@tamyla/clodo-framework 2.0.18 → 2.0.20

package/dist/security/DeploymentManager.js

@@ -1,208 +0,0 @@
-import { ConfigurationValidator } from './ConfigurationValidator.js';
-import { SecretGenerator } from './SecretGenerator.js';
-import { checkHealth } from '../utils/health-checker.js';
-
-/**
- * Secure Deployment Manager
- * Manages secure deployment pipeline with security validation
- */
-export class DeploymentManager {
-  /**
-   * Deploy customer configuration with security validation
-   * @param {Object} options - Deployment options
-   */
-  static async deployWithSecurity(options) {
-    const {
-      customer,
-      environment,
-      skipValidation = false,
-      allowInsecure = false,
-      dryRun = false,
-      deploymentUrl // New parameter for real URL extraction
-    } = options;
-    console.log(`\n🚀 Secure Deployment: ${customer}/${environment}`);
-    console.log('='.repeat(60));
-    try {
-      // Step 1: Validate configuration
-      if (!skipValidation) {
-        console.log('\n🔍 Step 1: Configuration Validation');
-        await this.validateConfiguration(customer, environment, {
-          allowInsecure
-        });
-      }
-
-      // Step 2: Security validation
-      console.log('\n🔒 Step 2: Security Validation');
-      const securityResult = ConfigurationValidator.validateConfiguration(customer, environment);
-      if (!securityResult.valid) {
-        const criticalIssues = securityResult.securityIssues.filter(issue => issue.severity === 'critical');
-        if (criticalIssues.length > 0 && !allowInsecure) {
-          console.log('\n❌ DEPLOYMENT BLOCKED');
-          console.log('Critical security issues must be resolved before deployment.');
-          console.log('\nTo resolve:');
-          console.log('1. Fix the security issues listed above');
-          console.log('2. Use secure secrets management');
-          console.log('3. Generate secure keys with SecretGenerator');
-          if (dryRun) {
-            console.log('\n🧪 DRY RUN: Would have been blocked by security issues');
-          } else {
-            throw new Error('Deployment blocked due to critical security issues');
-          }
-        }
-      }
-
-      // Step 3: Pre-deployment checks
-      console.log('\n✅ Step 3: Pre-deployment Checks');
-      await this.performPreDeploymentChecks(customer, environment);
-
-      // Step 4: Deploy (or dry run)
-      if (dryRun) {
-        console.log('\n🧪 DRY RUN: Would deploy with security validation');
-        console.log(`   Customer: ${customer}`);
-        console.log(`   Environment: ${environment}`);
-        console.log(`   Security validation: ${securityResult.valid ? 'PASSED' : 'ISSUES FOUND'}`);
-        console.log('\n✅ Dry run completed successfully');
-      } else {
-        console.log('\n🚀 Step 4: Deploying');
-        const deployResult = await this.performDeployment(customer, environment);
-        console.log(`   ✅ Deployment URL: ${deployResult.url}`);
-      }
-
-      // Step 5: Post-deployment validation (real implementation)
-      if (!dryRun && deploymentUrl) {
-        console.log('\n🔍 Step 5: Post-deployment Validation');
-        await this.performPostDeploymentChecks(customer, environment, deploymentUrl);
-      }
-      console.log('\n🎉 Deployment completed successfully!');
-    } catch (error) {
-      console.error(`\n❌ Deployment failed: ${error.message}`);
-      throw error;
-    }
-  }
-
-  /**
-   * Validate configuration before deployment
-   */
-  static async validateConfiguration(customer, environment, options = {}) {
-    const {
-      allowInsecure = false
-    } = options;
-    try {
-      // This would integrate with the framework's config builder
-      // For now, we'll assume configuration validation is handled elsewhere
-      console.log(`   ✓ Configuration structure validated for ${customer}/${environment}`);
-    } catch (error) {
-      if (!allowInsecure) {
-        throw new Error(`Configuration validation failed: ${error.message}`);
-      }
-      console.log(`   ⚠️  Configuration validation failed but proceeding (--allow-insecure)`);
-    }
-  }
-
-  /**
-   * Perform pre-deployment checks
-   */
-  // eslint-disable-next-line no-unused-vars
-  static async performPreDeploymentChecks(_customer, _environment) {
-    const checks = ['Environment variables validation', 'Required secrets presence', 'Configuration consistency', 'Resource availability'];
-    for (const check of checks) {
-      console.log(`   ✓ ${check}`);
-      // Add actual check logic here
-    }
-  }
-
-  /**
-   * Perform the actual deployment
-   */
-  static async performDeployment(_customer, _environment) {
-    // This would integrate with the actual deployment system
-    // For now, simulate deployment
-    console.log(`   🚀 Deploying ${_customer} to ${_environment} environment`);
-
-    // Simulate deployment steps
-    await this.delay(1000);
-    console.log(`   ✓ Deployment package prepared`);
-    await this.delay(1000);
-    console.log(`   ✓ Deploying to Cloudflare Workers`);
-    await this.delay(2000);
-    console.log(`   ✓ Deployment completed`);
-
-    // Return deployment result with URL
-    const deploymentUrl = `https://${_customer}-${_environment}.workers.dev`;
-    return {
-      url: deploymentUrl,
-      customer: _customer,
-      environment: _environment,
-      timestamp: new Date().toISOString()
-    };
-  }
-
-  /**
-   * Perform post-deployment checks (real HTTP-based validation)
-   */
-  static async performPostDeploymentChecks(customer, environment, deploymentUrl) {
-    console.log(`   🔍 Validating deployment at ${deploymentUrl}`);
-    try {
-      // Real health check using HTTP
-      const healthResult = await checkHealth(deploymentUrl);
-      if (healthResult.status !== 'ok') {
-        throw new Error(`Health check failed: ${healthResult.message}`);
-      }
-      console.log(`   ✅ Health check passed for ${customer}/${environment}`);
-    } catch (error) {
-      console.error(`   ❌ Post-deployment validation failed: ${error.message}`);
-      throw error;
-    }
-  }
-
-  /**
-   * Generate secure deployment configuration
-   */
-  static generateSecureConfig(customer, environment) {
-    const config = {
-      customer,
-      environment,
-      secrets: {},
-      security: {
-        validated: true,
-        timestamp: new Date().toISOString()
-      }
-    };
-
-    // Generate required secure keys
-    const requiredKeys = ['CONTENT_SKIMMER_API_KEY', 'LOGGER_SERVICE_API_KEY', 'AUTH_SERVICE_API_KEY', 'X_SERVICE_KEY'];
-    for (const keyName of requiredKeys) {
-      config.secrets[keyName] = SecretGenerator.generateServiceKey(keyName.replace('_API_KEY', '').toLowerCase().replace('_', '-'), environment);
-    }
-
-    // Generate JWT secret
-    config.secrets['AUTH_JWT_SECRET'] = SecretGenerator.generateSecureJwtSecret();
-    return config;
-  }
-
-  /**
-   * Validate deployment readiness
-   */
-  // eslint-disable-next-line no-unused-vars
-  static validateDeploymentReadiness(_customer, _environment) {
-    const issues = [];
-
-    // Check if all required secrets are available
-    // eslint-disable-next-line no-unused-vars
-    const requiredSecrets = ['CONTENT_SKIMMER_API_KEY', 'LOGGER_SERVICE_API_KEY', 'AUTH_SERVICE_API_KEY', 'X_SERVICE_KEY', 'AUTH_JWT_SECRET'];
-
-    // This would check actual secret availability
-    // For now, return empty issues array
-    return {
-      ready: issues.length === 0,
-      issues
-    };
-  }
-
-  /**
-   * Utility method for delays in async operations
-   */
-  static delay(ms) {
-    return new Promise(resolve => setTimeout(resolve, ms));
-  }
-}

package/dist/service-management/handlers/ConfigMutator.js

@@ -1,130 +0,0 @@
-/**
- * Configuration Mutator Module
- * Focused module for safe configuration file mutations
- */
-
-import fs from 'fs/promises';
-import path from 'path';
-export class ConfigMutator {
-  constructor(options = {}) {
-    this.dryRun = options.dryRun || false;
-  }
-
-  /**
-   * Safely update domain configuration
-   */
-  async updateDomainConfig(servicePath, currentConfig, updates) {
-    const domainConfigPath = path.join(servicePath, 'src/config/domains.js');
-    let domainConfig = await fs.readFile(domainConfigPath, 'utf8');
-    if (updates.domainName) {
-      // Use regex-based replacement for safety
-      domainConfig = domainConfig.replace(new RegExp(`name: ['"]${this.escapeRegExp(currentConfig.domainName)}['"]`, 'g'), `name: '${updates.domainName}'`);
-
-      // Update domain URLs
-      domainConfig = domainConfig.replace(new RegExp(`https://[^'"]*${this.escapeRegExp(currentConfig.domainName)}[^'"]*`, 'g'), match => match.replace(currentConfig.domainName, updates.domainName));
-    }
-    if (!this.dryRun) {
-      await fs.writeFile(domainConfigPath, domainConfig, 'utf8');
-    }
-    return {
-      updated: true,
-      path: domainConfigPath
-    };
-  }
-
-  /**
-   * Update Cloudflare configuration
-   */
-  async updateCloudflareConfig(servicePath, currentConfig, updates) {
-    const domainConfigPath = path.join(servicePath, 'src/config/domains.js');
-    let domainConfig = await fs.readFile(domainConfigPath, 'utf8');
-    if (updates.accountId) {
-      domainConfig = domainConfig.replace(new RegExp(`accountId:\\s*['"]${this.escapeRegExp(currentConfig.cloudflareAccountId || '')}['"]`, 'g'), `accountId: '${updates.accountId}'`);
-    }
-    if (updates.zoneId) {
-      domainConfig = domainConfig.replace(new RegExp(`zoneId:\\s*['"]${this.escapeRegExp(currentConfig.cloudflareZoneId || '')}['"]`, 'g'), `zoneId: '${updates.zoneId}'`);
-    }
-    if (!this.dryRun) {
-      await fs.writeFile(domainConfigPath, domainConfig, 'utf8');
-    }
-    return {
-      updated: true,
-      path: domainConfigPath
-    };
-  }
-
-  /**
-   * Update environment configuration
-   */
-  async updateEnvironmentConfig(servicePath, currentConfig, updates) {
-    const wranglerConfigPath = path.join(servicePath, 'wrangler.toml');
-    let wranglerConfig = await fs.readFile(wranglerConfigPath, 'utf8');
-    if (updates.environment) {
-      // Update environment-specific names
-      wranglerConfig = wranglerConfig.replace(new RegExp(`name\\s*=\\s*['"].*${this.escapeRegExp(currentConfig.environment)}.*['"]`, 'g'), `name = "${currentConfig.serviceName}-${updates.environment}"`);
-      wranglerConfig = wranglerConfig.replace(new RegExp(`\\[env\\.${this.escapeRegExp(currentConfig.environment)}\\]`, 'g'), `[env.${updates.environment}]`);
-    }
-    if (!this.dryRun) {
-      await fs.writeFile(wranglerConfigPath, wranglerConfig, 'utf8');
-    }
-    return {
-      updated: true,
-      path: wranglerConfigPath
-    };
-  }
-
-  /**
-   * Update feature configuration
-   */
-  async updateFeatureConfig(servicePath, action, feature) {
-    const domainConfigPath = path.join(servicePath, 'src/config/domains.js');
-    let domainConfig = await fs.readFile(domainConfigPath, 'utf8');
-    if (action === 'add') {
-      // Add feature flag
-      const featureLine = `    ${feature}: true,`;
-      domainConfig = domainConfig.replace(/(\s+)(cors:\s*(?:true|false),?)(\n)/, `$1$2$3$1${featureLine}$3`);
-    } else if (action === 'remove') {
-      // Remove feature flag
-      const featureLinePattern = new RegExp(`\\s+${this.escapeRegExp(feature)}:\\s*(?:true|false),?\\n`, 'g');
-      domainConfig = domainConfig.replace(featureLinePattern, '');
-    }
-    if (!this.dryRun) {
-      await fs.writeFile(domainConfigPath, domainConfig, 'utf8');
-    }
-    return {
-      updated: true,
-      path: domainConfigPath
-    };
-  }
-
-  /**
-   * Validate configuration file exists and is writable
-   */
-  async validateConfigFile(filePath) {
-    try {
-      await fs.access(filePath, fs.constants.R_OK | fs.constants.W_OK);
-      return {
-        valid: true
-      };
-    } catch (error) {
-      return {
-        valid: false,
-        error: `Configuration file not accessible: ${filePath}`
-      };
-    }
-  }
-
-  /**
-   * Escape special regex characters for safe replacement
-   */
-  escapeRegExp(string) {
-    return string.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
-  }
-
-  /**
-   * Enable/disable dry run mode
-   */
-  setDryRun(enabled) {
-    this.dryRun = enabled;
-  }
-}

package/dist/shared/config/customer-cli.js

@@ -1,175 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * Customer Configuration Management CLI
- * Manages multi-environment, multi-customer configuration structure
- * Integrates with Clodo Framework domain and feature flag systems
- */
-import { CustomerConfigCLI } from '../../../dist/config/CustomerConfigCLI.js';
-import { resolve } from 'path';
-
-// Parse command line arguments
-const argv = process.argv.slice(2);
-let configDir = null;
-let command = null;
-let args = [];
-
-// Extract --config-dir parameter if present
-for (let i = 0; i < argv.length; i++) {
-  if (argv[i] === '--config-dir' && i + 1 < argv.length) {
-    configDir = resolve(argv[i + 1]);
-    i++; // Skip the next argument (the path)
-  } else if (!command) {
-    command = argv[i];
-  } else {
-    args.push(argv[i]);
-  }
-}
-
-// Default to current working directory if not specified
-if (!configDir) {
-  configDir = resolve(process.cwd(), 'config');
-}
-async function main() {
-  const cli = new CustomerConfigCLI({
-    configDir
-  });
-  await cli.initialize();
-  try {
-    switch (command) {
-      case 'create-customer':
-        const [customerName, domain] = args;
-        const result = await cli.createCustomer(customerName, domain);
-        if (result.success) {
-          console.log(`\n🎉 Customer ${customerName} configuration created successfully!`);
-          console.log(`\n📋 Customer Details:`);
-          console.log(`   Name: ${result.customer.name}`);
-          console.log(`   Domain: ${result.customer.domain || 'Not specified'}`);
-          console.log(`   Config Path: ${result.customer.configPath}`);
-          console.log(`   Environments: ${result.customer.environments.join(', ')}`);
-          console.log(`\n📋 Next steps:`);
-          console.log(`1. Review generated configs in: config/customers/${customerName}/`);
-          console.log(`2. Update domain-specific URLs if needed`);
-          console.log(`3. Generate production secrets: npm run security:generate-key ${customerName}`);
-          console.log(`4. Set production secrets: wrangler secret put KEY_NAME --env production`);
-        } else {
-          console.error(`❌ Failed to create customer: ${result.error}`);
-          process.exit(1);
-        }
-        break;
-      case 'validate':
-        const validateResult = await cli.validateConfigurations();
-        if (validateResult.valid) {
-          console.log('✅ All customer configurations are valid');
-        } else {
-          console.log('❌ Configuration validation failed');
-          validateResult.errors.forEach(error => console.log(`   - ${error}`));
-          process.exit(1);
-        }
-        break;
-      case 'show':
-        const [customerNameShow, environment] = args;
-        const showResult = cli.showConfiguration(customerNameShow, environment);
-        if (showResult.success) {
-          console.log(`🔍 Effective configuration: ${customerNameShow}/${environment}\n`);
-          if (showResult.config.variables?.base) {
-            console.log('📋 Base variables:');
-            Object.entries(showResult.config.variables.base).slice(0, 10).forEach(([key, value]) => {
-              console.log(`   ${key}=${value}`);
-            });
-            if (Object.keys(showResult.config.variables.base).length > 10) {
-              console.log('   ...');
-            }
-            console.log('');
-          }
-          if (showResult.config.variables?.customer) {
-            console.log(`📋 Customer ${environment} variables:`);
-            Object.entries(showResult.config.variables.customer).slice(0, 15).forEach(([key, value]) => {
-              console.log(`   ${key}=${value}`);
-            });
-            if (Object.keys(showResult.config.variables.customer).length > 15) {
-              console.log('   ...');
-            }
-            console.log('');
-          }
-          if (showResult.config.features && Object.keys(showResult.config.features).length > 0) {
-            console.log('🚩 Customer features:');
-            Object.entries(showResult.config.features).forEach(([feature, enabled]) => {
-              console.log(`   ${feature}: ${enabled ? '✅' : '❌'}`);
-            });
-          }
-        } else {
-          console.error(`❌ Failed to show configuration: ${showResult.error}`);
-          process.exit(1);
-        }
-        break;
-      case 'deploy-command':
-        const [customerNameDeploy, environmentDeploy] = args;
-        const deployResult = cli.getDeployCommand(customerNameDeploy, environmentDeploy);
-        if (deployResult.success) {
-          console.log(`📋 Deploy command for ${customerNameDeploy}/${environmentDeploy}:`);
-          console.log(`   ${deployResult.command}`);
-          console.log(`\n💡 Ensure customer config is loaded: ${deployResult.configPath}`);
-        } else {
-          console.error(`❌ Failed to get deploy command: ${deployResult.error}`);
-          process.exit(1);
-        }
-        break;
-      case 'list':
-        const listResult = cli.listCustomers();
-        if (listResult.success && listResult.customers.length > 0) {
-          console.log('📋 Configured customers:\n');
-          listResult.customers.forEach(customer => {
-            console.log(`🏢 ${customer.name}`);
-            console.log(`   Domain: ${customer.customerDomain || customer.domain || 'Not configured'}`);
-            console.log(`   Account ID: ${customer.accountId ? `${customer.accountId.substring(0, 8)}...${customer.accountId.substring(24)}` : 'Not configured'}`);
-            console.log(`   Zone ID: ${customer.zoneId ? `${customer.zoneId.substring(0, 8)}...` : 'Not configured'}`);
-            if (customer.databaseId) {
-              console.log(`   Database: ${customer.databaseName || 'Unnamed'} (${customer.databaseId.substring(0, 8)}...)`);
-            }
-            console.log(`   Secrets: ${customer.hasSecrets ? '✅ Managed via wrangler secret commands' : '❌ Not configured'}`);
-            console.log(`   Environments: ${customer.environments.join(', ')}`);
-            console.log(`   Config Path: config/customers/${customer.name}/`);
-            console.log('');
-          });
-        } else if (listResult.success) {
-          console.log('📋 No customers configured');
-          console.log('\n💡 Tip: Run "clodo-customer-config create-customer <name>" to create your first customer');
-        } else {
-          console.error(`❌ Failed to list customers: ${listResult.error}`);
-          process.exit(1);
-        }
-        break;
-      default:
-        console.log('Customer Configuration Management Tool\n');
-        console.log('Usage:');
-        console.log('  clodo-customer-config [--config-dir <path>] <command> [args]\n');
-        console.log('Options:');
-        console.log('  --config-dir <path>  - Path to config directory (default: ./config)\n');
-        console.log('Available commands:');
-        console.log('  create-customer <name> [domain]  - Create new customer config from template');
-        console.log('  validate                         - Validate configuration structure');
-        console.log('  show <customer> <environment>    - Show effective configuration');
-        console.log('  deploy-command <customer> <env>  - Get deployment command');
-        console.log('  list                             - List all configured customers');
-        console.log('\nExamples:');
-        console.log('  clodo-customer-config create-customer acmecorp acmecorp.com');
-        console.log('  clodo-customer-config validate');
-        console.log('  clodo-customer-config show acmecorp production');
-        console.log('  clodo-customer-config list');
-        console.log('  clodo-customer-config --config-dir /path/to/service/config validate');
-        console.log('\nIntegration:');
-        console.log('  This tool integrates with Clodo Framework domain and feature flag systems.');
-        console.log('  Customer configurations are automatically registered as domains.');
-        console.log('  When run from a service directory, it uses ./config by default.');
-        break;
-    }
-  } catch (error) {
-    console.error(`❌ Error: ${error.message}`);
-    process.exit(1);
-  }
-}
-main().catch(error => {
-  console.error(`❌ Unexpected error: ${error.message}`);
-  process.exit(1);
-});