@replayio/app-building 1.24.1 → 1.26.0

package/dist/fly.js

@@ -1,199 +0,0 @@
-const API_BASE = "https://api.machines.dev/v1";
-async function flyFetch(path, token, opts = {}) {
-    const res = await fetch(`${API_BASE}${path}`, {
-        ...opts,
-        headers: {
-            Authorization: `Bearer ${token}`,
-            "Content-Type": "application/json",
-            ...(opts.headers ?? {}),
-        },
-    });
-    if (!res.ok) {
-        const body = await res.text().catch(() => "");
-        throw new Error(`Fly API ${opts.method ?? "GET"} ${path} → ${res.status}: ${body}`);
-    }
-    return res;
-}
-/**
- * Create a Fly app via the Machines API and allocate IPs so .fly.dev DNS works.
- */
-export async function createApp(token, name, org) {
-    await flyFetch("/apps", token, {
-        method: "POST",
-        body: JSON.stringify({ app_name: name, org_slug: org ?? "personal" }),
-    });
-    // Allocate shared IPv4 and IPv6 via GraphQL so the app gets a .fly.dev domain
-    const gqlFetch = async (query, variables) => {
-        const res = await fetch("https://api.fly.io/graphql", {
-            method: "POST",
-            headers: {
-                Authorization: `Bearer ${token}`,
-                "Content-Type": "application/json",
-            },
-            body: JSON.stringify({ query, variables }),
-        });
-        if (!res.ok) {
-            const body = await res.text().catch(() => "");
-            throw new Error(`Fly GraphQL error ${res.status}: ${body}`);
-        }
-        const data = await res.json();
-        if (data.errors?.length) {
-            throw new Error(`Fly GraphQL: ${data.errors[0].message}`);
-        }
-    };
-    const allocateMutation = `
-    mutation($input: AllocateIPAddressInput!) {
-      allocateIpAddress(input: $input) {
-        ipAddress { id address type }
-      }
-    }
-  `;
-    await gqlFetch(allocateMutation, { input: { appId: name, type: "shared_v4" } });
-    await gqlFetch(allocateMutation, { input: { appId: name, type: "v6" } });
-}
-/**
- * Create a Fly Volume in the given region.
- * Returns the volume ID.
- */
-export async function createVolume(app, token, name, region, sizeGb = 50) {
-    const res = await flyFetch(`/apps/${app}/volumes`, token, {
-        method: "POST",
-        body: JSON.stringify({
-            name,
-            region,
-            size_gb: sizeGb,
-            encrypted: true,
-            require_unique_zone: false,
-        }),
-    });
-    const data = (await res.json());
-    return data.id;
-}
-/**
- * Delete a Fly Volume.
- */
-export async function deleteVolume(app, token, volumeId) {
-    await flyFetch(`/apps/${app}/volumes/${volumeId}`, token, {
-        method: "DELETE",
-    });
-}
-/**
- * Create a Fly Machine with the given image and env vars.
- * Creates a volume mounted at /repo for storage.
- * Returns the machine ID and volume ID.
- */
-export async function createMachine(app, token, image, env, name) {
-    const volumeName = `repo_${name.replace(/-/g, "_")}`.slice(0, 30);
-    // Regions to try in order. dfw and iad have the most reliable capacity for
-    // performance machines. Fall back to ord and sjc if needed.
-    const regions = ["dfw", "iad", "ord", "sjc"];
-    // Delete unattached volumes in parallel with creating the new machine.
-    let cleanupDone;
-    for (const region of regions) {
-        console.log(`Creating machine in region ${region}...`);
-        const volumeId = await createVolume(app, token, volumeName, region, 50);
-        // Start cleanup on first attempt only
-        if (!cleanupDone) {
-            cleanupDone = listVolumes(app, token).then(vols => Promise.all(vols.map(async ({ id, attached_machine_id }) => {
-                if (attached_machine_id || id === volumeId)
-                    return;
-                await deleteVolume(app, token, id).catch(() => { });
-            })));
-        }
-        try {
-            const res = await flyFetch(`/apps/${app}/machines`, token, {
-                method: "POST",
-                body: JSON.stringify({
-                    name,
-                    region,
-                    config: {
-                        image,
-                        env,
-                        auto_destroy: true,
-                        restart: { policy: "on-failure", max_retries: 3 },
-                        guest: {
-                            cpu_kind: "performance",
-                            cpus: 16,
-                            memory_mb: 32768,
-                        },
-                        mounts: [{ volume: volumeId, path: "/repo" }],
-                        services: [
-                            {
-                                ports: [{ port: 443, handlers: ["tls", "http"] }],
-                                protocol: "tcp",
-                                internal_port: 3000,
-                                autostart: false,
-                                autostop: "off",
-                            },
-                        ],
-                    },
-                }),
-            });
-            const data = (await res.json());
-            await cleanupDone;
-            return { machineId: data.id, volumeId };
-        }
-        catch (err) {
-            await deleteVolume(app, token, volumeId).catch(() => { });
-            const msg = err instanceof Error ? err.message : String(err);
-            if (msg.includes("412") || msg.includes("insufficient")) {
-                console.log(`Insufficient resources in ${region}, trying next region...`);
-                continue;
-            }
-            throw new Error(`Failed to create machine in region ${region}: ${msg}`);
-        }
-    }
-    throw new Error(`Failed to create machine in any region (tried ${regions.join(", ")}): insufficient resources`);
-}
-/**
- * Wait for a Fly Machine to reach the "started" state.
- */
-export async function waitForMachine(app, token, machineId, timeoutMs = 180000) {
-    const start = Date.now();
-    let lastLogTime = 0;
-    while (Date.now() - start < timeoutMs) {
-        try {
-            await flyFetch(`/apps/${app}/machines/${machineId}/wait?state=started&timeout=60`, token);
-            return;
-        }
-        catch (e) {
-            const now = Date.now();
-            const elapsed = Math.round((now - start) / 1000);
-            // Only log at most once every 10 seconds
-            if (now - lastLogTime >= 10000) {
-                console.log(`Still waiting for machine to start (${elapsed}s elapsed): ${e instanceof Error ? e.message : e}`);
-                lastLogTime = now;
-            }
-            // Wait before retrying
-            await new Promise((r) => setTimeout(r, 5000));
-        }
-    }
-    throw new Error(`Machine ${machineId} did not reach started state within ${timeoutMs / 1000}s`);
-}
-/**
- * Destroy a Fly Machine (force) and its attached volume.
- */
-export async function destroyMachine(app, token, machineId, volumeId) {
-    await flyFetch(`/apps/${app}/machines/${machineId}?force=true`, token, {
-        method: "DELETE",
-    });
-    if (volumeId) {
-        await deleteVolume(app, token, volumeId).catch((err) => {
-            console.log(`Warning: failed to delete volume ${volumeId}: ${err instanceof Error ? err.message : err}`);
-        });
-    }
-}
-/**
- * List all machines for a Fly app.
- */
-export async function listMachines(app, token) {
-    const res = await flyFetch(`/apps/${app}/machines`, token);
-    return (await res.json());
-}
-/**
- * List all volumes for a Fly app.
- */
-export async function listVolumes(app, token) {
-    const res = await flyFetch(`/apps/${app}/volumes`, token);
-    return (await res.json());
-}

package/dist/http-client.d.ts

@@ -1,6 +0,0 @@
-export interface HttpOptions {
-    timeout?: number;
-    headers?: Record<string, string>;
-}
-export declare function httpGet(url: string, opts?: HttpOptions): Promise<any>;
-export declare function httpPost(url: string, body?: unknown, opts?: HttpOptions): Promise<any>;

package/dist/http-client.js

@@ -1,30 +0,0 @@
-const DEFAULT_TIMEOUT = 30000;
-const MAX_RETRIES = 4;
-const RETRY_DELAY_MS = 2000;
-async function fetchWithRetry(url, init, timeout) {
-    for (let attempt = 0;; attempt++) {
-        try {
-            const res = await fetch(url, { ...init, signal: AbortSignal.timeout(timeout) });
-            if (!res.ok)
-                throw new Error(`${init.method ?? "GET"} ${url}: ${res.status} ${res.statusText}`);
-            return res;
-        }
-        catch (err) {
-            if (attempt >= MAX_RETRIES)
-                throw err;
-            await new Promise((r) => setTimeout(r, RETRY_DELAY_MS));
-        }
-    }
-}
-export async function httpGet(url, opts = {}) {
-    const res = await fetchWithRetry(url, { headers: opts.headers }, opts.timeout ?? DEFAULT_TIMEOUT);
-    return res.json();
-}
-export async function httpPost(url, body, opts = {}) {
-    const res = await fetchWithRetry(url, {
-        method: "POST",
-        headers: { "Content-Type": "application/json", ...opts.headers },
-        body: body !== undefined ? JSON.stringify(body) : undefined,
-    }, opts.timeout ?? DEFAULT_TIMEOUT);
-    return res.json();
-}

package/dist/image-ref.d.ts

@@ -1 +0,0 @@
-export declare function getImageRef(): string;

package/dist/image-ref.js

@@ -1,4 +0,0 @@
-const DEFAULT_IMAGE_REF = "ghcr.io/replayio/app-building:latest";
-export function getImageRef() {
-    return process.env.CONTAINER_IMAGE_REF ?? DEFAULT_IMAGE_REF;
-}

package/dist/secrets.d.ts

@@ -1,50 +0,0 @@
-/**
- * Infisical secrets API.
- *
- * API versions used (per https://infisical.com/docs/api-reference):
- *   - Auth:    POST /api/v1/auth/universal-auth/login
- *   - Secrets: GET/POST/PATCH /api/v4/secrets[/{secretName}]
- *   - Folders: POST /api/v2/folders
- */
-export interface InfisicalConfig {
-    token: string;
-    projectId: string;
-    environment: string;
-}
-/**
- * Log in to Infisical using Universal Auth (Client ID + Client Secret).
- * POST /api/v1/auth/universal-auth/login
- * Returns a short-lived access token.
- */
-export declare function infisicalLogin(clientId: string, clientSecret: string): Promise<string>;
-/**
- * Fetch secrets from an Infisical folder path.
- * GET /api/v4/secrets?projectId=…&environment=…&secretPath=…
- * Returns a key→value record.
- */
-export declare function fetchInfisicalSecrets(config: InfisicalConfig, secretPath: string): Promise<Record<string, string>>;
-/**
- * Fetch global build secrets from `/global/`.
- */
-export declare function fetchGlobalSecrets(config: InfisicalConfig): Promise<Record<string, string>>;
-/**
- * Fetch per-branch deployment secrets from `/branches/<branch>/`.
- */
-export declare function fetchBranchSecrets(config: InfisicalConfig, branch: string): Promise<Record<string, string>>;
-/**
- * Create or update a branch secret in Infisical.
- * Creates the folder path if it doesn't exist yet.
- *
- *   POST  /api/v4/secrets/{name}   — create
- *   PATCH /api/v4/secrets/{name}   — update (if secret already exists)
- *
- * Body: { projectId, environment, secretPath, secretValue, type }
- */
-export declare function createBranchSecret(config: InfisicalConfig, branch: string, name: string, value: string): Promise<void>;
-/**
- * Extract Infisical config from environment variables and log in.
- * Reads INFISICAL_CLIENT_ID, INFISICAL_CLIENT_SECRET, INFISICAL_PROJECT_ID,
- * and INFISICAL_ENVIRONMENT from the env vars.
- * Throws if any required var is missing.
- */
-export declare function getInfisicalConfig(envVars: Record<string, string>): Promise<InfisicalConfig>;

package/dist/secrets.js

@@ -1,209 +0,0 @@
-/**
- * Infisical secrets API.
- *
- * API versions used (per https://infisical.com/docs/api-reference):
- *   - Auth:    POST /api/v1/auth/universal-auth/login
- *   - Secrets: GET/POST/PATCH /api/v4/secrets[/{secretName}]
- *   - Folders: POST /api/v2/folders
- */
-const INFISICAL_API_BASE = "https://app.infisical.com";
-// ---------------------------------------------------------------------------
-// Auth
-// ---------------------------------------------------------------------------
-/**
- * Log in to Infisical using Universal Auth (Client ID + Client Secret).
- * POST /api/v1/auth/universal-auth/login
- * Returns a short-lived access token.
- */
-export async function infisicalLogin(clientId, clientSecret) {
-    const res = await fetch(`${INFISICAL_API_BASE}/api/v1/auth/universal-auth/login`, {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({ clientId, clientSecret }),
-    });
-    if (!res.ok) {
-        const body = await res.text().catch(() => "");
-        throw new Error(`Infisical login failed → ${res.status}: ${body}`);
-    }
-    const data = (await res.json());
-    return data.accessToken;
-}
-// ---------------------------------------------------------------------------
-// Helpers
-// ---------------------------------------------------------------------------
-function authHeaders(config) {
-    return {
-        Authorization: `Bearer ${config.token}`,
-        "Content-Type": "application/json",
-    };
-}
-/**
- * Fetch secrets from an Infisical folder path.
- * GET /api/v4/secrets?projectId=…&environment=…&secretPath=…
- * Returns a key→value record.
- */
-export async function fetchInfisicalSecrets(config, secretPath) {
-    const params = new URLSearchParams({
-        projectId: config.projectId,
-        environment: config.environment,
-        secretPath,
-    });
-    const res = await fetch(`${INFISICAL_API_BASE}/api/v4/secrets?${params}`, {
-        headers: authHeaders(config),
-    });
-    if (!res.ok) {
-        const body = await res.text().catch(() => "");
-        throw new Error(`Infisical GET secrets ${secretPath} → ${res.status}: ${body}`);
-    }
-    const data = (await res.json());
-    const secrets = {};
-    for (const s of data.secrets) {
-        secrets[s.secretKey] = s.secretValue;
-    }
-    return secrets;
-}
-/**
- * Fetch global build secrets from `/global/`.
- */
-export async function fetchGlobalSecrets(config) {
-    return fetchInfisicalSecrets(config, "/global/");
-}
-/**
- * Fetch per-branch deployment secrets from `/branches/<branch>/`.
- */
-export async function fetchBranchSecrets(config, branch) {
-    return fetchInfisicalSecrets(config, `/branches/${branch}/`);
-}
-// ---------------------------------------------------------------------------
-// Folders
-// ---------------------------------------------------------------------------
-/**
- * Ensure all folders in a path exist, creating any missing ones.
- * POST /api/v2/folders  — body: { projectId, environment, name, path }
- *
- * Infisical requires folders to exist before secrets can be written into them.
- * We walk each segment of the path and issue a create; a 400 response means
- * the folder already exists (the docs list 400 for "Bad Request" which
- * Infisical returns for duplicate folder names).
- */
-async function ensureFolder(config, folderPath) {
-    const segments = folderPath.split("/").filter(Boolean);
-    let parentPath = "/";
-    for (const segment of segments) {
-        const res = await fetch(`${INFISICAL_API_BASE}/api/v2/folders`, {
-            method: "POST",
-            headers: authHeaders(config),
-            body: JSON.stringify({
-                projectId: config.projectId,
-                environment: config.environment,
-                name: segment,
-                path: parentPath,
-            }),
-        });
-        // 200 = created. 400 = folder already exists (Infisical returns 400 for
-        // duplicate folder names under the same parent).
-        if (res.ok || res.status === 400) {
-            parentPath += segment + "/";
-            continue;
-        }
-        const text = await res.text().catch(() => "");
-        throw new Error(`Infisical create folder ${parentPath}${segment} → ${res.status}: ${text}`);
-    }
-}
-// ---------------------------------------------------------------------------
-// Secrets — write
-// ---------------------------------------------------------------------------
-/**
- * Create or update a branch secret in Infisical.
- * Creates the folder path if it doesn't exist yet.
- *
- *   POST  /api/v4/secrets/{name}   — create
- *   PATCH /api/v4/secrets/{name}   — update (if secret already exists)
- *
- * Body: { projectId, environment, secretPath, secretValue, type }
- */
-export async function createBranchSecret(config, branch, name, value) {
-    const secretPath = `/branches/${branch}/`;
-    const url = `${INFISICAL_API_BASE}/api/v4/secrets/${encodeURIComponent(name)}`;
-    const body = {
-        projectId: config.projectId,
-        environment: config.environment,
-        secretPath,
-        secretValue: value,
-        type: "shared",
-    };
-    const headers = authHeaders(config);
-    // --- Try POST (create) ---------------------------------------------------
-    const res = await fetch(url, {
-        method: "POST",
-        headers,
-        body: JSON.stringify(body),
-    });
-    if (res.ok)
-        return;
-    // Secret already exists → PATCH to update
-    if (res.status === 400) {
-        const patchRes = await fetch(url, {
-            method: "PATCH",
-            headers,
-            body: JSON.stringify(body),
-        });
-        if (patchRes.ok)
-            return;
-        const text = await patchRes.text().catch(() => "");
-        throw new Error(`Infisical PATCH ${name} → ${patchRes.status}: ${text}`);
-    }
-    // Folder doesn't exist → create folders then retry POST
-    if (res.status === 404) {
-        await ensureFolder(config, secretPath);
-        const retryRes = await fetch(url, {
-            method: "POST",
-            headers,
-            body: JSON.stringify(body),
-        });
-        if (retryRes.ok)
-            return;
-        // Retry may 400 if another process created it concurrently → try PATCH
-        if (retryRes.status === 400) {
-            const patchRes = await fetch(url, {
-                method: "PATCH",
-                headers,
-                body: JSON.stringify(body),
-            });
-            if (patchRes.ok)
-                return;
-            const text = await patchRes.text().catch(() => "");
-            throw new Error(`Infisical PATCH ${name} (after folder creation) → ${patchRes.status}: ${text}`);
-        }
-        const text = await retryRes.text().catch(() => "");
-        throw new Error(`Infisical POST ${name} (after folder creation) → ${retryRes.status}: ${text}`);
-    }
-    const text = await res.text().catch(() => "");
-    throw new Error(`Infisical POST ${name} → ${res.status}: ${text}`);
-}
-// ---------------------------------------------------------------------------
-// Config helper
-// ---------------------------------------------------------------------------
-/**
- * Extract Infisical config from environment variables and log in.
- * Reads INFISICAL_CLIENT_ID, INFISICAL_CLIENT_SECRET, INFISICAL_PROJECT_ID,
- * and INFISICAL_ENVIRONMENT from the env vars.
- * Throws if any required var is missing.
- */
-export async function getInfisicalConfig(envVars) {
-    const clientId = envVars.INFISICAL_CLIENT_ID;
-    const clientSecret = envVars.INFISICAL_CLIENT_SECRET;
-    const projectId = envVars.INFISICAL_PROJECT_ID;
-    const environment = envVars.INFISICAL_ENVIRONMENT;
-    const missing = [
-        !clientId && "INFISICAL_CLIENT_ID",
-        !clientSecret && "INFISICAL_CLIENT_SECRET",
-        !projectId && "INFISICAL_PROJECT_ID",
-        !environment && "INFISICAL_ENVIRONMENT",
-    ].filter(Boolean);
-    if (missing.length > 0) {
-        throw new Error(`Missing Infisical config in .env: ${missing.join(", ")}`);
-    }
-    const token = await infisicalLogin(clientId, clientSecret);
-    return { token, projectId: projectId, environment: environment };
-}