err: unknown) {
-    // File already exists — check if it's stale
-    if ((err as NodeJS.ErrnoException).code === "EEXIST") {
-      const existing = readLockInfo(path);
-
-      if (existing && !isProcessAlive(existing.pid)) {
-        // Stale lock — remove and retry once
-        try {
-          unlinkSync(path);
-        } catch {
-          // Race: another process already removed it; fall through to retry
-        }
-        // Retry acquisition
-        try {
-          const fd = openSync(path, constants.O_WRONLY | constants.O_CREAT | constants.O_EXCL, 0o644);
-          try {
-            writeSync(fd, content);
-          } finally {
-            closeSync(fd);
-          }
-          return { path, info };
-        } catch (retryErr: unknown) {
-          if ((retryErr as NodeJS.ErrnoException).code === "EEXIST") {
-            // Another process won the race — read the new holder
-            const newHolder = readLockInfo(path);
-            throw new LockAcquisitionError(
-              newHolder ?? { pid: 0, operation: "unknown", acquiredAt: "unknown" }
-            );
-          }
-          throw retryErr;
-        }
-      }
-
-      // Lock is held by a live process (or corrupt file — treat as held)
-      if (existing) {
-        throw new LockAcquisitionError(existing);
-      }
-
-      // Corrupt lock file — remove and retry
-      try {
-        unlinkSync(path);
-      } catch {
-        // ignore
-      }
-      try {
-        const fd = openSync(path, constants.O_WRONLY | constants.O_CREAT | constants.O_EXCL, 0o644);
-        try {
-          writeSync(fd, content);
-        } finally {
-          closeSync(fd);
-        }
-        return { path, info };
-      } catch (retryErr: unknown) {
-        if ((retryErr as NodeJS.ErrnoException).code === "EEXIST") {
-          const newHolder = readLockInfo(path);
-          throw new LockAcquisitionError(
-            newHolder ?? { pid: 0, operation: "unknown", acquiredAt: "unknown" }
-          );
-        }
-        throw retryErr;
-      }
-    }
-
-    throw err;
-  }
-}
-
-export function releaseLock(handle: LockHandle): void {
-  // Verify ownership before deleting — only remove if we still own it
-  const existing = readLockInfo(handle.path);
-  if (!existing) return; // Already gone — idempotent
-  if (existing.pid !== handle.info.pid) return; // Not ours — don't touch
-
-  try {
-    unlinkSync(handle.path);
-  } catch {
-    // Already removed — idempotent
-  }
-}

package/src/control-plane/provider-config.ts

@@ -1,34 +0,0 @@
-import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
-import type { ControlPlaneState } from './types.js';
-
-export type SecretProviderConfig = {
-  provider: 'plaintext' | 'pass';
-  passwordStoreDir?: string;
-  passPrefix?: string;
-};
-
-function providerConfigPath(state: ControlPlaneState): string {
-  return `${state.stateDir}/secrets/provider.json`;
-}
-
-export function readSecretProviderConfig(state: ControlPlaneState): SecretProviderConfig | null {
-  const path = providerConfigPath(state);
-  if (!existsSync(path)) return null;
-
-  try {
-    const parsed = JSON.parse(readFileSync(path, 'utf-8')) as SecretProviderConfig;
-    if (parsed?.provider === 'plaintext' || parsed?.provider === 'pass') {
-      return parsed;
-    }
-  } catch {
-    // ignore malformed provider config and fall back to schema detection
-  }
-
-  return null;
-}
-
-export function writeSecretProviderConfig(state: ControlPlaneState, config: SecretProviderConfig): void {
-  const dir = `${state.stateDir}/secrets`;
-  mkdirSync(dir, { recursive: true });
-  writeFileSync(providerConfigPath(state), JSON.stringify(config, null, 2) + '\n');
-}