@sdt-tools/cli 0.2.5 → 0.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.cjs CHANGED
@@ -716,11 +716,14 @@ function splitStatements(sql) {
716
716
  function publishCommand() {
717
717
  const cmd = new import_commander6.Command("publish");
718
718
  cmd.description(
719
- "Compare a .sdtpac to a live Snowflake target and apply (or dry-run) the migration."
719
+ "Compare a .sdtpac (the desired state) to a live Snowflake target and apply (or dry-run) the migration. Shared form with `ddt publish`: `--source <desired> --connection <live-target>`."
720
+ ).option(
721
+ "--source <path>",
722
+ "Path to the desired-state .sdtpac (canonical name; the same flag `ddt publish` uses). Required for a normal publish; omit only with --restore-from-snapshot."
720
723
  ).option(
721
724
  "--pac <path>",
722
- "Path to a built .sdtpac. Required for a normal publish; omit only with --restore-from-snapshot."
723
- ).requiredOption("-c, --connection <profile>", "Connection profile name").option(
725
+ "Back-compat alias for --source (the desired-state .sdtpac). Prefer --source for cross-platform parity with `ddt publish`."
726
+ ).requiredOption("-c, --connection <profile>", "Connection profile name (the live target).").option(
724
727
  "--restore-from-snapshot <batchId>",
725
728
  "Recovery mode: skip the compare step and emit ALTER TABLE \u2026 SWAP WITH against the snapshot batch <batchId> from the registry. Dry-run by default; pass --apply --yes to execute. This is the command printed by TRUST.4's post-deploy-smoke + TRUST.8's restore-hint when a deploy fails \u2014 they tell the operator to run `sdt publish --restore-from-snapshot <id>`."
726
729
  ).option(
@@ -807,12 +810,15 @@ function publishCommand() {
807
810
  await runRestoreFromSnapshot(opts);
808
811
  return;
809
812
  }
810
- if (!opts.pac) {
811
- logger.error("--pac <path> is required (unless --restore-from-snapshot is given).");
813
+ const pacRef = opts.source ?? opts.pac;
814
+ if (!pacRef) {
815
+ logger.error(
816
+ "--source <path> (or its alias --pac) is required (unless --restore-from-snapshot is given)."
817
+ );
812
818
  process.exitCode = 1;
813
819
  return;
814
820
  }
815
- const pacPath = import_node_path4.default.resolve(String(opts.pac));
821
+ const pacPath = import_node_path4.default.resolve(String(pacRef));
816
822
  const pac10 = await (0, import_pac2.readPac)(pacPath);
817
823
  const freshnessMode = opts.freshness ?? "warn";
818
824
  if (freshnessMode !== "skip") {
@@ -1735,6 +1741,11 @@ function connectionCommand() {
1735
1741
  await (0, import_connection5.upsertProfile)(profile);
1736
1742
  logger.success(`Saved profile "${profile.name}".`);
1737
1743
  });
1744
+ cmd.command("get <name>").description("Print a profile (secrets are redacted).").action(async (name) => {
1745
+ const profile = await (0, import_connection5.getProfile)(String(name));
1746
+ const redacted = { ...profile, auth: redactAuth(profile.auth) };
1747
+ logger.info(JSON.stringify(redacted, null, 2));
1748
+ });
1738
1749
  cmd.command("remove").description("Remove a connection profile.").argument("<name>").action(async (name) => {
1739
1750
  const ok = await (0, import_connection5.removeProfile)(String(name));
1740
1751
  if (ok) logger.success(`Removed profile "${name}".`);
@@ -1752,6 +1763,24 @@ function connectionCommand() {
1752
1763
  });
1753
1764
  return cmd;
1754
1765
  }
1766
+ function redactAuth(auth) {
1767
+ const isPlaceholder = (v) => v.startsWith("env:") || v.startsWith("keyring:");
1768
+ switch (auth.method) {
1769
+ case "PASSWORD":
1770
+ case "MFA":
1771
+ return auth.password && !isPlaceholder(auth.password) ? { ...auth, password: "<redacted>" } : auth;
1772
+ case "OAUTH":
1773
+ return auth.token && !isPlaceholder(auth.token) ? { ...auth, token: "<redacted>" } : auth;
1774
+ case "KEY_PAIR":
1775
+ return auth.privateKeyPassphrase && !isPlaceholder(auth.privateKeyPassphrase) ? { ...auth, privateKeyPassphrase: "<redacted>" } : auth;
1776
+ case "EXTERNAL_BROWSER":
1777
+ return auth;
1778
+ default: {
1779
+ const _exhaustive = auth;
1780
+ return _exhaustive;
1781
+ }
1782
+ }
1783
+ }
1755
1784
 
1756
1785
  // src/commands/scaffold.ts
1757
1786
  var import_commander10 = require("commander");