@tailor-platform/sdk 1.68.0 → 1.70.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +105 -0
- package/dist/application-BakHtldG.mjs +4 -0
- package/dist/application-Df5_I83n.mjs +6432 -0
- package/dist/application-Df5_I83n.mjs.map +1 -0
- package/dist/cli/erd-viewer-assets/app.js +279 -36
- package/dist/cli/erd-viewer-assets/index.html +4 -0
- package/dist/cli/erd-viewer-assets/styles.css +252 -5
- package/dist/cli/index.mjs +650 -98
- package/dist/cli/index.mjs.map +1 -1
- package/dist/cli/lib.d.mts +247 -160
- package/dist/cli/lib.mjs +3 -3
- package/dist/cli/lib.mjs.map +1 -1
- package/dist/cli/skills.mjs +1 -1
- package/dist/completion/zsh-worker.zsh +175 -24
- package/dist/configure/index.d.mts +5 -5
- package/dist/configure/index.mjs +12 -6
- package/dist/configure/index.mjs.map +1 -1
- package/dist/{crashreport-u9y2npiy.mjs → crashreport-BqyvFk-_.mjs} +2 -2
- package/dist/{crashreport-u9y2npiy.mjs.map → crashreport-BqyvFk-_.mjs.map} +1 -1
- package/dist/{crashreport-6jpCceOF.mjs → crashreport-BwF8cHF0.mjs} +1 -1
- package/dist/enum-constants-C7DaWeQo.mjs.map +1 -1
- package/dist/field-C4zdJLW5.mjs.map +1 -1
- package/dist/file-utils-BHPxPXmn.mjs.map +1 -1
- package/dist/{idp-BlBPtXJ-.d.mts → idp-BmYwCXnJ.d.mts} +30 -3
- package/dist/{idp-BZPqpcYY.mjs → idp-ynUfzwpz.mjs} +9 -1
- package/dist/idp-ynUfzwpz.mjs.map +1 -0
- package/dist/{index-DvEUb3pX.d.mts → index-BAEaAqmz.d.mts} +112 -53
- package/dist/{index-CklcVeMG.d.mts → index-C-vsbx27.d.mts} +2 -2
- package/dist/{index-hXoO-AOC.d.mts → index-CKI0eZP6.d.mts} +2 -2
- package/dist/{index-DYhnxXYR.d.mts → index-CrqOgUF2.d.mts} +2 -2
- package/dist/{index-DlDRSzFZ.d.mts → index-DESLU9kI.d.mts} +2 -2
- package/dist/{index-DRhMpdnA.d.mts → index-dKNk8hjo.d.mts} +2 -2
- package/dist/job-BpsFXPbi.mjs.map +1 -1
- package/dist/{kysely-type-D1e0Vwkd.mjs → kysely-type-CSoZxVKN.mjs} +2 -2
- package/dist/{kysely-type-D1e0Vwkd.mjs.map → kysely-type-CSoZxVKN.mjs.map} +1 -1
- package/dist/{logger-DpJyJvNz.mjs → logger-DKF-JsAK.mjs} +3 -3
- package/dist/{logger-DpJyJvNz.mjs.map → logger-DKF-JsAK.mjs.map} +1 -1
- package/dist/{mock-DMgIygjE.mjs → mock-wf5qeZLi.mjs} +19 -9
- package/dist/mock-wf5qeZLi.mjs.map +1 -0
- package/dist/plugin/builtin/enum-constants/index.d.mts +1 -1
- package/dist/plugin/builtin/file-utils/index.d.mts +1 -1
- package/dist/plugin/builtin/kysely-type/index.d.mts +1 -1
- package/dist/plugin/builtin/kysely-type/index.mjs +1 -1
- package/dist/plugin/builtin/seed/index.d.mts +1 -1
- package/dist/plugin/index.d.mts +1 -1
- package/dist/plugin/index.mjs.map +1 -1
- package/dist/registry-D0uB0OrK.mjs.map +1 -1
- package/dist/{repl-editor-CJG3sz7A.mjs → repl-editor-DD5YP5mt.mjs} +4 -4
- package/dist/{repl-editor-CJG3sz7A.mjs.map → repl-editor-DD5YP5mt.mjs.map} +1 -1
- package/dist/runtime/globals.d.mts +3 -2
- package/dist/runtime/idp.d.mts +2 -2
- package/dist/runtime/idp.mjs +1 -1
- package/dist/runtime/index.d.mts +2 -2
- package/dist/runtime/index.mjs +1 -1
- package/dist/{runtime-DxaBq6U8.mjs → runtime-CSY0eD4_.mjs} +411 -221
- package/dist/runtime-CSY0eD4_.mjs.map +1 -0
- package/dist/{schema-1msIhXwA.mjs → schema-C4fkpWV_.mjs} +9 -15
- package/dist/schema-C4fkpWV_.mjs.map +1 -0
- package/dist/seed-YAbtMy65.mjs.map +1 -1
- package/dist/{service-wI3Hvrgx.mjs → service-B2Jd9CxS.mjs} +2 -2
- package/dist/service-B2Jd9CxS.mjs.map +1 -0
- package/dist/service-CRaa4Joe.mjs +4 -0
- package/dist/{service-DMohAx8a.mjs → service-DDWgZL_L2.mjs} +2 -2
- package/dist/service-DDWgZL_L2.mjs.map +1 -0
- package/dist/service_pb-DGSmn-aF.mjs +4 -0
- package/dist/{application-WpWwTyk9.mjs → service_pb-DSNjrcbW.mjs} +22 -6176
- package/dist/service_pb-DSNjrcbW.mjs.map +1 -0
- package/dist/telemetry-BQbbVo2t.mjs.map +1 -1
- package/dist/{types-2Be3wSMc.mjs → types-32lUMToj.mjs} +1 -1
- package/dist/{types-CmzfQP_m.mjs → types-D4QMmNWh.mjs} +1 -12
- package/dist/types-D4QMmNWh.mjs.map +1 -0
- package/dist/{types-Bzr0RQME.d.mts → types-Dynq4AJv.d.mts} +2 -2
- package/dist/{types-DZrtN6-H.d.mts → types-rj8YJcEe.d.mts} +5 -2
- package/dist/utils/test/index.d.mts +2 -2
- package/dist/utils/test/index.mjs.map +1 -1
- package/dist/vitest/environment.mjs +1 -1
- package/dist/vitest/environment.mjs.map +1 -1
- package/dist/vitest/index.mjs +4 -4
- package/dist/vitest/index.mjs.map +1 -1
- package/dist/vitest/setup.mjs +1 -1
- package/dist/{workflow.generated-1S50BhEb.d.mts → workflow.generated-DJULCuRr.d.mts} +274 -174
- package/docs/cli/application.md +39 -201
- package/docs/cli/auth.md +12 -256
- package/docs/cli/completion.md +0 -24
- package/docs/cli/crashreport.md +0 -58
- package/docs/cli/executor.md +2 -166
- package/docs/cli/function.md +2 -118
- package/docs/cli/organization.md +1 -211
- package/docs/cli/query.md +0 -20
- package/docs/cli/secret.md +70 -250
- package/docs/cli/setup.md +2 -41
- package/docs/cli/skills.md +0 -39
- package/docs/cli/staticwebsite.md +24 -172
- package/docs/cli/tailordb.md +25 -251
- package/docs/cli/upgrade.md +0 -20
- package/docs/cli/user.md +41 -246
- package/docs/cli/workflow.md +30 -189
- package/docs/cli/workspace.md +164 -537
- package/docs/cli-reference.md +61 -37
- package/docs/configuration.md +7 -1
- package/docs/github-actions.md +27 -0
- package/docs/multi-environment.md +22 -0
- package/docs/services/aigateway.md +4 -2
- package/docs/services/http-adapter.md +16 -1
- package/docs/services/idp.md +55 -2
- package/docs/services/staticwebsite.md +7 -1
- package/package.json +23 -18
- package/dist/application-Djeezk3m.mjs +0 -4
- package/dist/application-WpWwTyk9.mjs.map +0 -1
- package/dist/idp-BZPqpcYY.mjs.map +0 -1
- package/dist/mock-DMgIygjE.mjs.map +0 -1
- package/dist/runtime-DxaBq6U8.mjs.map +0 -1
- package/dist/schema-1msIhXwA.mjs.map +0 -1
- package/dist/service-BHQIerYh.mjs +0 -4
- package/dist/service-DMohAx8a.mjs.map +0 -1
- package/dist/service-wI3Hvrgx.mjs.map +0 -1
- package/dist/types-CmzfQP_m.mjs.map +0 -1
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
|
|
2
|
-
import { t as db } from "./schema-
|
|
3
|
-
import { $ as
|
|
2
|
+
import { t as db } from "./schema-C4fkpWV_.mjs";
|
|
3
|
+
import { $ as CreateUserProfileConfigRequestSchema, A as UpdatePipelineServiceRequestSchema, At as PageDirection, B as UpdateExecutorExecutorRequestSchema, Ct as GetApplicationSchemaHealthResponse_ApplicationSchemaHealthStatus, D as CreatePipelineResolverRequestSchema, Dt as ConditionSchema, E as UpdateSecretManagerSecretRequestSchema, Et as Subgraph_ServiceType, F as IdPPermissionOperator, G as CreateAuthHookRequestSchema, H as ExecutorTargetType, I as IdPPermissionPermit, J as CreateAuthOAuth2ClientRequestSchema, K as CreateAuthIDPConfigRequestSchema, L as FunctionExecution_Status, M as CreateIdPServiceRequestSchema, N as UpdateIdPServiceRequestSchema, O as CreatePipelineServiceRequestSchema, Ot as Condition_Operator, P as IdPLang, Q as CreateTenantConfigRequestSchema, S as UpdateStaticWebsiteRequestSchema, St as CreateApplicationRequestSchema, T as CreateSecretManagerVaultRequestSchema, Tt as ApplicationSchemaUpdateAttemptStatus, U as ExecutorTriggerType, V as ExecutorJobStatus, W as CreateAuthConnectionRequestSchema, X as CreateAuthSCIMResourceRequestSchema, Y as CreateAuthSCIMConfigRequestSchema, Z as CreateAuthServiceRequestSchema, _ as TailorDBType_Permission_Operator, _t as AuthSCIMAttribute_Uniqueness, a as WorkspacePlatformUserRole, at as UpdateAuthSCIMResourceRequestSchema, b as AddCustomDomainRequestSchema, bt as TenantProviderConfig_TenantProviderType, c as UpdateWorkflowRequestSchema, ct as UpdateUserProfileConfigRequestSchema, d as CreateTailorDBServiceRequestSchema, dt as AuthIDPConfig_AuthType, et as UpdateAuthHookRequestSchema, f as CreateTailorDBTypeRequestSchema, ft as AuthInvokerSchema, g as TailorDBGQLPermission_Permit, gt as AuthSCIMAttribute_Type, h as TailorDBGQLPermission_Operator, ht as AuthSCIMAttribute_Mutability, it as UpdateAuthSCIMConfigRequestSchema, j as PipelineResolver_OperationType, k as UpdatePipelineResolverRequestSchema, kt as FilterSchema, l as WorkflowExecution_Status, lt as AuthConnection_Type, m as TailorDBGQLPermission_Action, mt as AuthOAuth2Client_GrantType, nt as UpdateAuthMachineUserRequestSchema, o as CreateWorkflowJobFunctionRequestSchema, ot as UpdateAuthServiceRequestSchema, p as UpdateTailorDBTypeRequestSchema, pt as AuthOAuth2Client_ClientType, q as CreateAuthMachineUserRequestSchema, rt as UpdateAuthOAuth2ClientRequestSchema, s as CreateWorkflowRequestSchema, st as UpdateTenantConfigRequestSchema, t as OperatorService, tt as UpdateAuthIDPConfigRequestSchema, u as WorkflowJobExecution_Status, ut as AuthHookPoint, v as TailorDBType_Permission_Permit, vt as AuthSCIMConfig_AuthorizationType, w as CreateSecretManagerSecretRequestSchema, wt as UpdateApplicationRequestSchema, x as CreateStaticWebsiteRequestSchema, xt as UserProfileProviderConfig_UserProfileProviderType, y as TailorDBType_PermitAction, z as CreateExecutorExecutorRequestSchema } from "./service_pb-DSNjrcbW.mjs";
|
|
4
4
|
import { t as assertDefined } from "./assert-CKfwrmCV.mjs";
|
|
5
|
-
import { a as parseBoolean, i as symbols, n as logger, r as styles, t as CIPromptError } from "./logger-
|
|
6
|
-
import {
|
|
5
|
+
import { a as parseBoolean, i as symbols, n as logger, r as styles, t as CIPromptError } from "./logger-DKF-JsAK.mjs";
|
|
6
|
+
import { $ as initOperatorClient, A as loadAccessToken, G as fetchMachineUserToken, I as loadWorkspaceId, K as fetchPaged, L as platformConfigFromProfile, N as loadMachineUserName, P as loadPlatformClientConfig, R as readPlatformConfig, S as getDistDir, T as loadConfig, V as writePlatformConfig, W as fetchAll, X as getOAuth2ClientId, Y as getConsoleBaseUrl, Z as getPlatformBaseUrl, b as hasGenerationHooks, d as assertUniqueLocalTailorDBTypeNames, et as isDefaultPlatform, f as assertUniqueTailorDBTypeNamesWithExternal, h as platformBundleDefinePlugin, j as loadConfigPath, k as hasUserTokenEntry, l as buildExecutorArgsExpr, m as stringifyFunction, n as generatePluginFilesIfNeeded, nt as byName, p as TailorDBTypeSchema, r as loadApplication, s as HTTP_METHODS, t as defineApplication, tt as resolveStaticWebsiteUrls, u as buildResolverOperationHookExpr, w as hashFile, x as createBundleCache, y as getPluginGenerationDependencies } from "./application-Df5_I83n.mjs";
|
|
7
|
+
import { o as loadFilesWithIgnores, t as createExecutorService } from "./service-B2Jd9CxS.mjs";
|
|
7
8
|
import { t as multiline } from "./multiline-Cf9ODpr1.mjs";
|
|
8
9
|
import { t as readPackageJson } from "./package-json-DcQApfPQ.mjs";
|
|
9
10
|
import { i as userAgent } from "./secret-file-eB3R3Fil.mjs";
|
|
@@ -309,6 +310,10 @@ async function assertWritable(opts) {
|
|
|
309
310
|
|
|
310
311
|
//#endregion
|
|
311
312
|
//#region src/cli/commands/api/api-call.ts
|
|
313
|
+
function hasEnvAccessToken() {
|
|
314
|
+
const envToken = process.env.TAILOR_PLATFORM_TOKEN ?? process.env.TAILOR_TOKEN;
|
|
315
|
+
return Boolean(envToken);
|
|
316
|
+
}
|
|
312
317
|
/**
|
|
313
318
|
* Call Tailor Platform API endpoints directly.
|
|
314
319
|
* If the endpoint doesn't contain "/", it defaults to `tailor.v1.OperatorService/{endpoint}`.
|
|
@@ -317,10 +322,16 @@ async function assertWritable(opts) {
|
|
|
317
322
|
*/
|
|
318
323
|
async function apiCall(options) {
|
|
319
324
|
const accessToken = await loadAccessToken({ profile: options.profile });
|
|
325
|
+
let platformConfig;
|
|
326
|
+
try {
|
|
327
|
+
platformConfig = await loadPlatformClientConfig({ profile: options.profile });
|
|
328
|
+
} catch (error) {
|
|
329
|
+
if (!hasEnvAccessToken()) throw error;
|
|
330
|
+
}
|
|
320
331
|
let endpointPath;
|
|
321
332
|
if (options.endpoint.includes("/")) endpointPath = options.endpoint;
|
|
322
333
|
else endpointPath = `tailor.v1.OperatorService/${options.endpoint}`;
|
|
323
|
-
const url = new URL(endpointPath,
|
|
334
|
+
const url = new URL(endpointPath, getPlatformBaseUrl(platformConfig));
|
|
324
335
|
const response = await fetch(url.toString(), {
|
|
325
336
|
method: "POST",
|
|
326
337
|
headers: {
|
|
@@ -385,7 +396,7 @@ function nestedMessage(field) {
|
|
|
385
396
|
function isWellKnownType(message) {
|
|
386
397
|
return message.typeName.startsWith("google.protobuf.");
|
|
387
398
|
}
|
|
388
|
-
const UNREPRESENTABLE_WELL_KNOWN_TYPES = new Set([
|
|
399
|
+
const UNREPRESENTABLE_WELL_KNOWN_TYPES = /* @__PURE__ */ new Set([
|
|
389
400
|
"google.protobuf.Struct",
|
|
390
401
|
"google.protobuf.Value",
|
|
391
402
|
"google.protobuf.ListValue",
|
|
@@ -568,7 +579,7 @@ function fieldToJson(field, visited) {
|
|
|
568
579
|
return json;
|
|
569
580
|
}
|
|
570
581
|
function renderInspectJson(method) {
|
|
571
|
-
const visited = new Set([method.input]);
|
|
582
|
+
const visited = /* @__PURE__ */ new Set([method.input]);
|
|
572
583
|
return {
|
|
573
584
|
method: method.name,
|
|
574
585
|
input: {
|
|
@@ -599,7 +610,7 @@ function renderInspectText(method) {
|
|
|
599
610
|
const lines = [];
|
|
600
611
|
lines.push(`${method.name}`);
|
|
601
612
|
lines.push(` request: ${method.input.typeName}`);
|
|
602
|
-
const visited = new Set([method.input]);
|
|
613
|
+
const visited = /* @__PURE__ */ new Set([method.input]);
|
|
603
614
|
for (const f of method.input.fields) lines.push(...renderFieldText(f, " ", visited));
|
|
604
615
|
lines.push(` response: ${method.output.typeName}`);
|
|
605
616
|
return lines.join("\n");
|
|
@@ -750,7 +761,7 @@ function normalizeBodyFieldKeys(body, fields) {
|
|
|
750
761
|
}
|
|
751
762
|
return changed;
|
|
752
763
|
}
|
|
753
|
-
const FORBIDDEN_SEGMENTS = new Set([
|
|
764
|
+
const FORBIDDEN_SEGMENTS = /* @__PURE__ */ new Set([
|
|
754
765
|
"__proto__",
|
|
755
766
|
"constructor",
|
|
756
767
|
"prototype"
|
|
@@ -1593,7 +1604,7 @@ function copyMetadataToExtendedType(original, extended) {
|
|
|
1593
1604
|
/**
|
|
1594
1605
|
* Create a new ChangeSet for tracking resource changes.
|
|
1595
1606
|
* @param title - Title for the change set
|
|
1596
|
-
* @returns Empty ChangeSet instance with isEmpty() and
|
|
1607
|
+
* @returns Empty ChangeSet instance with isEmpty() and lines() methods
|
|
1597
1608
|
*/
|
|
1598
1609
|
function createChangeSet(title) {
|
|
1599
1610
|
const creates = [];
|
|
@@ -1610,17 +1621,16 @@ function createChangeSet(title) {
|
|
|
1610
1621
|
replaces,
|
|
1611
1622
|
unchanged,
|
|
1612
1623
|
isEmpty,
|
|
1613
|
-
|
|
1614
|
-
if (isEmpty()) return;
|
|
1615
|
-
|
|
1616
|
-
|
|
1617
|
-
|
|
1618
|
-
|
|
1619
|
-
|
|
1620
|
-
|
|
1621
|
-
|
|
1622
|
-
|
|
1623
|
-
replaces.forEach((item) => printItem(symbols.replace, item));
|
|
1624
|
+
lines: () => {
|
|
1625
|
+
if (isEmpty()) return [];
|
|
1626
|
+
const itemLines = (symbol) => (item) => [` ${symbol} ${item.name}`, ...(item.details ?? []).map((d) => ` ${d}`)];
|
|
1627
|
+
return [
|
|
1628
|
+
styles.bold(`${title}:`),
|
|
1629
|
+
...creates.flatMap(itemLines(symbols.create)),
|
|
1630
|
+
...deletes.flatMap(itemLines(symbols.delete)),
|
|
1631
|
+
...updates.flatMap(itemLines(symbols.update)),
|
|
1632
|
+
...replaces.flatMap(itemLines(symbols.replace))
|
|
1633
|
+
];
|
|
1624
1634
|
}
|
|
1625
1635
|
};
|
|
1626
1636
|
}
|
|
@@ -1634,15 +1644,13 @@ function summarizeChangeSets(changeSets) {
|
|
|
1634
1644
|
create: 0,
|
|
1635
1645
|
update: 0,
|
|
1636
1646
|
delete: 0,
|
|
1637
|
-
replace: 0
|
|
1638
|
-
unchanged: 0
|
|
1647
|
+
replace: 0
|
|
1639
1648
|
};
|
|
1640
1649
|
for (const changeSet of changeSets) {
|
|
1641
1650
|
summary.create += changeSet.creates.length;
|
|
1642
1651
|
summary.update += changeSet.updates.length;
|
|
1643
1652
|
summary.delete += changeSet.deletes.length;
|
|
1644
1653
|
summary.replace += changeSet.replaces.length;
|
|
1645
|
-
summary.unchanged += changeSet.unchanged.length;
|
|
1646
1654
|
}
|
|
1647
1655
|
return summary;
|
|
1648
1656
|
}
|
|
@@ -3046,18 +3054,19 @@ function extractServiceActions(changeSet) {
|
|
|
3046
3054
|
];
|
|
3047
3055
|
}
|
|
3048
3056
|
/**
|
|
3049
|
-
*
|
|
3057
|
+
* Build display lines for a titled section of grouped entries, nesting by namespace.
|
|
3050
3058
|
* Service-level changes are shown as the namespace header symbol.
|
|
3051
3059
|
* Services without child entries are shown as flat entries.
|
|
3052
3060
|
* @param title - Section title
|
|
3053
|
-
* @param entries - Entries to
|
|
3061
|
+
* @param entries - Entries to render (should NOT include service entries)
|
|
3054
3062
|
* @param serviceActions - Optional service-level actions to merge into namespace headers
|
|
3063
|
+
* @returns Lines ready for output; empty array when there is nothing to show
|
|
3055
3064
|
*/
|
|
3056
|
-
function
|
|
3065
|
+
function buildGroupedDisplayLines(title, entries, serviceActions) {
|
|
3057
3066
|
const serviceMap = /* @__PURE__ */ new Map();
|
|
3058
3067
|
if (serviceActions) for (const sa of serviceActions) serviceMap.set(sa.name, sa.action);
|
|
3059
|
-
if (entries.length === 0 && serviceMap.size === 0) return;
|
|
3060
|
-
|
|
3068
|
+
if (entries.length === 0 && serviceMap.size === 0) return [];
|
|
3069
|
+
const out = [styles.bold(`${title}:`)];
|
|
3061
3070
|
const namespaceOrder = [];
|
|
3062
3071
|
const byNamespace = /* @__PURE__ */ new Map();
|
|
3063
3072
|
for (const entry of entries) {
|
|
@@ -3074,12 +3083,13 @@ function printGroupedDisplaySection(title, entries, serviceActions) {
|
|
|
3074
3083
|
if (ns) {
|
|
3075
3084
|
const svcAction = serviceMap.get(ns);
|
|
3076
3085
|
const prefix = svcAction ? `${ACTION_SYMBOLS[svcAction]} ` : "";
|
|
3077
|
-
|
|
3086
|
+
out.push(` ${prefix}${styles.bold(`${ns}:`)}`);
|
|
3078
3087
|
printedServices.add(ns);
|
|
3079
|
-
for (const entry of group)
|
|
3080
|
-
} else for (const entry of group)
|
|
3088
|
+
for (const entry of group) out.push(` ${formatGroupedDisplayLine(entry)}`);
|
|
3089
|
+
} else for (const entry of group) out.push(` ${formatGroupedDisplayLine(entry)}`);
|
|
3081
3090
|
}
|
|
3082
|
-
for (const [name, action] of serviceMap) if (!printedServices.has(name))
|
|
3091
|
+
for (const [name, action] of serviceMap) if (!printedServices.has(name)) out.push(` ${ACTION_SYMBOLS[action]} ${name}`);
|
|
3092
|
+
return out;
|
|
3083
3093
|
}
|
|
3084
3094
|
|
|
3085
3095
|
//#endregion
|
|
@@ -3162,7 +3172,8 @@ function normalizeIdPPermission(permission) {
|
|
|
3162
3172
|
read: permission.read.map((p) => normalizeIdPActionPermission(p)),
|
|
3163
3173
|
update: permission.update.map((p) => normalizeIdPActionPermission(p)),
|
|
3164
3174
|
delete: permission.delete.map((p) => normalizeIdPActionPermission(p)),
|
|
3165
|
-
sendPasswordResetEmail: permission.sendPasswordResetEmail.map((p) => normalizeIdPActionPermission(p))
|
|
3175
|
+
sendPasswordResetEmail: (permission.sendPasswordResetEmail ?? []).map((p) => normalizeIdPActionPermission(p)),
|
|
3176
|
+
unenrollMfa: (permission.unenrollMfa ?? []).map((p) => normalizeIdPActionPermission(p))
|
|
3166
3177
|
};
|
|
3167
3178
|
}
|
|
3168
3179
|
/**
|
|
@@ -3188,7 +3199,7 @@ function parseIdPPermission(rawPermission) {
|
|
|
3188
3199
|
function findOmittedPermitRules(permission) {
|
|
3189
3200
|
if (!permission) return [];
|
|
3190
3201
|
const locations = [];
|
|
3191
|
-
for (const action of Object.keys(permission)) permission[action]
|
|
3202
|
+
for (const action of Object.keys(permission)) permission[action]?.forEach((rule, index) => {
|
|
3192
3203
|
if (isObjectFormat(rule) && rule.permit === void 0) locations.push(`${String(action)}[${index}]`);
|
|
3193
3204
|
});
|
|
3194
3205
|
return locations;
|
|
@@ -3196,6 +3207,14 @@ function findOmittedPermitRules(permission) {
|
|
|
3196
3207
|
|
|
3197
3208
|
//#endregion
|
|
3198
3209
|
//#region src/cli/commands/deploy/idp.ts
|
|
3210
|
+
async function resolveServiceReturnOrigins(client, request) {
|
|
3211
|
+
const policy = request.userAuthPolicy;
|
|
3212
|
+
const originals = policy?.allowedReturnOrigins;
|
|
3213
|
+
if (!policy || !originals?.length) return;
|
|
3214
|
+
const resolved = await resolveStaticWebsiteUrls(client, assertDefined(request.workspaceId, "request missing workspaceId"), originals, `IdP service "${request.namespaceName ?? ""}" allowedReturnOrigins`);
|
|
3215
|
+
if (resolved.length !== originals.length) throw new Error(`IdP service "${request.namespaceName ?? ""}" allowedReturnOrigins: ${originals.length - resolved.length} of ${originals.length} entries could not be resolved. Check that each "<name>:url" entry refers to a deployed static website.`);
|
|
3216
|
+
policy.allowedReturnOrigins = resolved;
|
|
3217
|
+
}
|
|
3199
3218
|
/**
|
|
3200
3219
|
* Build the vault name for an IdP client.
|
|
3201
3220
|
* @param namespaceName - IdP namespace name
|
|
@@ -3225,9 +3244,11 @@ async function applyIdP(client, result, phase = "create-update") {
|
|
|
3225
3244
|
const { changeSet } = result;
|
|
3226
3245
|
if (phase === "create-update") {
|
|
3227
3246
|
await Promise.all([...changeSet.service.creates.map(async (create) => {
|
|
3247
|
+
await resolveServiceReturnOrigins(client, create.request);
|
|
3228
3248
|
await client.createIdPService(create.request);
|
|
3229
3249
|
await client.setMetadata(create.metaRequest);
|
|
3230
3250
|
}), ...changeSet.service.updates.map(async (update) => {
|
|
3251
|
+
await resolveServiceReturnOrigins(client, update.request);
|
|
3231
3252
|
await client.updateIdPService(update.request);
|
|
3232
3253
|
await client.setMetadata(update.metaRequest);
|
|
3233
3254
|
})]);
|
|
@@ -3286,7 +3307,8 @@ async function applyIdP(client, result, phase = "create-update") {
|
|
|
3286
3307
|
async function planIdP(context) {
|
|
3287
3308
|
const { client, workspaceId, application, forRemoval, forceApplyAll = false, idpUserTriggerTargets } = context;
|
|
3288
3309
|
const idps = forRemoval ? [] : application.idpServices;
|
|
3289
|
-
const
|
|
3310
|
+
const expectedLocalWebsites = new Set(application.staticWebsiteServices.map((website) => website.name));
|
|
3311
|
+
const { changeSet: serviceChangeSet, conflicts, unmanaged, resourceOwners } = await planServices$3(client, workspaceId, application.name, application.id, idps, idpUserTriggerTargets ?? /* @__PURE__ */ new Set(), expectedLocalWebsites);
|
|
3290
3312
|
return {
|
|
3291
3313
|
changeSet: {
|
|
3292
3314
|
service: serviceChangeSet,
|
|
@@ -3310,7 +3332,11 @@ function normalizeComparableUserAuthPolicy(policy) {
|
|
|
3310
3332
|
allowedEmailDomains: (policy?.allowedEmailDomains ?? []).toSorted(),
|
|
3311
3333
|
allowGoogleOauth: policy?.allowGoogleOauth ?? false,
|
|
3312
3334
|
disablePasswordAuth: policy?.disablePasswordAuth ?? false,
|
|
3313
|
-
allowMicrosoftOauth: policy?.allowMicrosoftOauth ?? false
|
|
3335
|
+
allowMicrosoftOauth: policy?.allowMicrosoftOauth ?? false,
|
|
3336
|
+
enableMfa: policy?.enableMfa ?? false,
|
|
3337
|
+
requireMfa: policy?.requireMfa ?? false,
|
|
3338
|
+
allowedReturnOrigins: (policy?.allowedReturnOrigins ?? []).toSorted(),
|
|
3339
|
+
mfaIssuer: policy?.mfaIssuer ?? ""
|
|
3314
3340
|
};
|
|
3315
3341
|
}
|
|
3316
3342
|
function normalizeComparableDisableGqlOperations(value) {
|
|
@@ -3319,7 +3345,9 @@ function normalizeComparableDisableGqlOperations(value) {
|
|
|
3319
3345
|
update: value?.update ?? false,
|
|
3320
3346
|
delete: value?.delete ?? false,
|
|
3321
3347
|
read: value?.read ?? false,
|
|
3322
|
-
sendPasswordResetEmail: value?.sendPasswordResetEmail ?? false
|
|
3348
|
+
sendPasswordResetEmail: value?.sendPasswordResetEmail ?? false,
|
|
3349
|
+
requestMfaSettingsUrl: value?.requestMfaSettingsUrl ?? false,
|
|
3350
|
+
unenrollMfa: value?.unenrollMfa ?? false
|
|
3323
3351
|
};
|
|
3324
3352
|
}
|
|
3325
3353
|
function normalizeComparableEmailConfig(value) {
|
|
@@ -3341,7 +3369,7 @@ function normalizeComparableIdPService(input) {
|
|
|
3341
3369
|
}
|
|
3342
3370
|
function normalizeComparablePermission(permission) {
|
|
3343
3371
|
if (!permission) return;
|
|
3344
|
-
if (permission.create.length === 0 && permission.read.length === 0 && permission.update.length === 0 && permission.delete.length === 0 && permission.sendPasswordResetEmail.length === 0) return;
|
|
3372
|
+
if (permission.create.length === 0 && permission.read.length === 0 && permission.update.length === 0 && permission.delete.length === 0 && permission.sendPasswordResetEmail.length === 0 && permission.unenrollMfa.length === 0) return;
|
|
3345
3373
|
const normalizePolicy = (policy) => ({
|
|
3346
3374
|
conditions: policy.conditions.map((c) => ({
|
|
3347
3375
|
left: c.left ? { kind: c.left.kind } : void 0,
|
|
@@ -3356,7 +3384,8 @@ function normalizeComparablePermission(permission) {
|
|
|
3356
3384
|
read: permission.read.map(normalizePolicy),
|
|
3357
3385
|
update: permission.update.map(normalizePolicy),
|
|
3358
3386
|
delete: permission.delete.map(normalizePolicy),
|
|
3359
|
-
sendPasswordResetEmail: permission.sendPasswordResetEmail.map(normalizePolicy)
|
|
3387
|
+
sendPasswordResetEmail: permission.sendPasswordResetEmail.map(normalizePolicy),
|
|
3388
|
+
unenrollMfa: permission.unenrollMfa.map(normalizePolicy)
|
|
3360
3389
|
};
|
|
3361
3390
|
}
|
|
3362
3391
|
function areIdPServicesEqual(existing, desired) {
|
|
@@ -3370,7 +3399,7 @@ function areIdPServicesEqual(existing, desired) {
|
|
|
3370
3399
|
permission: normalizeComparablePermission(existing.permission)
|
|
3371
3400
|
}), desired);
|
|
3372
3401
|
}
|
|
3373
|
-
async function planServices$3(client, workspaceId, appName, appId, idps, idpUserTriggerTargets) {
|
|
3402
|
+
async function planServices$3(client, workspaceId, appName, appId, idps, idpUserTriggerTargets, expectedLocalWebsites) {
|
|
3374
3403
|
const changeSet = createChangeSet("IdP services");
|
|
3375
3404
|
const conflicts = [];
|
|
3376
3405
|
const unmanaged = [];
|
|
@@ -3432,10 +3461,15 @@ async function planServices$3(client, workspaceId, appName, appId, idps, idpUser
|
|
|
3432
3461
|
if (omittedPermitLocations.length > 0) logger.warn(`IdP service "${namespaceName}" has permission rule(s) ${omittedPermitLocations.join(", ")} in object form without an explicit "permit"; they default to "deny". Set permit: true (allow) or permit: false (deny) to silence this warning.`);
|
|
3433
3462
|
const parsedPermission = parseIdPPermission(idp.permission);
|
|
3434
3463
|
const protoPermission = parsedPermission ? protoIdPPermission(parsedPermission) : void 0;
|
|
3464
|
+
const resolvedReturnOrigins = await resolveStaticWebsiteUrls(client, workspaceId, userAuthPolicy?.allowedReturnOrigins ? [...userAuthPolicy.allowedReturnOrigins] : [], `IdP service "${namespaceName}" allowedReturnOrigins`, { expectedLocalNames: expectedLocalWebsites });
|
|
3465
|
+
const userAuthPolicyForCompare = userAuthPolicy ? {
|
|
3466
|
+
...userAuthPolicy,
|
|
3467
|
+
allowedReturnOrigins: resolvedReturnOrigins
|
|
3468
|
+
} : userAuthPolicy;
|
|
3435
3469
|
const desired = normalizeComparableIdPService({
|
|
3436
3470
|
authorization,
|
|
3437
3471
|
lang,
|
|
3438
|
-
userAuthPolicy: normalizeComparableUserAuthPolicy(
|
|
3472
|
+
userAuthPolicy: normalizeComparableUserAuthPolicy(userAuthPolicyForCompare),
|
|
3439
3473
|
publishUserEvents,
|
|
3440
3474
|
disableGqlOperations: normalizeComparableDisableGqlOperations(convertGqlOperationsToDisable(idp.gqlOperations)),
|
|
3441
3475
|
emailConfig: normalizeComparableEmailConfig(emailConfig),
|
|
@@ -3577,7 +3611,9 @@ function convertGqlOperationsToDisable(gqlOperations) {
|
|
|
3577
3611
|
update: gqlOperations.update === false,
|
|
3578
3612
|
delete: gqlOperations.delete === false,
|
|
3579
3613
|
read: gqlOperations.read === false,
|
|
3580
|
-
sendPasswordResetEmail: gqlOperations.sendPasswordResetEmail === false
|
|
3614
|
+
sendPasswordResetEmail: gqlOperations.sendPasswordResetEmail === false,
|
|
3615
|
+
requestMfaSettingsUrl: gqlOperations.requestMfaSettingsUrl === false,
|
|
3616
|
+
unenrollMfa: gqlOperations.unenrollMfa === false
|
|
3581
3617
|
};
|
|
3582
3618
|
}
|
|
3583
3619
|
function protoIdPPermission(permission) {
|
|
@@ -3586,7 +3622,8 @@ function protoIdPPermission(permission) {
|
|
|
3586
3622
|
read: permission.read.map((p) => protoIdPPolicy(p)),
|
|
3587
3623
|
update: permission.update.map((p) => protoIdPPolicy(p)),
|
|
3588
3624
|
delete: permission.delete.map((p) => protoIdPPolicy(p)),
|
|
3589
|
-
sendPasswordResetEmail: permission.sendPasswordResetEmail.map((p) => protoIdPPolicy(p))
|
|
3625
|
+
sendPasswordResetEmail: permission.sendPasswordResetEmail.map((p) => protoIdPPolicy(p)),
|
|
3626
|
+
unenrollMfa: permission.unenrollMfa.map((p) => protoIdPPolicy(p))
|
|
3590
3627
|
};
|
|
3591
3628
|
}
|
|
3592
3629
|
function protoIdPPolicy(policy) {
|
|
@@ -3757,7 +3794,7 @@ async function planAuth(context) {
|
|
|
3757
3794
|
},
|
|
3758
3795
|
conflicts: [...conflicts, ...connectionResult.conflicts],
|
|
3759
3796
|
unmanaged: [...unmanaged, ...connectionResult.unmanaged],
|
|
3760
|
-
resourceOwners: new Set([...resourceOwners, ...connectionResult.resourceOwners])
|
|
3797
|
+
resourceOwners: /* @__PURE__ */ new Set([...resourceOwners, ...connectionResult.resourceOwners])
|
|
3761
3798
|
};
|
|
3762
3799
|
}
|
|
3763
3800
|
async function planServices$2(client, workspaceId, appName, appId, auths, forceApplyAll = false) {
|
|
@@ -6976,7 +7013,7 @@ function createSnapshotFieldConfig(field) {
|
|
|
6976
7013
|
}
|
|
6977
7014
|
/**
|
|
6978
7015
|
* Create a snapshot field config from an OperatorFieldConfig (for nested fields)
|
|
6979
|
-
* @param {import("
|
|
7016
|
+
* @param {import("#/parser/service/tailordb/types").OperatorFieldConfig} fieldConfig - Field configuration
|
|
6980
7017
|
* @returns {SnapshotFieldConfig} Snapshot field configuration
|
|
6981
7018
|
*/
|
|
6982
7019
|
function createSnapshotFieldConfigFromOperatorConfig(fieldConfig) {
|
|
@@ -7826,7 +7863,7 @@ function validateMigrationFiles(migrationsDir) {
|
|
|
7826
7863
|
message: `Schema file found at migration ${formatMigrationNumber(num)}, but schema should only exist at ${formatMigrationNumber(0)}`,
|
|
7827
7864
|
migrationNumber: num
|
|
7828
7865
|
});
|
|
7829
|
-
const allNumbers = [
|
|
7866
|
+
const allNumbers = [.../* @__PURE__ */ new Set([...schemaFiles, ...diffFiles])].toSorted((a, b) => a - b);
|
|
7830
7867
|
if (allNumbers.length === 0) return errors;
|
|
7831
7868
|
for (const num of schemaFiles) if (num !== 0 && diffFiles.includes(num)) errors.push({
|
|
7832
7869
|
type: "duplicate",
|
|
@@ -7958,7 +7995,7 @@ function compareFields(typeName, fieldName, remoteField, snapshotField) {
|
|
|
7958
7995
|
/**
|
|
7959
7996
|
* System fields that are auto-generated and should be excluded from comparison
|
|
7960
7997
|
*/
|
|
7961
|
-
const SYSTEM_FIELDS = new Set(["id"]);
|
|
7998
|
+
const SYSTEM_FIELDS = /* @__PURE__ */ new Set(["id"]);
|
|
7962
7999
|
/**
|
|
7963
8000
|
* Compare remote TailorDB types with a local snapshot
|
|
7964
8001
|
* @param {ProtoTailorDBType[]} remoteTypes - Remote types from listParsedTailorDBTypes API
|
|
@@ -8486,7 +8523,7 @@ function protoGqlOperand(operand) {
|
|
|
8486
8523
|
/**
|
|
8487
8524
|
* Diff change kinds that require pre-migration schema adjustments.
|
|
8488
8525
|
*/
|
|
8489
|
-
const PRE_MIGRATION_FIELD_KINDS = new Set([
|
|
8526
|
+
const PRE_MIGRATION_FIELD_KINDS = /* @__PURE__ */ new Set([
|
|
8490
8527
|
"field_added",
|
|
8491
8528
|
"field_modified",
|
|
8492
8529
|
"field_removed"
|
|
@@ -9342,7 +9379,8 @@ async function applyTailorDB(client, result, phase = "create-update") {
|
|
|
9342
9379
|
await client.setMetadata(create.metaRequest);
|
|
9343
9380
|
}), ...changeSet.service.updates.map((update) => client.setMetadata(update.metaRequest))]);
|
|
9344
9381
|
try {
|
|
9345
|
-
|
|
9382
|
+
for (const create of changeSet.type.creates) await client.createTailorDBType(create.request);
|
|
9383
|
+
for (const update of changeSet.type.updates) await client.updateTailorDBType(update.request);
|
|
9346
9384
|
} catch (error) {
|
|
9347
9385
|
handleOptionalToRequiredError(error, ["Run 'tailor-sdk tailordb migration generate' to create migration files.", "Migration scripts allow you to handle existing data before applying the schema change."]);
|
|
9348
9386
|
}
|
|
@@ -9467,53 +9505,45 @@ async function executeSingleMigrationPrePhase(client, changeSet, migration, tail
|
|
|
9467
9505
|
const preMigrationChanges = buildPreMigrationChangesMap([migration]);
|
|
9468
9506
|
const affectedTypes = getAffectedTypeNames(migration);
|
|
9469
9507
|
const createdBeforeMigration = new Set(processedTypes.created);
|
|
9470
|
-
|
|
9471
|
-
|
|
9472
|
-
|
|
9473
|
-
|
|
9474
|
-
|
|
9475
|
-
|
|
9476
|
-
|
|
9477
|
-
|
|
9478
|
-
|
|
9479
|
-
|
|
9480
|
-
|
|
9481
|
-
|
|
9482
|
-
|
|
9483
|
-
|
|
9484
|
-
|
|
9485
|
-
|
|
9486
|
-
|
|
9487
|
-
|
|
9488
|
-
|
|
9489
|
-
|
|
9490
|
-
|
|
9491
|
-
|
|
9492
|
-
|
|
9493
|
-
|
|
9494
|
-
|
|
9495
|
-
|
|
9496
|
-
|
|
9497
|
-
|
|
9498
|
-
|
|
9499
|
-
|
|
9500
|
-
|
|
9501
|
-
|
|
9502
|
-
|
|
9503
|
-
|
|
9504
|
-
|
|
9505
|
-
|
|
9506
|
-
|
|
9507
|
-
|
|
9508
|
-
|
|
9509
|
-
if (typeName) processedTypes.updated.add(typeName);
|
|
9510
|
-
const clonedRequest = structuredClone(update.request);
|
|
9511
|
-
clonedRequest.tailordbType = snapshotType;
|
|
9512
|
-
const typeChanges = typeName ? preMigrationChanges.get(typeName) : void 0;
|
|
9513
|
-
if (typeChanges && typeChanges.size > 0 && clonedRequest.tailordbType.schema?.fields) applyPreMigrationFieldAdjustments(clonedRequest.tailordbType.schema.fields, typeChanges);
|
|
9514
|
-
return client.updateTailorDBType(clonedRequest);
|
|
9515
|
-
})
|
|
9516
|
-
]);
|
|
9508
|
+
for (const create of changeSet.type.creates) {
|
|
9509
|
+
const typeName = create.request.tailordbType?.name;
|
|
9510
|
+
if (!typeName || !affectedTypes.has(typeName) || createdBeforeMigration.has(typeName)) continue;
|
|
9511
|
+
const snapshotType = buildSnapshotTypeManifest(migration, typeName, tailorDBInputs, executorUsedTypes);
|
|
9512
|
+
if (!snapshotType) continue;
|
|
9513
|
+
const clonedRequest = structuredClone(create.request);
|
|
9514
|
+
clonedRequest.tailordbType = snapshotType;
|
|
9515
|
+
const typeChanges = preMigrationChanges.get(typeName);
|
|
9516
|
+
if (typeChanges && typeChanges.size > 0 && clonedRequest.tailordbType.schema?.fields) applyPreMigrationFieldAdjustments(clonedRequest.tailordbType.schema.fields, typeChanges);
|
|
9517
|
+
processedTypes.created.add(typeName);
|
|
9518
|
+
await client.createTailorDBType(clonedRequest);
|
|
9519
|
+
}
|
|
9520
|
+
for (const create of changeSet.type.creates) {
|
|
9521
|
+
const typeName = create.request.tailordbType?.name;
|
|
9522
|
+
if (!typeName || !affectedTypes.has(typeName) || !createdBeforeMigration.has(typeName)) continue;
|
|
9523
|
+
const snapshotType = buildSnapshotTypeManifest(migration, typeName, tailorDBInputs, executorUsedTypes);
|
|
9524
|
+
if (!snapshotType) continue;
|
|
9525
|
+
const clonedTypeRequest = structuredClone(snapshotType);
|
|
9526
|
+
const typeChanges = preMigrationChanges.get(typeName);
|
|
9527
|
+
if (typeChanges && typeChanges.size > 0 && clonedTypeRequest.schema?.fields) applyPreMigrationFieldAdjustments(clonedTypeRequest.schema.fields, typeChanges);
|
|
9528
|
+
processedTypes.updated.add(typeName);
|
|
9529
|
+
await client.updateTailorDBType({
|
|
9530
|
+
workspaceId: create.request.workspaceId,
|
|
9531
|
+
namespaceName: create.request.namespaceName,
|
|
9532
|
+
tailordbType: clonedTypeRequest
|
|
9533
|
+
});
|
|
9534
|
+
}
|
|
9535
|
+
for (const update of changeSet.type.updates) {
|
|
9536
|
+
const typeName = update.request.tailordbType?.name;
|
|
9537
|
+
if (!typeName || !affectedTypes.has(typeName)) continue;
|
|
9538
|
+
const snapshotType = buildSnapshotTypeManifest(migration, typeName, tailorDBInputs, executorUsedTypes);
|
|
9539
|
+
if (!snapshotType) continue;
|
|
9540
|
+
const clonedRequest = structuredClone(update.request);
|
|
9541
|
+
clonedRequest.tailordbType = snapshotType;
|
|
9542
|
+
const typeChanges = preMigrationChanges.get(typeName);
|
|
9543
|
+
if (typeChanges && typeChanges.size > 0 && clonedRequest.tailordbType.schema?.fields) applyPreMigrationFieldAdjustments(clonedRequest.tailordbType.schema.fields, typeChanges);
|
|
9544
|
+
processedTypes.updated.add(typeName);
|
|
9545
|
+
await client.updateTailorDBType(clonedRequest);
|
|
9546
|
+
}
|
|
9517
9547
|
if (!processedTypes.gqlPermissionsProcessed.has(migration.namespace)) {
|
|
9518
9548
|
const gqlPermissionCreatesForNamespace = changeSet.gqlPermission.creates.filter((create) => create.request.namespaceName === migration.namespace);
|
|
9519
9549
|
const gqlPermissionUpdatesForNamespace = changeSet.gqlPermission.updates.filter((update) => update.request.namespaceName === migration.namespace);
|
|
@@ -9522,11 +9552,11 @@ async function executeSingleMigrationPrePhase(client, changeSet, migration, tail
|
|
|
9522
9552
|
const typeName = create.request.tailordbType?.name;
|
|
9523
9553
|
return create.request.namespaceName === migration.namespace && typeName && gqlPermissionTypeNames.has(typeName) && !processedTypes.created.has(typeName);
|
|
9524
9554
|
});
|
|
9525
|
-
if (missingTypeCreates.length > 0)
|
|
9555
|
+
if (missingTypeCreates.length > 0) for (const create of missingTypeCreates) {
|
|
9526
9556
|
const typeName = create.request.tailordbType?.name;
|
|
9527
9557
|
if (typeName) processedTypes.created.add(typeName);
|
|
9528
|
-
|
|
9529
|
-
}
|
|
9558
|
+
await client.createTailorDBType(create.request);
|
|
9559
|
+
}
|
|
9530
9560
|
processedTypes.gqlPermissionsProcessed.add(migration.namespace);
|
|
9531
9561
|
await awaitAllSettledOrThrow([...gqlPermissionCreatesForNamespace.map((create) => client.createTailorDBGQLPermission(create.request)), ...gqlPermissionUpdatesForNamespace.map((update) => client.updateTailorDBGQLPermission(update.request))]);
|
|
9532
9562
|
}
|
|
@@ -9556,31 +9586,28 @@ async function executeSingleMigrationPostPhase(client, changeSet, migration, tai
|
|
|
9556
9586
|
const affectedTypes = getAffectedTypeNames(migration);
|
|
9557
9587
|
const deletedTypeNames = getDeletedTypeNames(migration);
|
|
9558
9588
|
try {
|
|
9559
|
-
|
|
9560
|
-
const typeName = create.request.tailordbType?.name;
|
|
9561
|
-
return typeName && affectedTypes.has(typeName) && preMigrationChanges.has(typeName);
|
|
9562
|
-
}).map((create) => {
|
|
9589
|
+
for (const create of changeSet.type.creates) {
|
|
9563
9590
|
const typeName = create.request.tailordbType?.name;
|
|
9564
|
-
|
|
9565
|
-
|
|
9566
|
-
|
|
9591
|
+
if (!typeName || !affectedTypes.has(typeName) || !preMigrationChanges.has(typeName)) continue;
|
|
9592
|
+
const snapshotType = buildSnapshotTypeManifest(migration, typeName, tailorDBInputs, executorUsedTypes);
|
|
9593
|
+
if (!snapshotType) continue;
|
|
9594
|
+
await client.updateTailorDBType({
|
|
9567
9595
|
workspaceId: create.request.workspaceId,
|
|
9568
9596
|
namespaceName: create.request.namespaceName,
|
|
9569
9597
|
tailordbType: snapshotType
|
|
9570
9598
|
});
|
|
9571
|
-
}
|
|
9572
|
-
|
|
9573
|
-
return typeName && affectedTypes.has(typeName) && preMigrationChanges.has(typeName);
|
|
9574
|
-
}).map((update) => {
|
|
9599
|
+
}
|
|
9600
|
+
for (const update of changeSet.type.updates) {
|
|
9575
9601
|
const typeName = update.request.tailordbType?.name;
|
|
9576
|
-
|
|
9577
|
-
|
|
9578
|
-
|
|
9602
|
+
if (!typeName || !affectedTypes.has(typeName) || !preMigrationChanges.has(typeName)) continue;
|
|
9603
|
+
const snapshotType = buildSnapshotTypeManifest(migration, typeName, tailorDBInputs, executorUsedTypes);
|
|
9604
|
+
if (!snapshotType) continue;
|
|
9605
|
+
await client.updateTailorDBType({
|
|
9579
9606
|
workspaceId: update.request.workspaceId,
|
|
9580
9607
|
namespaceName: update.request.namespaceName,
|
|
9581
9608
|
tailordbType: snapshotType
|
|
9582
9609
|
});
|
|
9583
|
-
}
|
|
9610
|
+
}
|
|
9584
9611
|
} catch (error) {
|
|
9585
9612
|
handleOptionalToRequiredError(error, ["This error occurred during post-migration phase. Please check your migration script.", "Ensure all existing records have values for fields being changed to required."]);
|
|
9586
9613
|
}
|
|
@@ -9629,7 +9656,7 @@ async function rollbackSingleMigrationPrePhase(client, changeSet, migration, wor
|
|
|
9629
9656
|
const name = update.request.tailordbType?.name;
|
|
9630
9657
|
if (update.request.namespaceName === migration.namespace && name) namespaceTypes.add(name);
|
|
9631
9658
|
}
|
|
9632
|
-
const applied = new Set([...processedTypes.created, ...processedTypes.updated]);
|
|
9659
|
+
const applied = /* @__PURE__ */ new Set([...processedTypes.created, ...processedTypes.updated]);
|
|
9633
9660
|
const rollbackTypes = new Set([...namespaceTypes].filter((name) => applied.has(name)));
|
|
9634
9661
|
if (rollbackTypes.size === 0) return;
|
|
9635
9662
|
const priorSnapshot = reconstructSnapshotFromMigrations(migration.migrationsDir, migration.number - 1);
|
|
@@ -9950,7 +9977,7 @@ const tailordbCompareKnownDefaults = {
|
|
|
9950
9977
|
* Proto bigint-backed values can round-trip as numbers locally and strings remotely.
|
|
9951
9978
|
* Canonicalize them to strings at compare time.
|
|
9952
9979
|
*/
|
|
9953
|
-
numericStringPaths: new Set([
|
|
9980
|
+
numericStringPaths: /* @__PURE__ */ new Set([
|
|
9954
9981
|
"schema.fields.*.serial.start",
|
|
9955
9982
|
"schema.fields.*.serial.maxValue",
|
|
9956
9983
|
"schema.settings.defaultQueryLimitSize",
|
|
@@ -10530,8 +10557,13 @@ function validateItems(params) {
|
|
|
10530
10557
|
*
|
|
10531
10558
|
* Collections not validated: idp client, tailorDB gqlPermission, functionRegistry — no
|
|
10532
10559
|
* buf.validate annotations.
|
|
10533
|
-
* Application cors
|
|
10534
|
-
*
|
|
10560
|
+
* Application cors and IdP userAuthPolicy.allowedReturnOrigins receive special
|
|
10561
|
+
* handling: static-website URL placeholders are resolved at apply time, so the
|
|
10562
|
+
* relevant origin/URL constraints would false-positive on `<name>:url` entries
|
|
10563
|
+
* here. Application cors is dropped entirely (no other constraint to lose); IdP
|
|
10564
|
+
* `allowedReturnOrigins` substitutes placeholder entries with a dummy origin so
|
|
10565
|
+
* the per-item regex and the cross-field `enable_mfa requires ≥1 origin` rule
|
|
10566
|
+
* still get exercised on the rest of the payload.
|
|
10535
10567
|
* Workflow jobFunctions map excluded: versions are registered at apply time (registerJobFunctions)
|
|
10536
10568
|
* and the map field carries no min_items constraint. Job names are validated separately via
|
|
10537
10569
|
* CreateWorkflowJobFunctionRequestSchema using usedJobNames from the workflow change set.
|
|
@@ -10583,8 +10615,25 @@ async function validatePlan(input) {
|
|
|
10583
10615
|
creates(CreateStaticWebsiteRequestSchema, "StaticWebsite", staticWebsite.changeSet.creates);
|
|
10584
10616
|
updates(UpdateStaticWebsiteRequestSchema, "StaticWebsite", staticWebsite.changeSet.updates);
|
|
10585
10617
|
creates(AddCustomDomainRequestSchema, "StaticWebsite custom domain", staticWebsite.customDomainChangeSet.creates);
|
|
10586
|
-
|
|
10587
|
-
|
|
10618
|
+
const placeholderOriginReplacement = "https://placeholder.invalid";
|
|
10619
|
+
const substituteIdpReturnOrigins = (item) => {
|
|
10620
|
+
const request = item.request;
|
|
10621
|
+
const origins = request.userAuthPolicy?.allowedReturnOrigins;
|
|
10622
|
+
if (!Array.isArray(origins) || origins.length === 0) return item;
|
|
10623
|
+
const substituted = origins.map((origin) => typeof origin === "string" && /^[a-z0-9][a-z0-9-]{1,61}[a-z0-9]:url$/.test(origin) ? placeholderOriginReplacement : origin);
|
|
10624
|
+
return {
|
|
10625
|
+
...item,
|
|
10626
|
+
request: {
|
|
10627
|
+
...request,
|
|
10628
|
+
userAuthPolicy: {
|
|
10629
|
+
...request.userAuthPolicy,
|
|
10630
|
+
allowedReturnOrigins: substituted
|
|
10631
|
+
}
|
|
10632
|
+
}
|
|
10633
|
+
};
|
|
10634
|
+
};
|
|
10635
|
+
creates(CreateIdPServiceRequestSchema, "IdP service", idp.changeSet.service.creates.map(substituteIdpReturnOrigins));
|
|
10636
|
+
updates(UpdateIdPServiceRequestSchema, "IdP service", idp.changeSet.service.updates.map(substituteIdpReturnOrigins));
|
|
10588
10637
|
const idpClientVaultItems = [...idp.changeSet.client.creates.map((c) => ({
|
|
10589
10638
|
clientName: c.request.client?.name ?? "",
|
|
10590
10639
|
namespaceName: c.request.namespaceName ?? "",
|
|
@@ -10775,7 +10824,15 @@ function computeRenamedAppDeletions(params) {
|
|
|
10775
10824
|
const { conflicts, resourceOwners, targetAppName } = params;
|
|
10776
10825
|
return [...new Set(conflicts.map((c) => c.currentOwner))].filter((owner) => !resourceOwners.has(owner) && owner !== targetAppName);
|
|
10777
10826
|
}
|
|
10778
|
-
|
|
10827
|
+
/**
|
|
10828
|
+
* Format and output the plan results, then return a summary of change counts.
|
|
10829
|
+
* In JSON dry-run mode a JSON payload is written to stdout. In all other modes
|
|
10830
|
+
* the human-readable diff goes to stdout (dry-run) or stderr (apply).
|
|
10831
|
+
* @param results - Planned results across all services
|
|
10832
|
+
* @param opts - Output options (dry-run mode flag)
|
|
10833
|
+
* @returns Aggregated plan summary counts
|
|
10834
|
+
*/
|
|
10835
|
+
function printPlanResults(results, opts) {
|
|
10779
10836
|
const executorEntries = formatExecutorChangeEntries(results.executor.changeSet, buildPlannedExecutorsByName(results.executor.changeSet), results.functionRegistry.executorFunctionChanges);
|
|
10780
10837
|
const resolverEntries = formatResolverChangeEntries(results.pipeline.changeSet.resolver, results.functionRegistry.resolverFunctionChanges);
|
|
10781
10838
|
const workflowEntries = formatWorkflowChangeEntries(results.workflow.changeSet, results.functionRegistry.workflowJobChanges);
|
|
@@ -10800,41 +10857,142 @@ function printPlanResults(results) {
|
|
|
10800
10857
|
...formatChangeSetEntries(results.auth.changeSet.connection, ["connection"], namespaceOf)
|
|
10801
10858
|
];
|
|
10802
10859
|
const { otherChanges: otherFunctionRegistryChanges } = splitFunctionRegistryChanges(results.functionRegistry.changeSet);
|
|
10803
|
-
printGroupedDisplaySection(results.functionRegistry.changeSet.title, formatChangeSetEntries(otherFunctionRegistryChanges));
|
|
10804
10860
|
const tailorDBServiceActions = extractServiceActions(results.tailorDB.changeSet.service);
|
|
10805
10861
|
const pipelineServiceActions = extractServiceActions(results.pipeline.changeSet.service);
|
|
10806
10862
|
const idpServiceActions = extractServiceActions(results.idp.changeSet.service);
|
|
10807
10863
|
const authServiceActions = extractServiceActions(results.auth.changeSet.service);
|
|
10808
|
-
|
|
10809
|
-
results.staticWebsite.customDomainChangeSet.print();
|
|
10810
|
-
results.aiGateway.changeSet.print();
|
|
10811
|
-
results.app.print();
|
|
10812
|
-
printGroupedDisplaySection("TailorDB", tailorDBEntries, tailorDBServiceActions);
|
|
10813
|
-
printGroupedDisplaySection("Resolver", pipelineEntries, pipelineServiceActions);
|
|
10814
|
-
printGroupedDisplaySection("Executor", executorEntries);
|
|
10815
|
-
printGroupedDisplaySection("Workflow", workflowEntries);
|
|
10816
|
-
printGroupedDisplaySection("IdP", idpEntries, idpServiceActions);
|
|
10817
|
-
printGroupedDisplaySection("Auth", authEntries, authServiceActions);
|
|
10818
|
-
results.secretManager.vaultChangeSet.print();
|
|
10819
|
-
results.secretManager.secretChangeSet.print();
|
|
10820
|
-
if (results.secretManager.skippedSecrets.length > 0) {
|
|
10821
|
-
logger.log(styles.bold("Secret Manager secrets (skipped - no value provided):"));
|
|
10822
|
-
for (const name of results.secretManager.skippedSecrets) logger.log(` ${styles.dim("○")} ${name}`);
|
|
10823
|
-
}
|
|
10824
|
-
const summary = summarizePlanResults(results, [
|
|
10864
|
+
const allDisplayEntries = [
|
|
10825
10865
|
...tailorDBEntries,
|
|
10826
10866
|
...pipelineEntries,
|
|
10827
10867
|
...executorEntries,
|
|
10828
10868
|
...workflowEntries,
|
|
10829
10869
|
...idpEntries,
|
|
10830
10870
|
...authEntries
|
|
10831
|
-
]
|
|
10871
|
+
];
|
|
10872
|
+
const summary = summarizePlanResults(results, allDisplayEntries, [
|
|
10832
10873
|
...tailorDBServiceActions,
|
|
10833
10874
|
...pipelineServiceActions,
|
|
10834
10875
|
...idpServiceActions,
|
|
10835
10876
|
...authServiceActions
|
|
10836
10877
|
]);
|
|
10837
|
-
|
|
10878
|
+
const allUnmanaged = [
|
|
10879
|
+
...results.functionRegistry.unmanaged,
|
|
10880
|
+
...results.tailorDB.unmanaged,
|
|
10881
|
+
...results.staticWebsite.unmanaged,
|
|
10882
|
+
...results.aiGateway.unmanaged,
|
|
10883
|
+
...results.idp.unmanaged,
|
|
10884
|
+
...results.auth.unmanaged,
|
|
10885
|
+
...results.pipeline.unmanaged,
|
|
10886
|
+
...results.executor.unmanaged,
|
|
10887
|
+
...results.workflow.unmanaged,
|
|
10888
|
+
...results.secretManager.unmanaged
|
|
10889
|
+
];
|
|
10890
|
+
const allConflicts = [
|
|
10891
|
+
...results.functionRegistry.conflicts,
|
|
10892
|
+
...results.tailorDB.conflicts,
|
|
10893
|
+
...results.staticWebsite.conflicts,
|
|
10894
|
+
...results.aiGateway.conflicts,
|
|
10895
|
+
...results.idp.conflicts,
|
|
10896
|
+
...results.auth.conflicts,
|
|
10897
|
+
...results.pipeline.conflicts,
|
|
10898
|
+
...results.executor.conflicts,
|
|
10899
|
+
...results.workflow.conflicts,
|
|
10900
|
+
...results.secretManager.conflicts
|
|
10901
|
+
];
|
|
10902
|
+
if (logger.jsonMode && opts?.dryRun) {
|
|
10903
|
+
const changes = [
|
|
10904
|
+
...allDisplayEntries,
|
|
10905
|
+
...tailorDBServiceActions.map(({ action, name }) => ({
|
|
10906
|
+
action,
|
|
10907
|
+
name,
|
|
10908
|
+
labels: ["tailorDB"],
|
|
10909
|
+
namespace: void 0
|
|
10910
|
+
})),
|
|
10911
|
+
...pipelineServiceActions.map(({ action, name }) => ({
|
|
10912
|
+
action,
|
|
10913
|
+
name,
|
|
10914
|
+
labels: ["pipeline"],
|
|
10915
|
+
namespace: void 0
|
|
10916
|
+
})),
|
|
10917
|
+
...idpServiceActions.map(({ action, name }) => ({
|
|
10918
|
+
action,
|
|
10919
|
+
name,
|
|
10920
|
+
labels: ["idp"],
|
|
10921
|
+
namespace: void 0
|
|
10922
|
+
})),
|
|
10923
|
+
...authServiceActions.map(({ action, name }) => ({
|
|
10924
|
+
action,
|
|
10925
|
+
name,
|
|
10926
|
+
labels: ["auth"],
|
|
10927
|
+
namespace: void 0
|
|
10928
|
+
})),
|
|
10929
|
+
...formatChangeSetEntries(otherFunctionRegistryChanges),
|
|
10930
|
+
...formatChangeSetEntries(results.staticWebsite.changeSet, ["staticWebsite"]),
|
|
10931
|
+
...formatChangeSetEntries(results.staticWebsite.customDomainChangeSet, ["customDomain"]),
|
|
10932
|
+
...formatChangeSetEntries(results.aiGateway.changeSet, ["aiGateway"]),
|
|
10933
|
+
...formatChangeSetEntries(results.app, ["application"]),
|
|
10934
|
+
...formatChangeSetEntries(results.secretManager.vaultChangeSet, ["vault"]),
|
|
10935
|
+
...formatChangeSetEntries(results.secretManager.secretChangeSet, ["secret"])
|
|
10936
|
+
].map(({ action, name, labels, namespace }) => ({
|
|
10937
|
+
action,
|
|
10938
|
+
name,
|
|
10939
|
+
labels,
|
|
10940
|
+
namespace
|
|
10941
|
+
}));
|
|
10942
|
+
const warnings = [...allUnmanaged.map(({ resourceType, resourceName }) => ({
|
|
10943
|
+
type: "unmanaged",
|
|
10944
|
+
resourceType,
|
|
10945
|
+
name: resourceName
|
|
10946
|
+
})), ...results.secretManager.skippedSecrets.map((name) => ({
|
|
10947
|
+
type: "skippedSecret",
|
|
10948
|
+
resourceType: "secret",
|
|
10949
|
+
name
|
|
10950
|
+
}))];
|
|
10951
|
+
const conflicts = allConflicts.map(({ resourceType, resourceName, currentOwner }) => ({
|
|
10952
|
+
resourceType,
|
|
10953
|
+
name: resourceName,
|
|
10954
|
+
currentOwner
|
|
10955
|
+
}));
|
|
10956
|
+
logger.out({
|
|
10957
|
+
summary,
|
|
10958
|
+
changes,
|
|
10959
|
+
warnings,
|
|
10960
|
+
conflicts
|
|
10961
|
+
});
|
|
10962
|
+
return summary;
|
|
10963
|
+
}
|
|
10964
|
+
const allLines = [
|
|
10965
|
+
...buildGroupedDisplayLines(results.functionRegistry.changeSet.title, formatChangeSetEntries(otherFunctionRegistryChanges)),
|
|
10966
|
+
...results.staticWebsite.changeSet.lines(),
|
|
10967
|
+
...results.staticWebsite.customDomainChangeSet.lines(),
|
|
10968
|
+
...results.aiGateway.changeSet.lines(),
|
|
10969
|
+
...results.app.lines(),
|
|
10970
|
+
...buildGroupedDisplayLines("TailorDB", tailorDBEntries, tailorDBServiceActions),
|
|
10971
|
+
...buildGroupedDisplayLines("Resolver", pipelineEntries, pipelineServiceActions),
|
|
10972
|
+
...buildGroupedDisplayLines("Executor", executorEntries),
|
|
10973
|
+
...buildGroupedDisplayLines("Workflow", workflowEntries),
|
|
10974
|
+
...buildGroupedDisplayLines("IdP", idpEntries, idpServiceActions),
|
|
10975
|
+
...buildGroupedDisplayLines("Auth", authEntries, authServiceActions),
|
|
10976
|
+
...results.secretManager.vaultChangeSet.lines(),
|
|
10977
|
+
...results.secretManager.secretChangeSet.lines()
|
|
10978
|
+
];
|
|
10979
|
+
if (allUnmanaged.length > 0) {
|
|
10980
|
+
allLines.push(styles.bold("Unmanaged resources (not in config):"));
|
|
10981
|
+
for (const { resourceType, resourceName } of allUnmanaged) allLines.push(` ${styles.warning("⚠")} ${styles.bold(resourceType)} "${resourceName}"`);
|
|
10982
|
+
}
|
|
10983
|
+
if (results.secretManager.skippedSecrets.length > 0) {
|
|
10984
|
+
allLines.push(styles.bold("Secret Manager secrets (skipped - no value provided):"));
|
|
10985
|
+
for (const name of results.secretManager.skippedSecrets) allLines.push(` ${styles.dim("○")} ${name}`);
|
|
10986
|
+
}
|
|
10987
|
+
if (allConflicts.length > 0) {
|
|
10988
|
+
allLines.push(styles.bold("Owner conflicts (will require confirmation on apply):"));
|
|
10989
|
+
for (const { resourceType, resourceName, currentOwner } of allConflicts) allLines.push(` ${styles.warning("!")} ${styles.bold(resourceType)} "${resourceName}" — owned by "${currentOwner}"`);
|
|
10990
|
+
}
|
|
10991
|
+
allLines.push(formatPlanSummary(summary));
|
|
10992
|
+
const output = allLines.join("\n");
|
|
10993
|
+
if (opts?.dryRun) logger.out(output);
|
|
10994
|
+
else logger.log(output);
|
|
10995
|
+
return summary;
|
|
10838
10996
|
}
|
|
10839
10997
|
/**
|
|
10840
10998
|
* Summarize plan counts from display entries, service actions, and non-grouped changesets.
|
|
@@ -10848,8 +11006,7 @@ function summarizePlanResults(results, displayEntries, serviceActions) {
|
|
|
10848
11006
|
create: 0,
|
|
10849
11007
|
update: 0,
|
|
10850
11008
|
delete: 0,
|
|
10851
|
-
replace: 0
|
|
10852
|
-
unchanged: 0
|
|
11009
|
+
replace: 0
|
|
10853
11010
|
};
|
|
10854
11011
|
for (const entry of displayEntries) summary[entry.action] += 1;
|
|
10855
11012
|
for (const sa of serviceActions) summary[sa.action] += 1;
|
|
@@ -11065,7 +11222,7 @@ async function deploy(options) {
|
|
|
11065
11222
|
await confirmImportantResourceDeletion(importantDeletions, yes);
|
|
11066
11223
|
const emptyApps = computeRenamedAppDeletions({
|
|
11067
11224
|
conflicts: allConflicts,
|
|
11068
|
-
resourceOwners: new Set([
|
|
11225
|
+
resourceOwners: /* @__PURE__ */ new Set([
|
|
11069
11226
|
...functionRegistry.resourceOwners,
|
|
11070
11227
|
...tailorDB.resourceOwners,
|
|
11071
11228
|
...staticWebsite.resourceOwners,
|
|
@@ -11087,7 +11244,7 @@ async function deploy(options) {
|
|
|
11087
11244
|
}
|
|
11088
11245
|
});
|
|
11089
11246
|
});
|
|
11090
|
-
printPlanResults({
|
|
11247
|
+
const planSummary = printPlanResults({
|
|
11091
11248
|
functionRegistry,
|
|
11092
11249
|
tailorDB,
|
|
11093
11250
|
staticWebsite,
|
|
@@ -11099,7 +11256,7 @@ async function deploy(options) {
|
|
|
11099
11256
|
executor,
|
|
11100
11257
|
workflow,
|
|
11101
11258
|
secretManager
|
|
11102
|
-
});
|
|
11259
|
+
}, { dryRun: options?.dryRun });
|
|
11103
11260
|
if (options?.noValidate) logger.warn("Client-side validation skipped (--no-validate).");
|
|
11104
11261
|
else await validatePlan({
|
|
11105
11262
|
functionRegistry,
|
|
@@ -11152,7 +11309,11 @@ async function deploy(options) {
|
|
|
11152
11309
|
await applyTailorDB(client, tailorDB, "delete-services");
|
|
11153
11310
|
});
|
|
11154
11311
|
await withSpan("apply.cleanup", () => applyFunctionRegistry(client, workspaceId, functionRegistry, "delete"));
|
|
11155
|
-
logger.
|
|
11312
|
+
if (logger.jsonMode) logger.out({
|
|
11313
|
+
summary: planSummary,
|
|
11314
|
+
status: "applied"
|
|
11315
|
+
});
|
|
11316
|
+
else logger.success("Successfully applied changes.");
|
|
11156
11317
|
});
|
|
11157
11318
|
}
|
|
11158
11319
|
|
|
@@ -15111,31 +15272,34 @@ async function execRemove(client, workspaceId, application, config, confirm) {
|
|
|
15111
15272
|
const workflow = await planWorkflow(client, workspaceId, application.name, application.id, {}, {});
|
|
15112
15273
|
const functionRegistry = await planFunctionRegistry(client, workspaceId, application.name, application.id, []);
|
|
15113
15274
|
const secretManager = await planSecretManager(ctx);
|
|
15114
|
-
|
|
15115
|
-
|
|
15116
|
-
|
|
15117
|
-
|
|
15118
|
-
|
|
15119
|
-
|
|
15120
|
-
|
|
15121
|
-
|
|
15122
|
-
|
|
15123
|
-
|
|
15124
|
-
|
|
15125
|
-
|
|
15126
|
-
|
|
15127
|
-
|
|
15128
|
-
|
|
15129
|
-
|
|
15130
|
-
|
|
15131
|
-
|
|
15132
|
-
|
|
15133
|
-
|
|
15134
|
-
|
|
15135
|
-
|
|
15136
|
-
|
|
15137
|
-
|
|
15138
|
-
|
|
15275
|
+
const removeLines = [
|
|
15276
|
+
...functionRegistry.changeSet.lines(),
|
|
15277
|
+
...staticWebsite.changeSet.lines(),
|
|
15278
|
+
...aiGateway.changeSet.lines(),
|
|
15279
|
+
...app.lines(),
|
|
15280
|
+
...tailorDB.changeSet.service.lines(),
|
|
15281
|
+
...tailorDB.changeSet.type.lines(),
|
|
15282
|
+
...tailorDB.changeSet.gqlPermission.lines(),
|
|
15283
|
+
...pipeline.changeSet.service.lines(),
|
|
15284
|
+
...pipeline.changeSet.resolver.lines(),
|
|
15285
|
+
...executor.changeSet.lines(),
|
|
15286
|
+
...workflow.changeSet.lines(),
|
|
15287
|
+
...idp.changeSet.service.lines(),
|
|
15288
|
+
...idp.changeSet.client.lines(),
|
|
15289
|
+
...auth.changeSet.service.lines(),
|
|
15290
|
+
...auth.changeSet.idpConfig.lines(),
|
|
15291
|
+
...auth.changeSet.userProfileConfig.lines(),
|
|
15292
|
+
...auth.changeSet.tenantConfig.lines(),
|
|
15293
|
+
...auth.changeSet.machineUser.lines(),
|
|
15294
|
+
...auth.changeSet.oauth2Client.lines(),
|
|
15295
|
+
...auth.changeSet.authHook.lines(),
|
|
15296
|
+
...auth.changeSet.scim.lines(),
|
|
15297
|
+
...auth.changeSet.scimResource.lines(),
|
|
15298
|
+
...auth.changeSet.connection.lines(),
|
|
15299
|
+
...secretManager.vaultChangeSet.lines(),
|
|
15300
|
+
...secretManager.secretChangeSet.lines()
|
|
15301
|
+
];
|
|
15302
|
+
if (removeLines.length > 0) logger.log(removeLines.join("\n"));
|
|
15139
15303
|
if (tailorDB.changeSet.service.deletes.length === 0 && staticWebsite.changeSet.deletes.length === 0 && aiGateway.changeSet.deletes.length === 0 && idp.changeSet.service.deletes.length === 0 && auth.changeSet.service.deletes.length === 0 && pipeline.changeSet.service.deletes.length === 0 && app.deletes.length === 0 && executor.changeSet.deletes.length === 0 && workflow.changeSet.deletes.length === 0 && functionRegistry.changeSet.deletes.length === 0 && secretManager.vaultChangeSet.deletes.length === 0 && secretManager.secretChangeSet.deletes.length === 0) return;
|
|
15140
15304
|
if (confirm) await confirm();
|
|
15141
15305
|
await applyWorkflow(client, workflow, "delete");
|
|
@@ -15205,6 +15369,36 @@ function logBetaWarning(featureName) {
|
|
|
15205
15369
|
logger.newline();
|
|
15206
15370
|
}
|
|
15207
15371
|
|
|
15372
|
+
//#endregion
|
|
15373
|
+
//#region src/cli/shared/config.ts
|
|
15374
|
+
/**
|
|
15375
|
+
* Extracts every namespace key declared under `config.db`, including those
|
|
15376
|
+
* declared with `{ external: true }`.
|
|
15377
|
+
* @param config - Loaded application configuration.
|
|
15378
|
+
* @returns Namespace names in insertion order.
|
|
15379
|
+
*/
|
|
15380
|
+
function extractAllNamespaces(config) {
|
|
15381
|
+
const namespaces = /* @__PURE__ */ new Set();
|
|
15382
|
+
if (config.db) for (const namespaceName of Object.keys(config.db)) namespaces.add(namespaceName);
|
|
15383
|
+
return Array.from(namespaces);
|
|
15384
|
+
}
|
|
15385
|
+
/**
|
|
15386
|
+
* Extracts namespace keys under `config.db` that this app owns
|
|
15387
|
+
* (i.e. not declared with `{ external: true }`). Use this for destructive
|
|
15388
|
+
* operations like `tailordb truncate --all` to avoid touching namespaces
|
|
15389
|
+
* owned by other apps.
|
|
15390
|
+
* @param config - Loaded application configuration.
|
|
15391
|
+
* @returns Owned namespace names in insertion order.
|
|
15392
|
+
*/
|
|
15393
|
+
function extractOwnedNamespaces(config) {
|
|
15394
|
+
const namespaces = /* @__PURE__ */ new Set();
|
|
15395
|
+
if (config.db) for (const [namespaceName, nsConfig] of Object.entries(config.db)) {
|
|
15396
|
+
if ("external" in nsConfig) continue;
|
|
15397
|
+
namespaces.add(namespaceName);
|
|
15398
|
+
}
|
|
15399
|
+
return Array.from(namespaces);
|
|
15400
|
+
}
|
|
15401
|
+
|
|
15208
15402
|
//#endregion
|
|
15209
15403
|
//#region src/cli/commands/workspace/transform.ts
|
|
15210
15404
|
const workspaceInfo = (workspace, folderName) => {
|
|
@@ -15601,7 +15795,7 @@ function formatEnumUnion(values) {
|
|
|
15601
15795
|
return values.map((v) => `"${v}"`).join(" | ");
|
|
15602
15796
|
}
|
|
15603
15797
|
function generateEnumChangeColumnType(enumValueChange, config) {
|
|
15604
|
-
const selectType = formatEnumUnion([
|
|
15798
|
+
const selectType = formatEnumUnion([.../* @__PURE__ */ new Set([...enumValueChange.beforeValues, ...enumValueChange.afterValues])]);
|
|
15605
15799
|
const afterType = formatEnumUnion(enumValueChange.afterValues);
|
|
15606
15800
|
if (config.array && !config.required) return `ColumnType<(${selectType})[] | null, (${afterType})[] | null, (${afterType})[] | null>`;
|
|
15607
15801
|
if (config.array) return `ColumnType<(${selectType})[], (${afterType})[], (${afterType})[]>`;
|
|
@@ -15928,7 +16122,7 @@ async function generate(options) {
|
|
|
15928
16122
|
if (options.init) await handleInitOption(namespacesWithMigrations, options.yes);
|
|
15929
16123
|
let pluginManager;
|
|
15930
16124
|
if (plugins.length > 0) pluginManager = new PluginManager(plugins);
|
|
15931
|
-
const { defineApplication } = await import("./application-
|
|
16125
|
+
const { defineApplication } = await import("./application-BakHtldG.mjs");
|
|
15932
16126
|
const application = defineApplication({
|
|
15933
16127
|
config,
|
|
15934
16128
|
pluginManager
|
|
@@ -16072,36 +16266,6 @@ const generateCommand = defineAppCommand({
|
|
|
16072
16266
|
}
|
|
16073
16267
|
});
|
|
16074
16268
|
|
|
16075
|
-
//#endregion
|
|
16076
|
-
//#region src/cli/shared/config.ts
|
|
16077
|
-
/**
|
|
16078
|
-
* Extracts every namespace key declared under `config.db`, including those
|
|
16079
|
-
* declared with `{ external: true }`.
|
|
16080
|
-
* @param config - Loaded application configuration.
|
|
16081
|
-
* @returns Namespace names in insertion order.
|
|
16082
|
-
*/
|
|
16083
|
-
function extractAllNamespaces(config) {
|
|
16084
|
-
const namespaces = /* @__PURE__ */ new Set();
|
|
16085
|
-
if (config.db) for (const namespaceName of Object.keys(config.db)) namespaces.add(namespaceName);
|
|
16086
|
-
return Array.from(namespaces);
|
|
16087
|
-
}
|
|
16088
|
-
/**
|
|
16089
|
-
* Extracts namespace keys under `config.db` that this app owns
|
|
16090
|
-
* (i.e. not declared with `{ external: true }`). Use this for destructive
|
|
16091
|
-
* operations like `tailordb truncate --all` to avoid touching namespaces
|
|
16092
|
-
* owned by other apps.
|
|
16093
|
-
* @param config - Loaded application configuration.
|
|
16094
|
-
* @returns Owned namespace names in insertion order.
|
|
16095
|
-
*/
|
|
16096
|
-
function extractOwnedNamespaces(config) {
|
|
16097
|
-
const namespaces = /* @__PURE__ */ new Set();
|
|
16098
|
-
if (config.db) for (const [namespaceName, nsConfig] of Object.entries(config.db)) {
|
|
16099
|
-
if ("external" in nsConfig) continue;
|
|
16100
|
-
namespaces.add(namespaceName);
|
|
16101
|
-
}
|
|
16102
|
-
return Array.from(namespaces);
|
|
16103
|
-
}
|
|
16104
|
-
|
|
16105
16269
|
//#endregion
|
|
16106
16270
|
//#region src/cli/shared/tailordb-namespace.ts
|
|
16107
16271
|
/**
|
|
@@ -16692,6 +16856,15 @@ const validateRegion = async (region, client) => {
|
|
|
16692
16856
|
const availableRegions = await client.listAvailableWorkspaceRegions({});
|
|
16693
16857
|
if (!availableRegions.regions.includes(region)) throw new Error(`Region must be one of: ${availableRegions.regions.join(", ")}.`);
|
|
16694
16858
|
};
|
|
16859
|
+
function profilePlatformSettings(platformConfig) {
|
|
16860
|
+
const hasOAuth2ClientId = platformConfig?.oauth2ClientId || process.env.TAILOR_PLATFORM_OAUTH2_CLIENT_ID;
|
|
16861
|
+
const hasConsoleUrl = platformConfig?.consoleUrl || process.env.TAILOR_PLATFORM_CONSOLE_URL;
|
|
16862
|
+
return {
|
|
16863
|
+
...isDefaultPlatform(platformConfig) ? {} : { platform_url: getPlatformBaseUrl(platformConfig) },
|
|
16864
|
+
...hasOAuth2ClientId ? { oauth2_client_id: getOAuth2ClientId(platformConfig) } : {},
|
|
16865
|
+
...hasConsoleUrl ? { console_url: getConsoleBaseUrl(platformConfig) } : {}
|
|
16866
|
+
};
|
|
16867
|
+
}
|
|
16695
16868
|
/**
|
|
16696
16869
|
* Create a new workspace with the given options.
|
|
16697
16870
|
* @param options - Workspace creation options
|
|
@@ -16746,6 +16919,23 @@ const createCommand = defineAppCommand({
|
|
|
16746
16919
|
}).strict(),
|
|
16747
16920
|
run: async (args) => {
|
|
16748
16921
|
await assertWritable();
|
|
16922
|
+
const profileName = args["profile-name"];
|
|
16923
|
+
let profileSetup;
|
|
16924
|
+
if (profileName) {
|
|
16925
|
+
const config = await readPlatformConfig();
|
|
16926
|
+
if (config.profiles[profileName]) throw new Error(`Profile "${profileName}" already exists.`);
|
|
16927
|
+
const activeProfileName = process.env.TAILOR_PLATFORM_PROFILE;
|
|
16928
|
+
const activeProfileEntry = activeProfileName ? config.profiles[activeProfileName] : void 0;
|
|
16929
|
+
const platformConfig = activeProfileEntry ? platformConfigFromProfile(activeProfileEntry) : void 0;
|
|
16930
|
+
const profileUser = args["profile-user"] || activeProfileEntry?.user || config.current_user;
|
|
16931
|
+
if (!profileUser) throw new Error("Current user not found. Please login or specify --profile-user to create a profile.");
|
|
16932
|
+
if (!hasUserTokenEntry(config, profileUser, platformConfig)) throw new Error(`User "${profileUser}" not found.\nPlease verify your user name and login using 'tailor-sdk login' command.`);
|
|
16933
|
+
profileSetup = {
|
|
16934
|
+
name: profileName,
|
|
16935
|
+
user: profileUser,
|
|
16936
|
+
platformSettings: profilePlatformSettings(platformConfig)
|
|
16937
|
+
};
|
|
16938
|
+
}
|
|
16749
16939
|
const workspace = await createWorkspace({
|
|
16750
16940
|
name: args.name,
|
|
16751
16941
|
region: args.region,
|
|
@@ -16754,26 +16944,26 @@ const createCommand = defineAppCommand({
|
|
|
16754
16944
|
folderId: args["folder-id"]
|
|
16755
16945
|
});
|
|
16756
16946
|
let profileInfo;
|
|
16757
|
-
|
|
16758
|
-
if (profileName) {
|
|
16947
|
+
if (profileSetup) {
|
|
16759
16948
|
const config = await readPlatformConfig();
|
|
16760
|
-
|
|
16761
|
-
|
|
16762
|
-
|
|
16763
|
-
if (!config.users[profileUser]) throw new Error(`User "${profileUser}" not found.\nPlease verify your user name and login using 'tailor-sdk login' command.`);
|
|
16764
|
-
config.profiles[profileName] = {
|
|
16765
|
-
user: profileUser,
|
|
16949
|
+
const platformSettings = profileSetup.platformSettings;
|
|
16950
|
+
config.profiles[profileSetup.name] = {
|
|
16951
|
+
user: profileSetup.user,
|
|
16766
16952
|
workspace_id: workspace.id,
|
|
16767
|
-
...args.permission === "read" ? { readonly: true } : {}
|
|
16953
|
+
...args.permission === "read" ? { readonly: true } : {},
|
|
16954
|
+
...platformSettings
|
|
16768
16955
|
};
|
|
16769
16956
|
writePlatformConfig(config);
|
|
16770
16957
|
profileInfo = {
|
|
16771
|
-
name:
|
|
16772
|
-
user:
|
|
16958
|
+
name: profileSetup.name,
|
|
16959
|
+
user: profileSetup.user,
|
|
16773
16960
|
workspaceId: workspace.id,
|
|
16774
|
-
permission: args.permission
|
|
16961
|
+
permission: args.permission,
|
|
16962
|
+
...platformSettings.platform_url ? { platformUrl: platformSettings.platform_url } : {},
|
|
16963
|
+
...platformSettings.oauth2_client_id ? { oauth2ClientId: platformSettings.oauth2_client_id } : {},
|
|
16964
|
+
...platformSettings.console_url ? { consoleUrl: platformSettings.console_url } : {}
|
|
16775
16965
|
};
|
|
16776
|
-
if (!args.json) logger.success(`Profile "${
|
|
16966
|
+
if (!args.json) logger.success(`Profile "${profileSetup.name}" created successfully.`);
|
|
16777
16967
|
}
|
|
16778
16968
|
if (!args.json) logger.success(`Workspace "${workspaceDisplayName(workspace)}" created successfully.`);
|
|
16779
16969
|
if (args.json && profileInfo) {
|
|
@@ -17862,7 +18052,7 @@ async function runRepl(options) {
|
|
|
17862
18052
|
const execute = await prepareQueryExecutor(options);
|
|
17863
18053
|
const historyPath = getReplHistoryPath(options.engine, options.profile, options.workspaceId);
|
|
17864
18054
|
const validate = createReplValidator(options.engine);
|
|
17865
|
-
const { highlightSqlLine, highlightGraphqlLine, replTransform } = await import("./repl-editor-
|
|
18055
|
+
const { highlightSqlLine, highlightGraphqlLine, replTransform } = await import("./repl-editor-DD5YP5mt.mjs");
|
|
17866
18056
|
const highlight = options.engine === "sql" ? highlightSqlLine : highlightGraphqlLine;
|
|
17867
18057
|
const prompt = createPrompt({
|
|
17868
18058
|
prefix: "",
|
|
@@ -18196,5 +18386,5 @@ function isDeno() {
|
|
|
18196
18386
|
}
|
|
18197
18387
|
|
|
18198
18388
|
//#endregion
|
|
18199
|
-
export {
|
|
18200
|
-
//# sourceMappingURL=runtime-
|
|
18389
|
+
export { getOrganization as $, generateAllTypeManifestsFromSnapshot as $t, listCommand$3 as A, apiCommand as An, getExecutorWaitFailureMessage as At, show as B, paginationArgs as Bn, listWorkflowExecutions as Bt, listCommand$2 as C, getNamespacesWithMigrations as Cn, listWebhookExecutors as Ct, waitWorkflowExecution as D, PluginManager as Dn, listCommand$9 as Dt, waitCommand as E, sdkNameLabelKey as En, triggerExecutor as Et, generateCommand as F, configArg as Fn, startWorkflow as Ft, removeCommand$1 as G, deploy as Gt, extractOwnedNamespaces as H, workspaceArgs as Hn, formatKeyValueTable as Ht, generateMigrationScript as I, confirmationArgs as In, getCommand$5 as It, organizationTree as J, bundleMigrationScript as Jt, updateCommand$1 as K, executeScript as Kt, writeDbTypesFile as L, deploymentArgs as Ln, getWorkflow as Lt, truncate as M, assertWritable as Mn, listExecutorJobs as Mt, truncateCommand as N, defineAppCommand as Nn, watchExecutorJob as Nt, resumeCommand as O, generateUserTypes as On, listExecutors as Ot, generate as P, commonArgs as Pn, startCommand as Pt, getCommand$1 as Q, compareSnapshotWithRemote as Qt, getConfiguredEditorCommand as R, isVerbose as Rn, executionsCommand as Rt, listApps as S, hasChanges as Sn, getFunctionRegistry as St, healthCommand as T, resourceTrn as Tn, triggerCommand as Tt, logBetaWarning as U, getCommand$6 as Ut, showCommand as V, toPageDirection as Vn, functionExecutionStatusToString as Vt, remove as W, getExecutor as Wt, listCommand$4 as X, handleOptionalToRequiredError as Xt, treeCommand as Y, MIGRATION_LABEL_KEY as Yt, listOrganizations as Z, parseMigrationLabelNumber as Zt, getWorkspace as _, reconstructSnapshotFromMigrations as _n, listMachineUsers as _t, updateUser as a, SCHEMA_FILE_NAME as an, getFolder as at, createCommand as b, formatDiffSummary as bn, listFunctionRegistries as bt, listCommand as c, compareSnapshots as cn, createCommand$1 as ct, inviteUser as d, getMigrationDirPath as dn, listOAuth2Clients as dt, protoGqlPermission as en, updateCommand$2 as et, restoreCommand as f, getMigrationFilePath as fn, getCommand$3 as ft, getCommand as g, loadDiff as gn, listCommand$7 as gt, listWorkspaces as h, isValidMigrationNumber as hn, tokenCommand as ht, updateCommand as i, MIGRATE_FILE_NAME as in, getCommand$2 as it, listWorkflows as j, apiCall as jn, jobsCommand as jt, resumeWorkflow as k, prompt as kn, getExecutorJob as kt, listUsers as l, createSnapshotFromLocalTypes as ln, createFolder as lt, listCommand$1 as m, getNextMigrationNumber as mn, getMachineUserToken as mt, query as n, DIFF_FILE_NAME as nn, listCommand$5 as nt, removeCommand as o, assertValidMigrationFiles as on, deleteCommand$1 as ot, restoreWorkspace as p, getMigrationFiles as pn, getOAuth2Client as pt, updateOrganization as q, waitForExecution as qt, queryCommand as r, INITIAL_SCHEMA_NUMBER as rn, listFolders as rt, removeUser as s, compareLocalTypesWithSnapshot as sn, deleteFolder as st, isNativeTypeScriptRuntime as t, DB_TYPES_FILE_NAME as tn, updateFolder as tt, inviteCommand as u, getLatestMigrationNumber as un, listCommand$6 as ut, deleteCommand as v, formatMigrationNumber as vn, generate$1 as vt, getAppHealth as w, ensureConfigId as wn, webhookCommand as wt, createWorkspace as x, formatMigrationDiff as xn, getCommand$4 as xt, deleteWorkspace as y, parseMigrationNumberArg as yn, listCommand$8 as yt, openInConfiguredEditor as z, pagedLogArgs as zn, getWorkflowExecution as zt };
|
|
18390
|
+
//# sourceMappingURL=runtime-CSY0eD4_.mjs.map
|