@pleri/olam-cli 0.1.188 → 0.1.196
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/ask/knowledge-pack.generated.d.ts.map +1 -1
- package/dist/ask/knowledge-pack.generated.js +39 -12
- package/dist/ask/knowledge-pack.generated.js.map +1 -1
- package/dist/commands/bootstrap.d.ts +4 -0
- package/dist/commands/bootstrap.d.ts.map +1 -1
- package/dist/commands/bootstrap.js +6 -9
- package/dist/commands/bootstrap.js.map +1 -1
- package/dist/commands/clean.js +1 -1
- package/dist/commands/clean.js.map +1 -1
- package/dist/commands/completion.d.ts.map +1 -1
- package/dist/commands/completion.js +1 -4
- package/dist/commands/completion.js.map +1 -1
- package/dist/commands/create.d.ts.map +1 -1
- package/dist/commands/create.js +6 -0
- package/dist/commands/create.js.map +1 -1
- package/dist/commands/crystallize.js +12 -14
- package/dist/commands/crystallize.js.map +1 -1
- package/dist/commands/destroy.d.ts +13 -1
- package/dist/commands/destroy.d.ts.map +1 -1
- package/dist/commands/destroy.js +52 -6
- package/dist/commands/destroy.js.map +1 -1
- package/dist/commands/dispatch.d.ts +9 -0
- package/dist/commands/dispatch.d.ts.map +1 -1
- package/dist/commands/dispatch.js +21 -2
- package/dist/commands/dispatch.js.map +1 -1
- package/dist/commands/doctor.d.ts +1 -1
- package/dist/commands/doctor.d.ts.map +1 -1
- package/dist/commands/doctor.js +29 -22
- package/dist/commands/doctor.js.map +1 -1
- package/dist/commands/enter.d.ts +3 -3
- package/dist/commands/enter.d.ts.map +1 -1
- package/dist/commands/enter.js +57 -44
- package/dist/commands/enter.js.map +1 -1
- package/dist/commands/flywheel/index.d.ts.map +1 -1
- package/dist/commands/flywheel/index.js +1 -1
- package/dist/commands/flywheel/index.js.map +1 -1
- package/dist/commands/host-cp.d.ts.map +1 -1
- package/dist/commands/host-cp.js +2 -1
- package/dist/commands/host-cp.js.map +1 -1
- package/dist/commands/implode.d.ts.map +1 -1
- package/dist/commands/implode.js +1 -1
- package/dist/commands/implode.js.map +1 -1
- package/dist/commands/init.d.ts +20 -0
- package/dist/commands/init.d.ts.map +1 -1
- package/dist/commands/init.js +102 -9
- package/dist/commands/init.js.map +1 -1
- package/dist/commands/kg-build.d.ts.map +1 -1
- package/dist/commands/kg-build.js +3 -0
- package/dist/commands/kg-build.js.map +1 -1
- package/dist/commands/kg-classify.d.ts +20 -0
- package/dist/commands/kg-classify.d.ts.map +1 -1
- package/dist/commands/kg-classify.js +59 -42
- package/dist/commands/kg-classify.js.map +1 -1
- package/dist/commands/kg-mirror.d.ts +40 -0
- package/dist/commands/kg-mirror.d.ts.map +1 -0
- package/dist/commands/kg-mirror.js +228 -0
- package/dist/commands/kg-mirror.js.map +1 -0
- package/dist/commands/mcp/index.js +1 -1
- package/dist/commands/mcp/index.js.map +1 -1
- package/dist/commands/memory/index.d.ts.map +1 -1
- package/dist/commands/memory/index.js +1 -1
- package/dist/commands/memory/index.js.map +1 -1
- package/dist/commands/resume.d.ts.map +1 -1
- package/dist/commands/resume.js +1 -1
- package/dist/commands/resume.js.map +1 -1
- package/dist/commands/services-tls.d.ts +120 -0
- package/dist/commands/services-tls.d.ts.map +1 -0
- package/dist/commands/services-tls.js +448 -0
- package/dist/commands/services-tls.js.map +1 -0
- package/dist/commands/services.d.ts.map +1 -1
- package/dist/commands/services.js +28 -1
- package/dist/commands/services.js.map +1 -1
- package/dist/commands/setup-linux-gate.d.ts.map +1 -1
- package/dist/commands/setup-linux-gate.js +1 -3
- package/dist/commands/setup-linux-gate.js.map +1 -1
- package/dist/commands/setup-metrics.d.ts.map +1 -1
- package/dist/commands/setup-metrics.js +1 -2
- package/dist/commands/setup-metrics.js.map +1 -1
- package/dist/commands/setup-phase-5a-skill-source.d.ts +17 -1
- package/dist/commands/setup-phase-5a-skill-source.d.ts.map +1 -1
- package/dist/commands/setup-phase-5a-skill-source.js +69 -6
- package/dist/commands/setup-phase-5a-skill-source.js.map +1 -1
- package/dist/commands/setup.d.ts +26 -1
- package/dist/commands/setup.d.ts.map +1 -1
- package/dist/commands/setup.js +233 -56
- package/dist/commands/setup.js.map +1 -1
- package/dist/commands/skills-onboard.d.ts.map +1 -1
- package/dist/commands/skills-onboard.js +4 -1
- package/dist/commands/skills-onboard.js.map +1 -1
- package/dist/commands/skills-source.d.ts.map +1 -1
- package/dist/commands/skills-source.js +90 -5
- package/dist/commands/skills-source.js.map +1 -1
- package/dist/commands/status.js +1 -1
- package/dist/commands/status.js.map +1 -1
- package/dist/commands/upgrade.d.ts.map +1 -1
- package/dist/commands/upgrade.js +1 -3
- package/dist/commands/upgrade.js.map +1 -1
- package/dist/commands/yolo.d.ts.map +1 -1
- package/dist/commands/yolo.js +1 -1
- package/dist/commands/yolo.js.map +1 -1
- package/dist/context.d.ts +4 -0
- package/dist/context.d.ts.map +1 -1
- package/dist/context.js +3 -2
- package/dist/context.js.map +1 -1
- package/dist/image-digests.json +8 -8
- package/dist/index.js +4150 -2267
- package/dist/index.js.map +1 -1
- package/dist/lib/auth-refresh-kubernetes.d.ts.map +1 -1
- package/dist/lib/auth-refresh-kubernetes.js +14 -5
- package/dist/lib/auth-refresh-kubernetes.js.map +1 -1
- package/dist/lib/bootstrap-kubernetes.d.ts +41 -0
- package/dist/lib/bootstrap-kubernetes.d.ts.map +1 -1
- package/dist/lib/bootstrap-kubernetes.js +289 -36
- package/dist/lib/bootstrap-kubernetes.js.map +1 -1
- package/dist/lib/cf-access-token.d.ts.map +1 -1
- package/dist/lib/cf-access-token.js +2 -3
- package/dist/lib/cf-access-token.js.map +1 -1
- package/dist/lib/config.d.ts +28 -4
- package/dist/lib/config.d.ts.map +1 -1
- package/dist/lib/config.js +82 -11
- package/dist/lib/config.js.map +1 -1
- package/dist/lib/health-probes.d.ts.map +1 -1
- package/dist/lib/health-probes.js +36 -0
- package/dist/lib/health-probes.js.map +1 -1
- package/dist/lib/help-groups.d.ts +36 -0
- package/dist/lib/help-groups.d.ts.map +1 -0
- package/dist/lib/help-groups.js +124 -0
- package/dist/lib/help-groups.js.map +1 -0
- package/dist/lib/k8s-bootstrap.d.ts +6 -0
- package/dist/lib/k8s-bootstrap.d.ts.map +1 -1
- package/dist/lib/k8s-bootstrap.js +15 -2
- package/dist/lib/k8s-bootstrap.js.map +1 -1
- package/dist/lib/k8s-secret-render.d.ts.map +1 -1
- package/dist/lib/k8s-secret-render.js +17 -10
- package/dist/lib/k8s-secret-render.js.map +1 -1
- package/dist/lib/memory-secret.d.ts +15 -2
- package/dist/lib/memory-secret.d.ts.map +1 -1
- package/dist/lib/memory-secret.js +25 -8
- package/dist/lib/memory-secret.js.map +1 -1
- package/dist/lib/upgrade-check.d.ts +60 -0
- package/dist/lib/upgrade-check.d.ts.map +1 -0
- package/dist/lib/upgrade-check.js +169 -0
- package/dist/lib/upgrade-check.js.map +1 -0
- package/dist/lib/upgrade-kubernetes.d.ts +17 -0
- package/dist/lib/upgrade-kubernetes.d.ts.map +1 -1
- package/dist/lib/upgrade-kubernetes.js +125 -1
- package/dist/lib/upgrade-kubernetes.js.map +1 -1
- package/dist/mcp-server.js +2775 -2853
- package/hermes-bundle/version.json +1 -1
- package/host-cp/k8s/manifests/30-configmap.yaml +8 -1
- package/host-cp/k8s/manifests/50-deployment.yaml +1 -1
- package/host-cp/k8s/manifests/60-service.yaml +12 -4
- package/host-cp/k8s/manifests/65-tls-secret-template.yaml.tmpl +35 -0
- package/host-cp/k8s/manifests/70-ingressroute.yaml +58 -0
- package/host-cp/k8s/manifests/auth-service/50-deployment.yaml +1 -1
- package/host-cp/k8s/manifests/kg-service/50-deployment.yaml +1 -1
- package/host-cp/k8s/manifests/mcp-auth-service/50-deployment.yaml +1 -1
- package/host-cp/k8s/manifests/memory-service/50-deployment.yaml +1 -1
- package/host-cp/src/plan-chat-secret.mjs +16 -1
- package/host-cp/src/plan-chat-service.mjs +493 -11
- package/host-cp/src/planning-sessions.mjs +252 -0
- package/host-cp/src/server.mjs +92 -2
- package/package.json +2 -1
|
@@ -0,0 +1,124 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Top-level help grouping for `olam --help`.
|
|
3
|
+
*
|
|
4
|
+
* Organises the 50+ commands into seven logical groups so a new operator
|
|
5
|
+
* can scan and find the right command in under 30 seconds. Extracted from
|
|
6
|
+
* index.ts so the formatter is independently testable.
|
|
7
|
+
*/
|
|
8
|
+
import { Help } from 'commander';
|
|
9
|
+
/**
|
|
10
|
+
* Canonical group definitions for the olam top-level command surface.
|
|
11
|
+
*
|
|
12
|
+
* Order matters — groups appear in this sequence in the help output.
|
|
13
|
+
* When a new command lands, add its name to the appropriate group here.
|
|
14
|
+
*/
|
|
15
|
+
export const HELP_GROUPS = [
|
|
16
|
+
{
|
|
17
|
+
title: 'Setup & install',
|
|
18
|
+
names: ['setup', 'install', 'bootstrap', 'init', 'upgrade', 'update', 'implode'],
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
title: 'Worlds',
|
|
22
|
+
names: [
|
|
23
|
+
'create', 'list', 'status', 'observe', 'dispatch', 'enter',
|
|
24
|
+
'destroy', 'clean', 'restart', 'refresh', 'resume', 'logs',
|
|
25
|
+
'ps', 'world',
|
|
26
|
+
],
|
|
27
|
+
},
|
|
28
|
+
{
|
|
29
|
+
title: 'Auth & secrets',
|
|
30
|
+
names: ['auth', 'keys', 'rekey'],
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
title: 'Skills & knowledge',
|
|
34
|
+
names: ['skills', 'kg', 'ask', 'flywheel'],
|
|
35
|
+
},
|
|
36
|
+
{
|
|
37
|
+
title: 'Substrate & infra',
|
|
38
|
+
names: [
|
|
39
|
+
'substrate', 'host-cp', 'services', 'seed', 'memory', 'mcp',
|
|
40
|
+
'workers', 'tasks', 'plans', 'repos', 'runbooks', 'workspace',
|
|
41
|
+
'worldspec',
|
|
42
|
+
],
|
|
43
|
+
},
|
|
44
|
+
{
|
|
45
|
+
title: 'Dev tools',
|
|
46
|
+
names: ['yolo', 'lanes', 'pr', 'policy-check', 'crystallize', 'begin', 'stop', 'hermes', 'completion'],
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
title: 'Diagnostics',
|
|
50
|
+
names: ['doctor', 'diagnose', 'setup-metrics', 'setup-linux-gate-status', 'config', 'help'],
|
|
51
|
+
},
|
|
52
|
+
];
|
|
53
|
+
/**
|
|
54
|
+
* Build a `formatHelp` override that renders top-level commands in groups.
|
|
55
|
+
*
|
|
56
|
+
* Pass the returned object to `program.configureHelp({ formatHelp })`.
|
|
57
|
+
* Subcommand help (where `cmd.parent !== null`) is delegated to commander's
|
|
58
|
+
* default formatter unchanged.
|
|
59
|
+
*
|
|
60
|
+
* @param groups Group definitions (defaults to {@link HELP_GROUPS}).
|
|
61
|
+
* @param warnUncategorized When `true` (default), uncategorized commands emit
|
|
62
|
+
* a stderr warning so the missing entry is visible during development.
|
|
63
|
+
*/
|
|
64
|
+
export function buildGroupedHelpFormatter(groups = HELP_GROUPS, warnUncategorized = true) {
|
|
65
|
+
return {
|
|
66
|
+
formatHelp(cmd, helper) {
|
|
67
|
+
// Delegate subcommand help to the default formatter unchanged.
|
|
68
|
+
// Must call Help.prototype directly — `helper.formatHelp` resolves to
|
|
69
|
+
// THIS override (the configured help instance), causing infinite
|
|
70
|
+
// recursion on any subcommand `--help` (or any subcommand with no
|
|
71
|
+
// explicit handler, like `olam auth`). Crashed live with
|
|
72
|
+
// "Maximum call stack size exceeded" after #1350 merge.
|
|
73
|
+
if (cmd.parent !== null) {
|
|
74
|
+
return Help.prototype.formatHelp.call(helper, cmd, helper);
|
|
75
|
+
}
|
|
76
|
+
const visibleCmds = helper.visibleCommands(cmd);
|
|
77
|
+
const term = (c) => helper.subcommandTerm(c);
|
|
78
|
+
const desc = (c) => helper.subcommandDescription(c);
|
|
79
|
+
// Uniform column width across ALL commands for consistent alignment.
|
|
80
|
+
const maxTermLen = visibleCmds.reduce((max, c) => Math.max(max, term(c).length), 0);
|
|
81
|
+
const pad = maxTermLen + 2;
|
|
82
|
+
const formatCmd = (c) => ` ${term(c).padEnd(pad)}${desc(c)}`;
|
|
83
|
+
const byName = new Map(visibleCmds.map((c) => [c.name(), c]));
|
|
84
|
+
const categorized = new Set();
|
|
85
|
+
const groupSections = groups
|
|
86
|
+
.map(({ title, names }) => {
|
|
87
|
+
const cmds = names.flatMap((n) => {
|
|
88
|
+
const c = byName.get(n);
|
|
89
|
+
if (c) {
|
|
90
|
+
categorized.add(n);
|
|
91
|
+
return [c];
|
|
92
|
+
}
|
|
93
|
+
return [];
|
|
94
|
+
});
|
|
95
|
+
if (cmds.length === 0)
|
|
96
|
+
return '';
|
|
97
|
+
return `${title}:\n${cmds.map(formatCmd).join('\n')}`;
|
|
98
|
+
})
|
|
99
|
+
.filter(Boolean);
|
|
100
|
+
const other = visibleCmds.filter((c) => !categorized.has(c.name()));
|
|
101
|
+
if (warnUncategorized && other.length > 0) {
|
|
102
|
+
process.stderr.write(`[olam help] uncategorized commands (add to HELP_GROUPS in lib/help-groups.ts): ${other
|
|
103
|
+
.map((c) => c.name())
|
|
104
|
+
.join(', ')}\n`);
|
|
105
|
+
}
|
|
106
|
+
const otherSection = other.length > 0 ? `Other:\n${other.map(formatCmd).join('\n')}` : '';
|
|
107
|
+
// Header: usage line + options block. We call the Commander Help
|
|
108
|
+
// prototype's formatHelp directly (bypassing our override) with a
|
|
109
|
+
// zero-commands shim so the default "Commands:" section is suppressed.
|
|
110
|
+
// We then emit our own grouped sections beneath it.
|
|
111
|
+
const headerHelper = Object.assign(Object.create(Help.prototype), helper, {
|
|
112
|
+
visibleCommands: () => [],
|
|
113
|
+
});
|
|
114
|
+
const headerOnly = Help.prototype.formatHelp.call(headerHelper, cmd, headerHelper);
|
|
115
|
+
const parts = [
|
|
116
|
+
headerOnly,
|
|
117
|
+
...groupSections,
|
|
118
|
+
...(otherSection ? [otherSection] : []),
|
|
119
|
+
].filter(Boolean);
|
|
120
|
+
return parts.join('\n\n') + '\n';
|
|
121
|
+
},
|
|
122
|
+
};
|
|
123
|
+
}
|
|
124
|
+
//# sourceMappingURL=help-groups.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"help-groups.js","sourceRoot":"","sources":["../../src/lib/help-groups.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AASjC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,WAAW,GAAyB;IAC/C;QACE,KAAK,EAAE,iBAAiB;QACxB,KAAK,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,CAAC;KACjF;IACD;QACE,KAAK,EAAE,QAAQ;QACf,KAAK,EAAE;YACL,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,OAAO;YAC1D,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM;YAC1D,IAAI,EAAE,OAAO;SACd;KACF;IACD;QACE,KAAK,EAAE,gBAAgB;QACvB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC;KACjC;IACD;QACE,KAAK,EAAE,oBAAoB;QAC3B,KAAK,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,CAAC;KAC3C;IACD;QACE,KAAK,EAAE,mBAAmB;QAC1B,KAAK,EAAE;YACL,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK;YAC3D,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW;YAC7D,WAAW;SACZ;KACF;IACD;QACE,KAAK,EAAE,WAAW;QAClB,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,CAAC;KACvG;IACD;QACE,KAAK,EAAE,aAAa;QACpB,KAAK,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,eAAe,EAAE,yBAAyB,EAAE,QAAQ,EAAE,MAAM,CAAC;KAC5F;CACF,CAAC;AAEF;;;;;;;;;;GAUG;AACH,MAAM,UAAU,yBAAyB,CACvC,SAA+B,WAAW,EAC1C,iBAAiB,GAAG,IAAI;IAExB,OAAO;QACL,UAAU,CAAC,GAAY,EAAE,MAAY;YACnC,+DAA+D;YAC/D,sEAAsE;YACtE,iEAAiE;YACjE,kEAAkE;YAClE,yDAAyD;YACzD,wDAAwD;YACxD,IAAI,GAAG,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;gBACxB,OAAO,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;YAC7D,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;YAChD,MAAM,IAAI,GAAG,CAAC,CAA0B,EAAE,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;YACtE,MAAM,IAAI,GAAG,CAAC,CAA0B,EAAE,EAAE,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;YAE7E,qEAAqE;YACrE,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CACnC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,EACzC,CAAC,CACF,CAAC;YACF,MAAM,GAAG,GAAG,UAAU,GAAG,CAAC,CAAC;YAE3B,MAAM,SAAS,GAAG,CAAC,CAA0B,EAAE,EAAE,CAC/C,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YAEvC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9D,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;YAEtC,MAAM,aAAa,GAAG,MAAM;iBACzB,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,EAAE;gBACxB,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;oBAC/B,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;oBACxB,IAAI,CAAC,EAAE,CAAC;wBACN,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;wBACnB,OAAO,CAAC,CAAC,CAAC,CAAC;oBACb,CAAC;oBACD,OAAO,EAAE,CAAC;gBACZ,CAAC,CAAC,CAAC;gBACH,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO,EAAE,CAAC;gBACjC,OAAO,GAAG,KAAK,MAAM,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACxD,CAAC,CAAC;iBACD,MAAM,CAAC,OAAO,CAAC,CAAC;YAEnB,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YACpE,IAAI,iBAAiB,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1C,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,kFAAkF,KAAK;qBACpF,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;qBACpB,IAAI,CAAC,IAAI,CAAC,IAAI,CAClB,CAAC;YACJ,CAAC;YACD,MAAM,YAAY,GAChB,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAEvE,iEAAiE;YACjE,kEAAkE;YAClE,uEAAuE;YACvE,oDAAoD;YACpD,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAS,EAAE,MAAM,EAAE;gBAChF,eAAe,EAAE,GAAG,EAAE,CAAC,EAAyC;aACjE,CAAC,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;YAEnF,MAAM,KAAK,GAAG;gBACZ,UAAU;gBACV,GAAG,aAAa;gBAChB,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aACxC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAElB,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;QACnC,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -68,6 +68,12 @@ export interface BootstrapDeps {
|
|
|
68
68
|
readonly stderr?: NodeJS.WritableStream;
|
|
69
69
|
/** Hook into kubectlApply for tests (overrides the kubectlWrap path entirely). */
|
|
70
70
|
readonly applyImpl?: typeof kubectlApply;
|
|
71
|
+
/**
|
|
72
|
+
* Optional progress callback invoked for each manifest/secret being applied.
|
|
73
|
+
* When provided, replaces the per-item stdout.write so callers (e.g. upgrade-kubernetes)
|
|
74
|
+
* can route progress through a spinner's `.text` instead of newlining to stdout.
|
|
75
|
+
*/
|
|
76
|
+
readonly onProgress?: (label: string) => void;
|
|
71
77
|
}
|
|
72
78
|
export interface BootstrapOptions {
|
|
73
79
|
readonly context: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"k8s-bootstrap.d.ts","sourceRoot":"","sources":["../../src/lib/k8s-bootstrap.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAKH,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAGhD,OAAO,EAEL,KAAK,UAAU,EACf,KAAK,YAAY,EAElB,MAAM,wBAAwB,CAAC;AAEhC,eAAO,MAAM,aAAa,SAAS,CAAC;AAqCpC;;;;GAIG;AACH,iBAAe,YAAY,CACzB,OAAO,EAAE,MAAM,EACf,MAAM,EAAE;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,SAAS,EAAE,MAAM,CAAA;CAAE,EAChD,IAAI,EAAE,aAAa,GAClB,OAAO,CAAC;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAQ1C;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAAC,cAAc,GAAE,MAAsB,GAAG,MAAM,GAAG,IAAI,CAQ1F;AAED,MAAM,WAAW,aAAa;IAC5B,wCAAwC;IACxC,QAAQ,CAAC,eAAe,CAAC,EAAE,OAAO,WAAW,CAAC;IAC9C,qFAAqF;IACrF,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,sFAAsF;IACtF,QAAQ,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC;IACjC,0CAA0C;IAC1C,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC;IACxC,oCAAoC;IACpC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC;IACxC,kFAAkF;IAClF,QAAQ,CAAC,SAAS,CAAC,EAAE,OAAO,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"k8s-bootstrap.d.ts","sourceRoot":"","sources":["../../src/lib/k8s-bootstrap.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAKH,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAGhD,OAAO,EAEL,KAAK,UAAU,EACf,KAAK,YAAY,EAElB,MAAM,wBAAwB,CAAC;AAEhC,eAAO,MAAM,aAAa,SAAS,CAAC;AAqCpC;;;;GAIG;AACH,iBAAe,YAAY,CACzB,OAAO,EAAE,MAAM,EACf,MAAM,EAAE;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,SAAS,EAAE,MAAM,CAAA;CAAE,EAChD,IAAI,EAAE,aAAa,GAClB,OAAO,CAAC;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAQ1C;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAAC,cAAc,GAAE,MAAsB,GAAG,MAAM,GAAG,IAAI,CAQ1F;AAED,MAAM,WAAW,aAAa;IAC5B,wCAAwC;IACxC,QAAQ,CAAC,eAAe,CAAC,EAAE,OAAO,WAAW,CAAC;IAC9C,qFAAqF;IACrF,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,sFAAsF;IACtF,QAAQ,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC;IACjC,0CAA0C;IAC1C,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC;IACxC,oCAAoC;IACpC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC;IACxC,kFAAkF;IAClF,QAAQ,CAAC,SAAS,CAAC,EAAE,OAAO,YAAY,CAAC;IACzC;;;;OAIG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/C;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,4FAA4F;IAC5F,QAAQ,CAAC,aAAa,CAAC,EAAE,OAAO,CAAC;IACjC,wFAAwF;IACxF,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED,MAAM,MAAM,WAAW,GACnB;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAClC;IAAE,IAAI,EAAE,QAAQ,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC;AAErC,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC;IAC7C,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;QAAE,IAAI,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC5F,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC,YAAY,CAAC,CAAC;CACrD;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,gBAAgB,EACtB,IAAI,GAAE,aAAkB,GACvB,OAAO,CAAC;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,eAAe,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAoGxE;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,IAAI,aAAa,CAAC,MAAM,CAAC,CAE3D"}
|
|
@@ -121,6 +121,7 @@ export async function ensureK8sBootstrap(opts, deps = {}) {
|
|
|
121
121
|
const stderr = deps.stderr ?? process.stderr;
|
|
122
122
|
const namespace = opts.namespace ?? K8S_NAMESPACE;
|
|
123
123
|
const apply = deps.applyImpl ?? kubectlApply;
|
|
124
|
+
const onProgress = deps.onProgress;
|
|
124
125
|
const assetsRoot = deps.k8sAssetsRoot ?? resolveK8sAssetsRoot();
|
|
125
126
|
if (assetsRoot === null || !existsSync(assetsRoot)) {
|
|
126
127
|
return {
|
|
@@ -154,7 +155,13 @@ export async function ensureK8sBootstrap(opts, deps = {}) {
|
|
|
154
155
|
skipped.push({ kind: 'manifest', ref: mp, reason: 'file not found in bundle (older package?)' });
|
|
155
156
|
continue;
|
|
156
157
|
}
|
|
157
|
-
|
|
158
|
+
const label = ` → applying ${mp.replace(assetsRoot, '<k8s-assets>')}`;
|
|
159
|
+
if (onProgress) {
|
|
160
|
+
onProgress(label);
|
|
161
|
+
}
|
|
162
|
+
else {
|
|
163
|
+
stdout.write(`${label}\n`);
|
|
164
|
+
}
|
|
158
165
|
const r = await apply(opts.context, { path: mp }, deps);
|
|
159
166
|
if (!r.ok) {
|
|
160
167
|
stderr.write(`error: kubectl apply -f ${mp} failed:\n${r.stderr}\n`);
|
|
@@ -181,7 +188,13 @@ export async function ensureK8sBootstrap(opts, deps = {}) {
|
|
|
181
188
|
applied.push({ kind: 'secret', name: r.secretName });
|
|
182
189
|
continue;
|
|
183
190
|
}
|
|
184
|
-
|
|
191
|
+
const secretLabel = ` → applying Secret ${r.secretName}`;
|
|
192
|
+
if (onProgress) {
|
|
193
|
+
onProgress(secretLabel);
|
|
194
|
+
}
|
|
195
|
+
else {
|
|
196
|
+
stdout.write(`${secretLabel}\n`);
|
|
197
|
+
}
|
|
185
198
|
const a = await apply(opts.context, { stdinYaml: r.renderedYaml }, deps);
|
|
186
199
|
if (!a.ok) {
|
|
187
200
|
stderr.write(`error: kubectl apply Secret ${r.secretName} failed:\n${a.stderr}\n`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"k8s-bootstrap.js","sourceRoot":"","sources":["../../src/lib/k8s-bootstrap.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAChE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EACL,gBAAgB,EAGhB,wBAAwB,GACzB,MAAM,wBAAwB,CAAC;AAEhC,MAAM,CAAC,MAAM,aAAa,GAAG,MAAM,CAAC;AAEpC;;;;;GAKG;AACH,MAAM,wBAAwB,GAAG;IAC/B,mBAAmB;IACnB,wBAAwB;IACxB,cAAc;IACd,mBAAmB;IACnB,aAAa;CACL,CAAC;AAEX;;;;GAIG;AACH,MAAM,kBAAkB,GAAG;IACzB,cAAc;IACd,kBAAkB;IAClB,YAAY;IACZ,gBAAgB;IAChB,oEAAoE;IACpE,uEAAuE;IACvE,6DAA6D;IAC7D,6DAA6D;IAC7D,iBAAiB;IACjB,iBAAiB;IACjB,mBAAmB;CACX,CAAC;AAEX,MAAM,uBAAuB,GAAG,CAAC,wBAAwB,EAAE,cAAc,EAAE,mBAAmB,EAAE,aAAa,CAAU,CAAC;AAExH;;;;GAIG;AACH,KAAK,UAAU,YAAY,CACzB,OAAe,EACf,MAAgD,EAChD,IAAmB;IAEnB,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,IAAI,WAAW,CAAC;IACjD,IAAI,MAAM,IAAI,MAAM,EAAE,CAAC;QACrB,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;QAC9F,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IACxC,CAAC;IACD,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;IAC/G,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;AACxC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,iBAAyB,WAAW,EAAE;IACzE,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;IACzD,IAAI,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAC;IAC5C,yEAAyE;IACzE,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;IAC9D,IAAI,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAC;IAC1C,OAAO,IAAI,CAAC;AACd,CAAC;
|
|
1
|
+
{"version":3,"file":"k8s-bootstrap.js","sourceRoot":"","sources":["../../src/lib/k8s-bootstrap.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAChE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EACL,gBAAgB,EAGhB,wBAAwB,GACzB,MAAM,wBAAwB,CAAC;AAEhC,MAAM,CAAC,MAAM,aAAa,GAAG,MAAM,CAAC;AAEpC;;;;;GAKG;AACH,MAAM,wBAAwB,GAAG;IAC/B,mBAAmB;IACnB,wBAAwB;IACxB,cAAc;IACd,mBAAmB;IACnB,aAAa;CACL,CAAC;AAEX;;;;GAIG;AACH,MAAM,kBAAkB,GAAG;IACzB,cAAc;IACd,kBAAkB;IAClB,YAAY;IACZ,gBAAgB;IAChB,oEAAoE;IACpE,uEAAuE;IACvE,6DAA6D;IAC7D,6DAA6D;IAC7D,iBAAiB;IACjB,iBAAiB;IACjB,mBAAmB;CACX,CAAC;AAEX,MAAM,uBAAuB,GAAG,CAAC,wBAAwB,EAAE,cAAc,EAAE,mBAAmB,EAAE,aAAa,CAAU,CAAC;AAExH;;;;GAIG;AACH,KAAK,UAAU,YAAY,CACzB,OAAe,EACf,MAAgD,EAChD,IAAmB;IAEnB,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,IAAI,WAAW,CAAC;IACjD,IAAI,MAAM,IAAI,MAAM,EAAE,CAAC;QACrB,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;QAC9F,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IACxC,CAAC;IACD,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;IAC/G,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;AACxC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,iBAAyB,WAAW,EAAE;IACzE,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;IACzD,IAAI,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAC;IAC5C,yEAAyE;IACzE,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;IAC9D,IAAI,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAC;IAC1C,OAAO,IAAI,CAAC;AACd,CAAC;AA0CD;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,IAAsB,EACtB,OAAsB,EAAE;IAExB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IAC7C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,aAAa,CAAC;IAClD,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,IAAI,YAAY,CAAC;IAC7C,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;IAEnC,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,IAAI,oBAAoB,EAAE,CAAC;IAChE,IAAI,UAAU,KAAK,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACnD,OAAO;YACL,QAAQ,EAAE,CAAC;YACX,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,aAAa,EAAE,EAAE,EAAE;YACvD,KAAK,EACH,2GAA2G;gBAC3G,6DAA6D;SAChE,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IACpD,MAAM,OAAO,GAAkB,EAAE,CAAC;IAClC,MAAM,OAAO,GAAsE,EAAE,CAAC;IAEtF,0DAA0D;IAC1D,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,MAAM,CAAC,IAAI,wBAAwB,EAAE,CAAC;QACzC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,kBAAkB,EAAE,CAAC;QACrC,KAAK,MAAM,CAAC,IAAI,uBAAuB,EAAE,CAAC;YACxC,MAAM,CAAC,GAAG,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACtC,IAAI,UAAU,CAAC,CAAC,CAAC;gBAAE,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;QAC/B,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;YAC7C,SAAS;QACX,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC;YACpB,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE,2CAA2C,EAAE,CAAC,CAAC;YACjG,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,gBAAgB,EAAE,CAAC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,EAAE,CAAC;QACvE,IAAI,UAAU,EAAE,CAAC;YACf,UAAU,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,KAAK,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;QAC7B,CAAC;QACD,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;QACxD,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YACV,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,aAAa,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC;YACrE,OAAO;gBACL,QAAQ,EAAE,CAAC;gBACX,MAAM,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,EAAE;gBAC/C,KAAK,EAAE,oBAAoB,EAAE,SAAS;aACvC,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,+BAA+B;IAC/B,MAAM,EAAE,OAAO,EAAE,GAAG,gBAAgB,CAClC,UAAU,EACV,EAAE,MAAM,EAAE,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,EACzE,IAAI,CAAC,UAAU,IAAI,EAAE,CACtB,CAAC;IAEF,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,MAAM,GAAG,yBAAyB,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtE,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC,CAAC;YAC5D,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,UAAU,cAAc,MAAM,IAAI,CAAC,CAAC;YACnE,MAAM,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;YACxE,MAAM,CAAC,KAAK,CAAC,6BAA6B,IAAI,CAAC,OAAO,aAAa,SAAS,oDAAoD,CAAC,CAAC;YAClI,SAAS;QACX,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;YACrD,SAAS;QACX,CAAC;QACD,MAAM,WAAW,GAAG,uBAAuB,CAAC,CAAC,UAAU,EAAE,CAAC;QAC1D,IAAI,UAAU,EAAE,CAAC;YACf,UAAU,CAAC,WAAW,CAAC,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,KAAK,CAAC,GAAG,WAAW,IAAI,CAAC,CAAC;QACnC,CAAC;QACD,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,YAAa,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1E,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YACV,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC,UAAU,aAAa,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC;YACnF,OAAO;gBACL,QAAQ,EAAE,CAAC;gBACX,MAAM,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE;gBACpD,KAAK,EAAE,wBAAwB,CAAC,CAAC,UAAU,SAAS;aACrD,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,EAAE,CAAC;AAC/E,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB;IACjC,OAAO,wBAAwB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;AAC3D,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"k8s-secret-render.d.ts","sourceRoot":"","sources":["../../src/lib/k8s-secret-render.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;
|
|
1
|
+
{"version":3,"file":"k8s-secret-render.d.ts","sourceRoot":"","sources":["../../src/lib/k8s-secret-render.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AASH,eAAO,MAAM,sBAAsB,QAA8C,CAAC;AAGlF;;;;GAIG;AACH,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,YAAY,EAAE,aAAa,CAAC;QACnC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;QAC7B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,MAAM,EACX;YAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;YAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;SAAE,GACpD;YAAE,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAA;SAAE,GAO7B;YAAE,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAA;SAAE,CAAC;KACrC,CAAC,CAAC;CACJ;AAED,2EAA2E;AAC3E,eAAO,MAAM,wBAAwB,EAAE,aAAa,CAAC,qBAAqB,CAmFzE,CAAC;AAEF,gFAAgF;AAChF,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,QAAQ,CAAC,OAAO,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CAC1C;AAED,2FAA2F;AAC3F,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;IACpB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;CAClD;AAED,wEAAwE;AACxE,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,KAAK,MAAM,CAAC;IAC1D,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,IAAI,CAAC;IACxE,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC;IAChD,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,MAAM,CAAC;IACrC,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAC9D,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,eAAe,GAAG,IAAI,CAAC;IAClD,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,EAAE,eAAe,KAAK,IAAI,CAAC;IACvD,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC;CACzC;AAuBD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,SAAS,GAAE,MAA+B,GAAG,eAAe,GAAG,IAAI,CAUnG;AAED,8CAA8C;AAC9C,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,eAAe,EAAE,SAAS,GAAE,MAA+B,GAAG,IAAI,CAW1G;AAED;;;;;;GAMG;AACH,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,SAAS,CAAC;IACxC,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,QAAQ,CAAC,cAAc,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CAChD;AAoDD;;;;;;;;GAQG;AACH,wBAAgB,sBAAsB,CACpC,YAAY,EAAE,MAAM,EACpB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAC7B,MAAM,CAOR;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAC7B,OAAO,EAAE,qBAAqB,EAC9B,aAAa,EAAE,MAAM,EACrB,KAAK,EAAE,cAAc,GAAG,IAAI,EAC5B,IAAI,GAAE,UAAe,EACrB,MAAM,GAAE,OAAe,GACtB,YAAY,CAgDd;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAC9B,aAAa,EAAE,MAAM,EACrB,IAAI,EAAE;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,EAC7D,IAAI,GAAE,UAAe,GACpB;IAAE,OAAO,EAAE,aAAa,CAAC,YAAY,CAAC,CAAC;IAAC,SAAS,EAAE,eAAe,CAAA;CAAE,CAiCtE"}
|
|
@@ -36,7 +36,8 @@ import { existsSync, readFileSync, writeFileSync, mkdirSync, chmodSync, statSync
|
|
|
36
36
|
import { join, dirname } from 'node:path';
|
|
37
37
|
import { randomBytes } from 'node:crypto';
|
|
38
38
|
import { OLAM_HOME } from './config.js';
|
|
39
|
-
|
|
39
|
+
import { resolveSecretPath } from '@olam/core/src/secrets/paths.js';
|
|
40
|
+
export const K8S_SECRETS_STATE_PATH = resolveSecretPath('k8s-secrets-state.json');
|
|
40
41
|
const SECRET_HEX_BYTES = 32; // 64-char hex tokens — mirrors memory-secret.ts SECRET_LEN_BYTES.
|
|
41
42
|
/** Canonical mapping for the 5 secret templates that ship with the CLI. */
|
|
42
43
|
export const SECRET_TEMPLATE_BINDINGS = [
|
|
@@ -133,7 +134,7 @@ const defaultRunGhTokenCmd = () => {
|
|
|
133
134
|
};
|
|
134
135
|
const defaultReadFile = (p, enc) => readFileSync(p, enc);
|
|
135
136
|
const defaultWriteFile = (p, data, mode) => {
|
|
136
|
-
mkdirSync(dirname(p), { recursive: true });
|
|
137
|
+
mkdirSync(dirname(p), { recursive: true, mode: 0o700 });
|
|
137
138
|
writeFileSync(p, data, { encoding: 'utf8', mode });
|
|
138
139
|
// writeFileSync's mode is umask-respecting; chmod explicitly to be safe.
|
|
139
140
|
chmodSync(p, mode);
|
|
@@ -158,7 +159,7 @@ export function readSecretsState(statePath = K8S_SECRETS_STATE_PATH) {
|
|
|
158
159
|
}
|
|
159
160
|
/** Atomically write the state file (0600). */
|
|
160
161
|
export function writeSecretsState(state, statePath = K8S_SECRETS_STATE_PATH) {
|
|
161
|
-
mkdirSync(dirname(statePath), { recursive: true });
|
|
162
|
+
mkdirSync(dirname(statePath), { recursive: true, mode: 0o700 });
|
|
162
163
|
const tmp = `${statePath}.tmp.${process.pid}`;
|
|
163
164
|
writeFileSync(tmp, JSON.stringify(state, null, 2) + '\n', { encoding: 'utf8', mode: 0o600 });
|
|
164
165
|
chmodSync(tmp, 0o600);
|
|
@@ -179,21 +180,27 @@ function resolveSourceValue(source, olamHome, reuseFromState, rotate, deps) {
|
|
|
179
180
|
return { ok: true, value: reuseFromState };
|
|
180
181
|
}
|
|
181
182
|
if (source.kind === 'file') {
|
|
182
|
-
|
|
183
|
-
//
|
|
183
|
+
// Prefer ~/.olam/secrets/<name> (new canonical); fall back to ~/.olam/<name> (legacy).
|
|
184
|
+
// When an olamHome override is injected (tests), use that base for both locations.
|
|
185
|
+
const newPath = join(olamHome, 'secrets', source.hostFile);
|
|
186
|
+
const legacyPath = join(olamHome, source.hostFile);
|
|
187
|
+
const readFilePath = deps.fileExists(newPath) ? newPath : legacyPath;
|
|
188
|
+
// Always write to the canonical new location.
|
|
189
|
+
const writeFilePath = newPath;
|
|
190
|
+
// Rotation: always generate fresh value, overwrite the canonical file.
|
|
184
191
|
if (rotate) {
|
|
185
192
|
const fresh = deps.genRandomHex();
|
|
186
|
-
deps.writeFile(
|
|
193
|
+
deps.writeFile(writeFilePath, fresh, 0o600);
|
|
187
194
|
return { ok: true, value: fresh };
|
|
188
195
|
}
|
|
189
|
-
if (deps.fileExists(
|
|
190
|
-
const value = deps.readFile(
|
|
196
|
+
if (deps.fileExists(readFilePath)) {
|
|
197
|
+
const value = deps.readFile(readFilePath, 'utf8').trim();
|
|
191
198
|
if (value.length > 0)
|
|
192
199
|
return { ok: true, value };
|
|
193
200
|
}
|
|
194
|
-
// Missing or empty — generate, persist, return.
|
|
201
|
+
// Missing or empty — generate, persist to canonical, return.
|
|
195
202
|
const fresh = deps.genRandomHex();
|
|
196
|
-
deps.writeFile(
|
|
203
|
+
deps.writeFile(writeFilePath, fresh, 0o600);
|
|
197
204
|
return { ok: true, value: fresh };
|
|
198
205
|
}
|
|
199
206
|
if (source.kind === 'random-hex') {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"k8s-secret-render.js","sourceRoot":"","sources":["../../src/lib/k8s-secret-render.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAC9G,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"k8s-secret-render.js","sourceRoot":"","sources":["../../src/lib/k8s-secret-render.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAC9G,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AAEpE,MAAM,CAAC,MAAM,sBAAsB,GAAG,iBAAiB,CAAC,wBAAwB,CAAC,CAAC;AAClF,MAAM,gBAAgB,GAAG,EAAE,CAAC,CAAC,kEAAkE;AA0B/F,2EAA2E;AAC3E,MAAM,CAAC,MAAM,wBAAwB,GAAyC;IAC5E;QACE,UAAU,EAAE,qBAAqB;QACjC,eAAe,EAAE,mCAAmC;QACpD,YAAY,EAAE;YACZ;gBACE,WAAW,EAAE,0CAA0C;gBACvD,GAAG,EAAE,kBAAkB;gBACvB,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE;aAClD;YACD;gBACE,WAAW,EAAE,+BAA+B;gBAC5C,GAAG,EAAE,UAAU;gBACf,MAAM,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;aAC7B;SACF;KACF;IACD;QACE,UAAU,EAAE,0BAA0B;QACtC,eAAe,EAAE,6CAA6C;QAC9D,YAAY,EAAE;YACZ;gBACE,WAAW,EAAE,6CAA6C;gBAC1D,GAAG,EAAE,qBAAqB;gBAC1B,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE;aACrD;SACF;KACF;IACD;QACE,UAAU,EAAE,8BAA8B;QAC1C,eAAe,EAAE,iDAAiD;QAClE,YAAY,EAAE;YACZ;gBACE,WAAW,EAAE,kDAAkD;gBAC/D,GAAG,EAAE,0BAA0B;gBAC/B,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,qBAAqB,EAAE;aAC1D;SACF;KACF;IACD;QACE,UAAU,EAAE,wBAAwB;QACpC,eAAe,EAAE,2CAA2C;QAC5D,YAAY,EAAE;YACZ;gBACE,WAAW,EAAE,8CAA8C;gBAC3D,GAAG,EAAE,sBAAsB;gBAC3B,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,iBAAiB,EAAE;aACtD;SACF;KACF;IACD;QACE,UAAU,EAAE,4BAA4B;QACxC,eAAe,EAAE,+CAA+C;QAChE,YAAY,EAAE;YACZ;gBACE,WAAW,EAAE,mDAAmD;gBAChE,GAAG,EAAE,2BAA2B;gBAChC,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,sBAAsB,EAAE;aAC3D;SACF;KACF;IACD;QACE,UAAU,EAAE,uBAAuB;QACnC,eAAe,EAAE,kDAAkD;QACnE,YAAY,EAAE;YACZ;gBACE,WAAW,EAAE,+CAA+C;gBAC5D,GAAG,EAAE,kBAAkB;gBACvB,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE;aACvD;SACF;KACF;IACD;QACE,UAAU,EAAE,6BAA6B;QACzC,eAAe,EAAE,gDAAgD;QACjE,YAAY,EAAE;YACZ;gBACE,WAAW,EAAE,gCAAgC;gBAC7C,GAAG,EAAE,mBAAmB;gBACxB,MAAM,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE;aAC/B;SACF;KACF;CACF,CAAC;AA+BF,MAAM,mBAAmB,GAAG,GAAW,EAAE,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAExF,MAAM,oBAAoB,GAAG,GAAmC,EAAE;IAChE,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;IACtG,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;IAC9C,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;AAClC,CAAC,CAAC;AAEF,MAAM,eAAe,GAAG,CAAC,CAAS,EAAE,GAAW,EAAU,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAEjF,MAAM,gBAAgB,GAAG,CAAC,CAAS,EAAE,IAAY,EAAE,IAAY,EAAQ,EAAE;IACvE,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACxD,aAAa,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IACnD,yEAAyE;IACzE,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,CAAS,EAAW,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;AAEhE;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,YAAoB,sBAAsB;IACzE,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IACxC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QAC5C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAyB,CAAC;QACvD,IAAI,MAAM,CAAC,OAAO,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACtC,OAAO,MAAyB,CAAC;IACnC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,8CAA8C;AAC9C,MAAM,UAAU,iBAAiB,CAAC,KAAsB,EAAE,YAAoB,sBAAsB;IAClG,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAChE,MAAM,GAAG,GAAG,GAAG,SAAS,QAAQ,OAAO,CAAC,GAAG,EAAE,CAAC;IAC9C,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7F,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACtB,wEAAwE;IACxE,uEAAuE;IACvE,yEAAyE;IACzE,+DAA+D;IAC/D,4DAA4D;IAC5D,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;AAC7B,CAAC;AAiBD;;;;GAIG;AACH,SAAS,kBAAkB,CACzB,MAA+D,EAC/D,QAAgB,EAChB,cAAkC,EAClC,MAAe,EACf,IAA4G;IAE5G,IAAI,CAAC,MAAM,IAAI,cAAc,KAAK,SAAS,IAAI,cAAc,KAAK,EAAE,EAAE,CAAC;QACrE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC;IAC7C,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC3B,uFAAuF;QACvF,mFAAmF;QACnF,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC3D,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnD,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC;QACrE,8CAA8C;QAC9C,MAAM,aAAa,GAAG,OAAO,CAAC;QAC9B,uEAAuE;QACvE,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;YAClC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;YAC5C,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;QACpC,CAAC;QACD,IAAI,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;YACzD,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;gBAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;QACnD,CAAC;QACD,6DAA6D;QAC7D,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QAClC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QAC5C,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACpC,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QACjC,2FAA2F;QAC3F,sFAAsF;QACtF,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;IAClD,CAAC;IACD,gEAAgE;IAChE,qEAAqE;IACrE,MAAM,CAAC,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IAC/B,IAAI,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC;IAC9C,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,2DAA2D,EAAE,CAAC;AAC5F,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,sBAAsB,CACpC,YAAoB,EACpB,MAA8B;IAE9B,IAAI,GAAG,GAAG,YAAY,CAAC;IACvB,KAAK,MAAM,CAAC,WAAW,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1D,wEAAwE;QACxE,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,WAAW,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,eAAe,CAC7B,OAA8B,EAC9B,aAAqB,EACrB,KAA4B,EAC5B,OAAmB,EAAE,EACrB,SAAkB,KAAK;IAEvB,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,SAAS,CAAC;IAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,eAAe,CAAC;IAClD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,gBAAgB,CAAC;IACrD,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,iBAAiB,CAAC;IACxD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,mBAAmB,CAAC;IAC9D,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,IAAI,oBAAoB,CAAC;IAEjE,MAAM,YAAY,GAAG,IAAI,CAAC,aAAa,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAClE,MAAM,YAAY,GAAG,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAEpD,MAAM,IAAI,GAA2B,EAAE,CAAC;IACxC,MAAM,kBAAkB,GAA2B,EAAE,CAAC;IACtD,MAAM,cAAc,GAAa,EAAE,CAAC;IAEpC,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,kBAAkB,CACjC,CAAC,CAAC,MAAM,EACR,QAAQ,EACR,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,EAClB,MAAM,EACN,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,CACjE,CAAC;QACF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACpD,SAAS;QACX,CAAC;QACD,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC;QAC7B,kBAAkB,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC;IACrD,CAAC;IAED,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,OAAO;YACL,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,MAAM,EAAE,SAAS;YACjB,IAAI;YACJ,cAAc;SACf,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,sBAAsB,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC;IAC9E,OAAO;QACL,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,MAAM,EAAE,UAAU;QAClB,YAAY;QACZ,IAAI;QACJ,cAAc,EAAE,EAAE;KACnB,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAC9B,aAAqB,EACrB,IAA6D,EAC7D,OAAmB,EAAE;IAErB,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,SAAS,IAAI,sBAAsB,CAAC,CAAC,CAAC;IACvG,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,IAAI,sBAAsB,CAAC,CAAC,CAAC;IAE9G,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;IAE/C,MAAM,OAAO,GAAmB,EAAE,CAAC;IACnC,MAAM,WAAW,GAAmC,EAAE,CAAC;IACvD,KAAK,MAAM,OAAO,IAAI,wBAAwB,EAAE,CAAC;QAC/C,MAAM,KAAK,GAAG,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC;QACzD,MAAM,CAAC,GAAG,eAAe,CAAC,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChB,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG;YAChC,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,GAAG,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtE,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAoB;QACjC,OAAO,EAAE,CAAC;QACV,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,OAAO,EAAE,WAAW;KACrB,CAAC;IACF,8EAA8E;IAC9E,2EAA2E;IAC3E,wDAAwD;IACxD,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,EAAE,CAAC;QACjD,UAAU,CAAC,SAAS,CAAC,CAAC;IACxB,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;AAChC,CAAC"}
|
|
@@ -22,6 +22,12 @@ export declare const MEMORY_SECRET_PATH: string;
|
|
|
22
22
|
* fall-through when the operator doesn't override.
|
|
23
23
|
*/
|
|
24
24
|
export declare const CLOUD_MEMORY_SECRET_PATH: string;
|
|
25
|
+
/**
|
|
26
|
+
* Canonical (new) location for memory secret — used by writers.
|
|
27
|
+
* Defined here as a convenience alias so callers don't need to import from core.
|
|
28
|
+
*/
|
|
29
|
+
export declare const MEMORY_SECRET_CANONICAL_PATH: string;
|
|
30
|
+
export declare const CLOUD_MEMORY_SECRET_CANONICAL_PATH: string;
|
|
25
31
|
export declare const SECRET_LEN_BYTES = 32;
|
|
26
32
|
/** Generate a 64-char hex secret. */
|
|
27
33
|
export declare function generateSecret(): string;
|
|
@@ -38,8 +44,10 @@ export declare function readSecretAtPathOrNull(path: string): string | null;
|
|
|
38
44
|
/** Read `path` or throw if missing. */
|
|
39
45
|
export declare function readSecretAtPath(path: string): string;
|
|
40
46
|
/**
|
|
41
|
-
* Ensure `~/.olam/memory-secret` exists with mode 0600. Generates a
|
|
47
|
+
* Ensure `~/.olam/secrets/memory-secret` exists with mode 0600. Generates a
|
|
42
48
|
* fresh 64-char hex secret on first call. Idempotent.
|
|
49
|
+
*
|
|
50
|
+
* Reads from the resolved path (new or legacy fallback); writes to canonical.
|
|
43
51
|
*/
|
|
44
52
|
export declare function ensureMemorySecret(path?: string): string;
|
|
45
53
|
/** Read the local-mode memory secret (no-throw shape). */
|
|
@@ -50,6 +58,8 @@ export declare function readMemorySecret(path?: string): string;
|
|
|
50
58
|
* Rotate the secret: generate fresh value, atomically replace the file,
|
|
51
59
|
* return the new value. Caller is responsible for restarting any
|
|
52
60
|
* running memory service so it picks up the new value.
|
|
61
|
+
*
|
|
62
|
+
* Always writes to canonical path (~/.olam/secrets/memory-secret).
|
|
53
63
|
*/
|
|
54
64
|
export declare function rotateMemorySecret(path?: string): string;
|
|
55
65
|
/** Convenience: are we wired for local-mode memory? */
|
|
@@ -63,7 +73,10 @@ export declare function hasMemorySecret(path?: string): boolean;
|
|
|
63
73
|
export declare function readCloudMemorySecretOrNull(path?: string): string | null;
|
|
64
74
|
/** Throws when the cloud secret is absent — use only when caller has verified mode is cloud. */
|
|
65
75
|
export declare function readCloudMemorySecret(path?: string): string;
|
|
66
|
-
/**
|
|
76
|
+
/**
|
|
77
|
+
* Atomic write 0600. Caller supplies the value (cloud secrets are
|
|
78
|
+
* operator-prompted, not generated). Always writes to canonical path.
|
|
79
|
+
*/
|
|
67
80
|
export declare function writeCloudMemorySecret(value: string, path?: string): void;
|
|
68
81
|
/** Convenience: is a cloud secret on disk? */
|
|
69
82
|
export declare function hasCloudMemorySecret(path?: string): boolean;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"memory-secret.d.ts","sourceRoot":"","sources":["../../src/lib/memory-secret.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;
|
|
1
|
+
{"version":3,"file":"memory-secret.d.ts","sourceRoot":"","sources":["../../src/lib/memory-secret.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAQH,eAAO,MAAM,kBAAkB,QAAqC,CAAC;AACrE;;;;;;;GAOG;AACH,eAAO,MAAM,wBAAwB,QAA2C,CAAC;AAEjF;;;GAGG;AACH,eAAO,MAAM,4BAA4B,QAAuC,CAAC;AACjF,eAAO,MAAM,kCAAkC,QAA6C,CAAC;AAC7F,eAAO,MAAM,gBAAgB,KAAK,CAAC;AAEnC,qCAAqC;AACrC,wBAAgB,cAAc,IAAI,MAAM,CAEvC;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAOnE;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CASlE;AAED,uCAAuC;AACvC,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAQrD;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,GAAE,MAA2B,GAAG,MAAM,CAS5E;AAED,0DAA0D;AAC1D,wBAAgB,sBAAsB,CAAC,IAAI,GAAE,MAA2B,GAAG,MAAM,GAAG,IAAI,CAEvF;AAED,uDAAuD;AACvD,wBAAgB,gBAAgB,CAAC,IAAI,GAAE,MAA2B,GAAG,MAAM,CAE1E;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,GAAE,MAAqC,GAAG,MAAM,CAItF;AAED,uDAAuD;AACvD,wBAAgB,eAAe,CAAC,IAAI,GAAE,MAA2B,GAAG,OAAO,CAE1E;AAWD;;;;;GAKG;AACH,wBAAgB,2BAA2B,CACzC,IAAI,GAAE,MAAiC,GACtC,MAAM,GAAG,IAAI,CAEf;AAED,gGAAgG;AAChG,wBAAgB,qBAAqB,CAAC,IAAI,GAAE,MAAiC,GAAG,MAAM,CAErF;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CACpC,KAAK,EAAE,MAAM,EACb,IAAI,GAAE,MAA2C,GAChD,IAAI,CAEN;AAED,8CAA8C;AAC9C,wBAAgB,oBAAoB,CAAC,IAAI,GAAE,MAAiC,GAAG,OAAO,CAErF"}
|
|
@@ -16,7 +16,8 @@ import { existsSync, mkdirSync, readFileSync, statSync, writeFileSync, renameSyn
|
|
|
16
16
|
import { homedir } from 'node:os';
|
|
17
17
|
import { join, dirname } from 'node:path';
|
|
18
18
|
import { randomBytes } from 'node:crypto';
|
|
19
|
-
|
|
19
|
+
import { resolveSecretPath, canonicalSecretPath } from '@olam/core/src/secrets/paths.js';
|
|
20
|
+
export const MEMORY_SECRET_PATH = resolveSecretPath('memory-secret');
|
|
20
21
|
/**
|
|
21
22
|
* Default cloud-mode secret path. Phase C C2.
|
|
22
23
|
*
|
|
@@ -25,7 +26,13 @@ export const MEMORY_SECRET_PATH = join(homedir(), '.olam', 'memory-secret');
|
|
|
25
26
|
* config-resolver (C4) handles the precedence; this constant is the
|
|
26
27
|
* fall-through when the operator doesn't override.
|
|
27
28
|
*/
|
|
28
|
-
export const CLOUD_MEMORY_SECRET_PATH =
|
|
29
|
+
export const CLOUD_MEMORY_SECRET_PATH = resolveSecretPath('cloud-memory-secret');
|
|
30
|
+
/**
|
|
31
|
+
* Canonical (new) location for memory secret — used by writers.
|
|
32
|
+
* Defined here as a convenience alias so callers don't need to import from core.
|
|
33
|
+
*/
|
|
34
|
+
export const MEMORY_SECRET_CANONICAL_PATH = canonicalSecretPath('memory-secret');
|
|
35
|
+
export const CLOUD_MEMORY_SECRET_CANONICAL_PATH = canonicalSecretPath('cloud-memory-secret');
|
|
29
36
|
export const SECRET_LEN_BYTES = 32; // 64 hex chars
|
|
30
37
|
/** Generate a 64-char hex secret. */
|
|
31
38
|
export function generateSecret() {
|
|
@@ -36,7 +43,7 @@ export function generateSecret() {
|
|
|
36
43
|
* created with default mode if absent.
|
|
37
44
|
*/
|
|
38
45
|
export function writeSecretAtPath(path, value) {
|
|
39
|
-
mkdirSync(dirname(path), { recursive: true });
|
|
46
|
+
mkdirSync(dirname(path), { recursive: true, mode: 0o700 });
|
|
40
47
|
const tmp = `${path}.tmp.${process.pid}`;
|
|
41
48
|
writeFileSync(tmp, value, { mode: 0o600 });
|
|
42
49
|
// writeFileSync's mode is umask-respecting; chmod explicitly to be safe.
|
|
@@ -65,15 +72,20 @@ export function readSecretAtPath(path) {
|
|
|
65
72
|
return v;
|
|
66
73
|
}
|
|
67
74
|
/**
|
|
68
|
-
* Ensure `~/.olam/memory-secret` exists with mode 0600. Generates a
|
|
75
|
+
* Ensure `~/.olam/secrets/memory-secret` exists with mode 0600. Generates a
|
|
69
76
|
* fresh 64-char hex secret on first call. Idempotent.
|
|
77
|
+
*
|
|
78
|
+
* Reads from the resolved path (new or legacy fallback); writes to canonical.
|
|
70
79
|
*/
|
|
71
80
|
export function ensureMemorySecret(path = MEMORY_SECRET_PATH) {
|
|
72
81
|
const existing = readSecretAtPathOrNull(path);
|
|
73
82
|
if (existing)
|
|
74
83
|
return existing;
|
|
75
84
|
const fresh = generateSecret();
|
|
76
|
-
|
|
85
|
+
// When using the default resolved path, write to canonical new location.
|
|
86
|
+
// When given an explicit path (test seam or direct caller), honour it for write too.
|
|
87
|
+
const writePath = path === MEMORY_SECRET_PATH ? MEMORY_SECRET_CANONICAL_PATH : path;
|
|
88
|
+
writeSecretAtPath(writePath, fresh);
|
|
77
89
|
return fresh;
|
|
78
90
|
}
|
|
79
91
|
/** Read the local-mode memory secret (no-throw shape). */
|
|
@@ -88,8 +100,10 @@ export function readMemorySecret(path = MEMORY_SECRET_PATH) {
|
|
|
88
100
|
* Rotate the secret: generate fresh value, atomically replace the file,
|
|
89
101
|
* return the new value. Caller is responsible for restarting any
|
|
90
102
|
* running memory service so it picks up the new value.
|
|
103
|
+
*
|
|
104
|
+
* Always writes to canonical path (~/.olam/secrets/memory-secret).
|
|
91
105
|
*/
|
|
92
|
-
export function rotateMemorySecret(path =
|
|
106
|
+
export function rotateMemorySecret(path = MEMORY_SECRET_CANONICAL_PATH) {
|
|
93
107
|
const fresh = generateSecret();
|
|
94
108
|
writeSecretAtPath(path, fresh);
|
|
95
109
|
return fresh;
|
|
@@ -119,8 +133,11 @@ export function readCloudMemorySecretOrNull(path = CLOUD_MEMORY_SECRET_PATH) {
|
|
|
119
133
|
export function readCloudMemorySecret(path = CLOUD_MEMORY_SECRET_PATH) {
|
|
120
134
|
return readSecretAtPath(path);
|
|
121
135
|
}
|
|
122
|
-
/**
|
|
123
|
-
|
|
136
|
+
/**
|
|
137
|
+
* Atomic write 0600. Caller supplies the value (cloud secrets are
|
|
138
|
+
* operator-prompted, not generated). Always writes to canonical path.
|
|
139
|
+
*/
|
|
140
|
+
export function writeCloudMemorySecret(value, path = CLOUD_MEMORY_SECRET_CANONICAL_PATH) {
|
|
124
141
|
writeSecretAtPath(path, value);
|
|
125
142
|
}
|
|
126
143
|
/** Convenience: is a cloud secret on disk? */
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"memory-secret.js","sourceRoot":"","sources":["../../src/lib/memory-secret.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAC1H,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"memory-secret.js","sourceRoot":"","sources":["../../src/lib/memory-secret.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAC1H,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AAEzF,MAAM,CAAC,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,eAAe,CAAC,CAAC;AACrE;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,iBAAiB,CAAC,qBAAqB,CAAC,CAAC;AAEjF;;;GAGG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,mBAAmB,CAAC,eAAe,CAAC,CAAC;AACjF,MAAM,CAAC,MAAM,kCAAkC,GAAG,mBAAmB,CAAC,qBAAqB,CAAC,CAAC;AAC7F,MAAM,CAAC,MAAM,gBAAgB,GAAG,EAAE,CAAC,CAAC,eAAe;AAEnD,qCAAqC;AACrC,MAAM,UAAU,cAAc;IAC5B,OAAO,WAAW,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACvD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAY,EAAE,KAAa;IAC3D,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,GAAG,IAAI,QAAQ,OAAO,CAAC,GAAG,EAAE,CAAC;IACzC,aAAa,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC3C,yEAAyE;IACzE,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACtB,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;AACxB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,IAAY;IACjD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IACnC,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC;IACzC,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;QACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,SAAS,IAAI,cAAc,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,mEAAmE,CAC/G,CAAC;IACJ,CAAC;IACD,OAAO,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;AAC3C,CAAC;AAED,uCAAuC;AACvC,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,MAAM,CAAC,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;IACvC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,uBAAuB,IAAI,2CAA2C,CACvE,CAAC;IACJ,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe,kBAAkB;IAClE,MAAM,QAAQ,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;IAC9C,IAAI,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAC9B,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,yEAAyE;IACzE,qFAAqF;IACrF,MAAM,SAAS,GAAG,IAAI,KAAK,kBAAkB,CAAC,CAAC,CAAC,4BAA4B,CAAC,CAAC,CAAC,IAAI,CAAC;IACpF,iBAAiB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IACpC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,0DAA0D;AAC1D,MAAM,UAAU,sBAAsB,CAAC,OAAe,kBAAkB;IACtE,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC;AACtC,CAAC;AAED,uDAAuD;AACvD,MAAM,UAAU,gBAAgB,CAAC,OAAe,kBAAkB;IAChE,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe,4BAA4B;IAC5E,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,iBAAiB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC/B,OAAO,KAAK,CAAC;AACf,CAAC;AAED,uDAAuD;AACvD,MAAM,UAAU,eAAe,CAAC,OAAe,kBAAkB;IAC/D,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,+EAA+E;AAC/E,EAAE;AACF,yEAAyE;AACzE,wEAAwE;AACxE,4EAA4E;AAC5E,6EAA6E;AAC7E,oEAAoE;AACpE,iCAAiC;AAEjC;;;;;GAKG;AACH,MAAM,UAAU,2BAA2B,CACzC,OAAe,wBAAwB;IAEvC,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC;AACtC,CAAC;AAED,gGAAgG;AAChG,MAAM,UAAU,qBAAqB,CAAC,OAAe,wBAAwB;IAC3E,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC;AAChC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CACpC,KAAa,EACb,OAAe,kCAAkC;IAEjD,iBAAiB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AACjC,CAAC;AAED,8CAA8C;AAC9C,MAAM,UAAU,oBAAoB,CAAC,OAAe,wBAAwB;IAC1E,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* upgrade-check.ts — non-blocking upgrade-available banner for olam CLI.
|
|
3
|
+
*
|
|
4
|
+
* On each `olam <command>` invocation, asynchronously checks whether a newer
|
|
5
|
+
* version of `@pleri/olam-cli` is available on npm. The result is cached for
|
|
6
|
+
* 24 hours in `~/.olam/cli-upgrade-cache.json` so the npm check fires at most
|
|
7
|
+
* once per day. Any network or FS failure silently skips the banner.
|
|
8
|
+
*
|
|
9
|
+
* Suppression rules (any match → silent):
|
|
10
|
+
* - OLAM_DISABLE_UPGRADE_BANNER=1
|
|
11
|
+
* - --json flag present in argv
|
|
12
|
+
* - stdout is not a TTY
|
|
13
|
+
*/
|
|
14
|
+
export declare const UPGRADE_CACHE_TTL_MS: number;
|
|
15
|
+
export declare const NPM_CHECK_TIMEOUT_MS = 2000;
|
|
16
|
+
export declare const DEFAULT_CACHE_PATH: string;
|
|
17
|
+
/**
|
|
18
|
+
* Fetch the latest published version of @pleri/olam-cli from the npm registry.
|
|
19
|
+
* Returns null on any network error or timeout.
|
|
20
|
+
*/
|
|
21
|
+
export declare function fetchLatestVersion(timeoutMs?: number): Promise<string | null>;
|
|
22
|
+
/**
|
|
23
|
+
* Determine the latest version, using cache when fresh.
|
|
24
|
+
* Always returns without throwing. Returns null when unavailable.
|
|
25
|
+
*/
|
|
26
|
+
export declare function resolveLatestVersion(opts: {
|
|
27
|
+
cachePath?: string;
|
|
28
|
+
now?: number;
|
|
29
|
+
fetchFn?: (timeout: number) => Promise<string | null>;
|
|
30
|
+
}): Promise<string | null>;
|
|
31
|
+
/**
|
|
32
|
+
* Build the upgrade banner string (with box-drawing characters).
|
|
33
|
+
*/
|
|
34
|
+
export declare function buildBanner(latestVersion: string, currentVersion: string): string;
|
|
35
|
+
/**
|
|
36
|
+
* Returns true when the upgrade banner should be suppressed.
|
|
37
|
+
*/
|
|
38
|
+
export declare function shouldSuppressBanner(opts: {
|
|
39
|
+
env?: Record<string, string | undefined>;
|
|
40
|
+
argv?: readonly string[];
|
|
41
|
+
isTTY?: boolean;
|
|
42
|
+
}): boolean;
|
|
43
|
+
/**
|
|
44
|
+
* Fire-and-forget upgrade check. Resolves the latest version, prints a banner
|
|
45
|
+
* to stdout if a newer version is available, and swallows all errors.
|
|
46
|
+
*
|
|
47
|
+
* Call this BEFORE program.parseAsync(). The promise is not awaited — the
|
|
48
|
+
* banner races the command action. For short commands this means the banner
|
|
49
|
+
* arrives before exit; for fast commands that call process.exit explicitly
|
|
50
|
+
* (e.g. olam --version), the banner may be suppressed naturally.
|
|
51
|
+
*/
|
|
52
|
+
export declare function scheduleUpgradeCheck(currentVersion: string, opts?: {
|
|
53
|
+
cachePath?: string;
|
|
54
|
+
fetchFn?: (timeout: number) => Promise<string | null>;
|
|
55
|
+
env?: Record<string, string | undefined>;
|
|
56
|
+
argv?: readonly string[];
|
|
57
|
+
isTTY?: boolean;
|
|
58
|
+
write?: (s: string) => void;
|
|
59
|
+
}): Promise<void>;
|
|
60
|
+
//# sourceMappingURL=upgrade-check.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"upgrade-check.d.ts","sourceRoot":"","sources":["../../src/lib/upgrade-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAMH,eAAO,MAAM,oBAAoB,QAAsB,CAAC;AACxD,eAAO,MAAM,oBAAoB,OAAQ,CAAC;AAE1C,eAAO,MAAM,kBAAkB,QAA6D,CAAC;AAgD7F;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,SAAS,SAAuB,GAC/B,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAuBxB;AAED;;;GAGG;AACH,wBAAsB,oBAAoB,CAAC,IAAI,EAAE;IAC/C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;CACvD,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAoBzB;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,aAAa,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,MAAM,CAWjF;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE;IACzC,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;IACzC,IAAI,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACzB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,GAAG,OAAO,CASV;AAED;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;IAClE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACtD,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;IACzC,IAAI,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACzB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,KAAK,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;CAC7B,GAAG,OAAO,CAAC,IAAI,CAAC,CAmBhB"}
|