@tamyla/clodo-framework 3.1.21 → 3.1.23

package/dist/cli/security-cli.js

@@ -0,0 +1,118 @@
+#!/usr/bin/env node
+import { SecurityCLI } from '../security/SecurityCLI.js';
+const command = process.argv[2];
+const args = process.argv.slice(3);
+async function main() {
+  const cli = new SecurityCLI();
+  switch (command) {
+    case 'validate':
+      {
+        const [customer, environment] = args;
+        const result = await cli.validateConfiguration(customer, environment);
+        if (result.valid) {
+          console.log('✅ Security validation passed');
+        } else {
+          console.log('❌ Security issues found');
+          result.securityIssues.forEach(issue => {
+            console.log(`   ${issue.severity.toUpperCase()}: ${issue.message}`);
+          });
+        }
+        process.exit(result.valid ? 0 : 1);
+        break;
+      }
+    case 'generate-key':
+      {
+        const [type, lengthStr] = args;
+        const length = lengthStr ? parseInt(lengthStr) : undefined;
+        const keyResult = cli.generateKey(type, length);
+        if (keyResult.success) {
+          console.log(`Generated ${keyResult.type}: ${keyResult.key}`);
+        } else {
+          console.error(`Key generation failed: ${keyResult.error}`);
+          process.exit(1);
+        }
+        break;
+      }
+    case 'deploy':
+      {
+        // Check for help flag first
+        if (args.includes('--help') || args.includes('-h')) {
+          console.log('Deploy with security validation');
+          console.log('');
+          console.log('Usage:');
+          console.log('  clodo-security deploy <customer> <environment> [options]');
+          console.log('');
+          console.log('Arguments:');
+          console.log('  customer      Customer name (e.g., wetechfounders)');
+          console.log('  environment   Target environment (development, staging, production)');
+          console.log('');
+          console.log('Options:');
+          console.log('  --dry-run     Simulate deployment without making changes');
+          console.log('  --help, -h    Display this help message');
+          console.log('');
+          console.log('Examples:');
+          console.log('  clodo-security deploy wetechfounders development');
+          console.log('  clodo-security deploy greatidude production --dry-run');
+          break;
+        }
+        const [deployCustomer, deployEnvironment] = args.filter(arg => !arg.startsWith('--'));
+        const dryRun = args.includes('--dry-run');
+        const deployResult = await cli.deployWithSecurity(deployCustomer, deployEnvironment, {
+          dryRun
+        });
+        if (deployResult.success) {
+          console.log(`✅ Deployment ${dryRun ? 'validation' : 'completed'} successfully`);
+        } else {
+          console.error(`Deployment failed: ${deployResult.error}`);
+          process.exit(1);
+        }
+        break;
+      }
+    case 'generate-config':
+      {
+        const [configCustomer, configEnvironment] = args;
+        const configResult = cli.generateSecureConfig(configCustomer, configEnvironment);
+        if (configResult.success) {
+          console.log('Generated secure configuration:');
+          console.log(JSON.stringify(configResult.config, null, 2));
+        } else {
+          console.error(`Config generation failed: ${configResult.error}`);
+          process.exit(1);
+        }
+        break;
+      }
+    case 'check-readiness':
+      {
+        const [readyCustomer, readyEnvironment] = args;
+        const readinessResult = cli.checkDeploymentReadiness(readyCustomer, readyEnvironment);
+        if (readinessResult.ready) {
+          console.log('✅ Deployment ready');
+        } else {
+          console.log('❌ Deployment not ready:');
+          readinessResult.issues.forEach(issue => console.log(`   - ${issue}`));
+          process.exit(1);
+        }
+        break;
+      }
+    default:
+      console.log('Clodo Framework Security CLI');
+      console.log('');
+      console.log('Commands:');
+      console.log('  validate <customer> <environment>    - Validate configuration security');
+      console.log('  generate-key [type] [length]         - Generate secure key (api/jwt)');
+      console.log('  deploy <customer> <environment>      - Deploy with security validation');
+      console.log('  generate-config <customer> <env>     - Generate secure configuration');
+      console.log('  check-readiness <customer> <env>     - Check deployment readiness');
+      console.log('');
+      console.log('Examples:');
+      console.log('  clodo-security validate tamyla production');
+      console.log('  clodo-security generate-key jwt 64');
+      console.log('  clodo-security generate-key content-skimmer');
+      console.log('  clodo-security deploy tamyla staging --dry-run');
+      break;
+  }
+}
+main().catch(error => {
+  console.error(`Unexpected error: ${error.message}`);
+  process.exit(1);
+});

package/dist/config/FeatureManager.js

@@ -0,0 +1,6 @@
+/**
+ * Feature Manager
+ * Alias for features.js to maintain compatibility
+ */
+
+export * from './features.js';

package/dist/config/clodo-create.example.json

@@ -0,0 +1,26 @@
+{
+  "// Comment": "Example configuration for 'npx clodo-service create' command",
+  "// Instructions": "Copy this file and customize for your needs, then use: npx clodo-service create --config-file your-config.json",
+  "// CLI Override": "Any CLI options passed on command line will override values from this config file",
+  
+  "projectName": "my-cloudflare-worker",
+  "description": "A sample Cloudflare Worker project",
+  "environment": "development",
+  "region": "us-west-1",
+  "template": "basic",
+  "typescript": true,
+  "installDependencies": true,
+  
+  "advanced": {
+    "nodeVersion": "18.x",
+    "packageManager": "npm",
+    "outputDir": "./dist",
+    "sourceDir": "./src"
+  },
+  
+  "metadata": {
+    "author": "your-name",
+    "license": "MIT",
+    "version": "0.1.0"
+  }
+}

package/dist/config/clodo-deploy.example.json

@@ -0,0 +1,41 @@
+{
+  "// Comment": "Example configuration for 'npx clodo-service deploy' command",
+  "// Instructions": "Copy this file and customize for your needs, then use: npx clodo-service deploy --config-file your-config.json",
+  "// EnvVars": "You can use environment variable substitution: ${ENV_VAR_NAME} will be replaced with the value of ENV_VAR_NAME",
+  
+  "domain": "api.example.com",
+  "environment": "production",
+  "cloudflareToken": "${CLOUDFLARE_TOKEN}",
+  "cloudflareZoneId": "${CLOUDFLARE_ZONE_ID}",
+  
+  "deployment": {
+    "strategy": "blue-green",
+    "replicas": 3,
+    "maxConcurrency": 100,
+    "timeout": 30000,
+    "healthCheckInterval": 5000,
+    "rollbackOnFailure": true
+  },
+  
+  "routing": {
+    "enableLoadBalancing": true,
+    "loadBalancingPolicy": "round-robin",
+    "corsEnabled": true,
+    "corsOrigins": ["https://example.com", "https://app.example.com"]
+  },
+  
+  "monitoring": {
+    "enableMetrics": true,
+    "metricsEndpoint": "https://metrics.example.com",
+    "alertOnFailure": true,
+    "alertEmail": "alerts@example.com"
+  },
+  
+  "security": {
+    "enableSSL": true,
+    "minTLSVersion": "1.2",
+    "enableWAF": true,
+    "rateLimit": 1000,
+    "rateLimitWindow": 60
+  }
+}

package/dist/config/clodo-update.example.json

@@ -0,0 +1,46 @@
+{
+  "// Comment": "Example configuration for 'npx clodo-service update' command",
+  "// Instructions": "Copy this file and customize for your needs, then use: npx clodo-service update --config-file your-config.json",
+  
+  "domain": "api.example.com",
+  "environment": "production",
+  "cloudflareToken": "${CLOUDFLARE_TOKEN}",
+  
+  "preview": true,
+  "force": false,
+  
+  "updates": {
+    "updateDependencies": true,
+    "updateConfiguration": true,
+    "updateScripts": true,
+    "updateWorkerConfig": true
+  },
+  
+  "migration": {
+    "runMigrations": true,
+    "backupBeforeUpdate": true,
+    "backupLocation": "./backups",
+    "rollbackOnError": true
+  },
+  
+  "validation": {
+    "validateBeforeUpdate": true,
+    "validateAfterUpdate": true,
+    "runTests": true
+  },
+  
+  "notification": {
+    "notifyOnStart": true,
+    "notifyOnComplete": true,
+    "notifyEmail": "admin@example.com",
+    "notifySlack": false,
+    "slackWebhook": ""
+  },
+  
+  "performance": {
+    "parallelUpdates": 2,
+    "timeout": 60000,
+    "retryOnFailure": true,
+    "maxRetries": 3
+  }
+}

package/dist/config/clodo-validate.example.json

@@ -0,0 +1,41 @@
+{
+  "// Comment": "Example configuration for 'npx clodo-service validate' command",
+  "// Instructions": "Copy this file and customize for your needs, then use: npx clodo-service validate --config-file your-config.json",
+  
+  "environment": "production",
+  "deepScan": true,
+  "exportReport": "validation-report.json",
+  
+  "checks": {
+    "validateDependencies": true,
+    "validateScripts": true,
+    "validateConfiguration": true,
+    "validateDeploymentConfig": true,
+    "validateEnvironmentVariables": true,
+    "validateSecuritySettings": true,
+    "validateNetworkConnectivity": true,
+    "validateCloudflareConfig": true
+  },
+  
+  "validation": {
+    "strict": true,
+    "allowWarnings": false,
+    "checkVersionCompatibility": true,
+    "checkSecurityIssues": true,
+    "checkDummySecrets": true
+  },
+  
+  "requirements": {
+    "minNodeVersion": "16.x",
+    "requiredFiles": ["package.json", "wrangler.toml", "src/index.js"],
+    "requiredDependencies": ["@cloudflare/wrangler"],
+    "requiredEnvironmentVars": ["CLOUDFLARE_TOKEN"]
+  },
+  
+  "reporting": {
+    "verbose": false,
+    "includePassedChecks": true,
+    "includeDependencyTree": true,
+    "includeSuggestions": true
+  }
+}

package/dist/config/customers/template/development.env.template

@@ -0,0 +1,37 @@
+# Customer Development Environment Variables
+# Template for {{CUSTOMER_NAME}} development environment
+
+# Customer Information
+CUSTOMER_NAME={{CUSTOMER_NAME}}
+CUSTOMER_DOMAIN={{CUSTOMER_DOMAIN}}
+ENVIRONMENT={{ENVIRONMENT}}
+
+# Domain Configuration
+DOMAIN={{DOMAIN}}
+API_DOMAIN=api-dev.{{DOMAIN}}
+AUTH_DOMAIN=auth-dev.{{DOMAIN}}
+
+# Database Configuration
+DATABASE_URL=postgresql://user:password@localhost:5432/{{CUSTOMER_NAME}}_dev
+REDIS_URL=redis://localhost:6379/0
+
+# Feature Flags
+ENABLE_DEBUG_LOGGING=true
+ENABLE_DEVELOPMENT_MODE=true
+ENABLE_STRICT_VALIDATION=false
+
+# Security
+JWT_SECRET=dev-jwt-secret-{{CUSTOMER_NAME}}
+API_KEY=dev-api-key-{{CUSTOMER_NAME}}
+
+# External Services
+STRIPE_PUBLIC_KEY=pk_test_...
+STRIPE_SECRET_KEY=sk_test_...
+
+# Logging
+LOG_LEVEL=debug
+LOG_FORMAT=json
+
+# Performance
+CACHE_TTL=300
+RATE_LIMIT=1000

package/dist/config/customers/template/production.env.template

@@ -0,0 +1,39 @@
+# Customer Production Environment Variables
+# Template for {{CUSTOMER_NAME}} production environment
+
+# Customer Information
+CUSTOMER_NAME={{CUSTOMER_NAME}}
+CUSTOMER_DOMAIN={{CUSTOMER_DOMAIN}}
+ENVIRONMENT={{ENVIRONMENT}}
+
+# Domain Configuration
+DOMAIN={{DOMAIN}}
+API_DOMAIN=api.{{DOMAIN}}
+AUTH_DOMAIN=auth.{{DOMAIN}}
+
+# Database Configuration
+DATABASE_URL=postgresql://user:password@prod-db:5432/{{CUSTOMER_NAME}}_prod
+REDIS_URL=redis://prod-redis:6379/0
+
+# Feature Flags
+ENABLE_DEBUG_LOGGING=false
+ENABLE_DEVELOPMENT_MODE=false
+ENABLE_STRICT_VALIDATION=true
+ENABLE_ERROR_REPORTING=true
+ENABLE_MONITORING=true
+
+# Security
+JWT_SECRET={{PRODUCTION_JWT_SECRET}}
+API_KEY={{PRODUCTION_API_KEY}}
+
+# External Services
+STRIPE_PUBLIC_KEY={{PRODUCTION_STRIPE_PUBLIC_KEY}}
+STRIPE_SECRET_KEY={{PRODUCTION_STRIPE_SECRET_KEY}}
+
+# Logging
+LOG_LEVEL=warn
+LOG_FORMAT=json
+
+# Performance
+CACHE_TTL=3600
+RATE_LIMIT=10000

package/dist/config/customers/template/staging.env.template

@@ -0,0 +1,37 @@
+# Customer Staging Environment Variables
+# Template for {{CUSTOMER_NAME}} staging environment
+
+# Customer Information
+CUSTOMER_NAME={{CUSTOMER_NAME}}
+CUSTOMER_DOMAIN={{CUSTOMER_DOMAIN}}
+ENVIRONMENT={{ENVIRONMENT}}
+
+# Domain Configuration
+DOMAIN={{DOMAIN}}
+API_DOMAIN=api-staging.{{DOMAIN}}
+AUTH_DOMAIN=auth-staging.{{DOMAIN}}
+
+# Database Configuration
+DATABASE_URL=postgresql://user:password@staging-db:5432/{{CUSTOMER_NAME}}_staging
+REDIS_URL=redis://staging-redis:6379/0
+
+# Feature Flags
+ENABLE_DEBUG_LOGGING=false
+ENABLE_DEVELOPMENT_MODE=false
+ENABLE_STRICT_VALIDATION=true
+
+# Security
+JWT_SECRET=staging-jwt-secret-{{CUSTOMER_NAME}}
+API_KEY=staging-api-key-{{CUSTOMER_NAME}}
+
+# External Services
+STRIPE_PUBLIC_KEY=pk_test_...
+STRIPE_SECRET_KEY=sk_test_...
+
+# Logging
+LOG_LEVEL=info
+LOG_FORMAT=json
+
+# Performance
+CACHE_TTL=600
+RATE_LIMIT=5000

package/dist/config/customers.js

@@ -1,4 +1,4 @@
-import { readFileSync, writeFileSync, existsSync, mkdirSync, readdirSync, statSync } from 'fs';
+import fs from 'fs';
 // eslint-disable-next-line no-unused-vars
 import { resolve, join } from 'path';
 import toml from '@iarna/toml';
@@ -38,8 +38,10 @@ export class CustomerConfigurationManager {
     const customerDir = resolve(this.configDir, 'customers', customerName);
 
     // Create customer directory structure
-    if (!existsSync(customerDir)) {
-      mkdirSync(customerDir, {
+    console.log(`DEBUG: Checking if directory exists: ${customerDir}`);
+    if (!fs.existsSync(customerDir)) {
+      console.log(`DEBUG: Creating directory: ${customerDir}`);
+      fs.mkdirSync(customerDir, {
         recursive: true
       });
       logger.info(`Created customer directory: ${customerDir}`);
@@ -120,19 +122,19 @@ export class CustomerConfigurationManager {
     const outputPath = resolve(this.configDir, 'customers', customerName, `${environment}.env`);
 
     // Check if template exists
-    if (!existsSync(templatePath)) {
+    if (!fs.existsSync(templatePath)) {
       logger.warn(`Template not found: ${templatePath}, skipping ${environment} config`);
       return;
     }
 
     // Skip if config already exists
-    if (existsSync(outputPath)) {
+    if (fs.existsSync(outputPath)) {
       logger.info(`Config already exists: ${outputPath}, skipping`);
       return;
     }
     try {
       // Read template and replace placeholders
-      let template = readFileSync(templatePath, 'utf8');
+      let template = fs.readFileSync(templatePath, 'utf8');
 
       // Replace customer-specific placeholders
       template = template.replace(/\{\{CUSTOMER_NAME\}\}/g, customerName);
@@ -144,7 +146,7 @@ export class CustomerConfigurationManager {
       template = template.replace(/\{\{DOMAIN\}\}/g, envDomains[environment]);
 
       // Write customer config
-      writeFileSync(outputPath, template);
+      fs.writeFileSync(outputPath, template);
       logger.info(`Created customer config: ${environment}.env for ${customerName}`);
     } catch (error) {
       logger.error(`Failed to create ${environment} config for ${customerName}:`, error.message);
@@ -176,7 +178,7 @@ export class CustomerConfigurationManager {
     const baseFiles = ['wrangler.base.toml', 'variables.base.env'];
     for (const file of baseFiles) {
       const path = resolve(this.configDir, 'base', file);
-      if (!existsSync(path)) {
+      if (!fs.existsSync(path)) {
         errors.push(`Missing base config: ${file}`);
         valid = false;
       }
@@ -186,7 +188,7 @@ export class CustomerConfigurationManager {
     for (const env of this.environments) {
       const envFile = `${env}.toml`;
       const path = resolve(this.configDir, 'environments', envFile);
-      if (!existsSync(path)) {
+      if (!fs.existsSync(path)) {
         errors.push(`Missing environment config: ${envFile}`);
         valid = false;
       }
@@ -194,7 +196,7 @@ export class CustomerConfigurationManager {
 
     // Validate customer configs
     const customersDir = resolve(this.configDir, 'customers');
-    if (existsSync(customersDir)) {
+    if (fs.existsSync(customersDir)) {
       const customerDirs = this.getCustomerDirectories();
       for (const customerName of customerDirs) {
         const customerValid = await this.validateCustomerConfig(customerName);
@@ -223,7 +225,7 @@ export class CustomerConfigurationManager {
     // Check environment files exist
     for (const env of this.environments) {
       const envFile = resolve(customerDir, `${env}.env`);
-      if (!existsSync(envFile)) {
+      if (!fs.existsSync(envFile)) {
         logger.error(`Missing ${env}.env for customer ${customerName}`);
         valid = false;
       }
@@ -274,13 +276,13 @@ export class CustomerConfigurationManager {
 
     // Load base variables
     const baseVarsPath = resolve(this.configDir, 'base', 'variables.base.env');
-    if (existsSync(baseVarsPath)) {
+    if (fs.existsSync(baseVarsPath)) {
       config.variables.base = this.parseEnvFile(baseVarsPath);
     }
 
     // Load customer environment variables
     const customerConfigPath = resolve(this.configDir, 'customers', customerName, `${environment}.env`);
-    if (existsSync(customerConfigPath)) {
+    if (fs.existsSync(customerConfigPath)) {
       config.variables.customer = this.parseEnvFile(customerConfigPath);
     }
 
@@ -339,7 +341,7 @@ export class CustomerConfigurationManager {
    */
   async loadExistingCustomers() {
     const customersDir = resolve(this.configDir, 'customers');
-    if (!existsSync(customersDir)) {
+    if (!fs.existsSync(customersDir)) {
       return;
     }
     try {
@@ -347,9 +349,9 @@ export class CustomerConfigurationManager {
       const rootWranglerPath = resolve(this.configDir, '..', 'wrangler.toml');
       let wranglerConfig = null;
       let globalAccountId = null;
-      if (existsSync(rootWranglerPath)) {
+      if (fs.existsSync(rootWranglerPath)) {
         try {
-          const wranglerContent = readFileSync(rootWranglerPath, 'utf8');
+          const wranglerContent = fs.readFileSync(rootWranglerPath, 'utf8');
           wranglerConfig = toml.parse(wranglerContent);
           globalAccountId = wranglerConfig.account_id;
           logger.info(`Loaded wrangler.toml with account_id: ${globalAccountId ? globalAccountId.substring(0, 8) + '...' : 'not found'}`);
@@ -407,7 +409,7 @@ export class CustomerConfigurationManager {
 
         // Read customer-specific env file to get CUSTOMER_DOMAIN and other info
         const prodConfigPath = resolve(customerDir, 'production.env');
-        if (existsSync(prodConfigPath)) {
+        if (fs.existsSync(prodConfigPath)) {
           try {
             const prodConfig = this.parseEnvFile(prodConfigPath);
 
@@ -466,15 +468,15 @@ export class CustomerConfigurationManager {
    */
   getCustomerDirectories() {
     const customersDir = resolve(this.configDir, 'customers');
-    if (!existsSync(customersDir)) {
+    if (!fs.existsSync(customersDir)) {
       return [];
     }
     try {
       // Read directory contents
-      const items = readdirSync(customersDir);
+      const items = fs.readdirSync(customersDir);
       return items.filter(item => {
         const itemPath = resolve(customersDir, item);
-        return statSync(itemPath).isDirectory() && item !== 'template';
+        return fs.statSync(itemPath).isDirectory() && item !== 'template';
       });
     } catch (error) {
       logger.error('Error reading customer directories:', error.message);
@@ -486,7 +488,7 @@ export class CustomerConfigurationManager {
    * Parse environment file
    */
   parseEnvFile(filePath) {
-    const content = readFileSync(filePath, 'utf8');
+    const content = fs.readFileSync(filePath, 'utf8');
     const variables = {};
     content.split('\n').forEach(line => {
       const trimmed = line.trim();
@@ -511,8 +513,8 @@ export class CustomerConfigurationManager {
       let existingConfig = {};
 
       // Read existing config if file exists
-      if (existsSync(wranglerPath)) {
-        const content = readFileSync(wranglerPath, 'utf8');
+      if (fs.existsSync(wranglerPath)) {
+        const content = fs.readFileSync(wranglerPath, 'utf8');
         existingConfig = toml.parse(content);
       }
 
@@ -521,7 +523,7 @@ export class CustomerConfigurationManager {
 
       // Write back to file
       const tomlContent = toml.stringify(mergedConfig);
-      writeFileSync(wranglerPath, tomlContent, 'utf8');
+      fs.writeFileSync(wranglerPath, tomlContent, 'utf8');
       logger.info(`Updated wrangler.toml: ${wranglerPath}`);
       return true;
     } catch (error) {
@@ -575,7 +577,7 @@ export class CustomerConfigurationManager {
    */
   addD1Database(wranglerPath, environment, databaseConfig) {
     try {
-      const content = readFileSync(wranglerPath, 'utf8');
+      const content = fs.readFileSync(wranglerPath, 'utf8');
       const config = toml.parse(content);
 
       // Ensure env section exists
@@ -596,7 +598,7 @@ export class CustomerConfigurationManager {
       }
 
       // Write back
-      writeFileSync(wranglerPath, toml.stringify(config), 'utf8');
+      fs.writeFileSync(wranglerPath, toml.stringify(config), 'utf8');
       logger.info(`Added D1 database to ${environment} environment`);
       return true;
     } catch (error) {