npm - @telorun/s3 - Versions diffs - 0.1.0 - Mend

@telorun/s3 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/LICENSE +17 -0
package/README.md +246 -0
package/dist/s3-bucket-controller.d.ts +22 -0
package/dist/s3-bucket-controller.js +90 -0
package/dist/s3-get-controller.d.ts +22 -0
package/dist/s3-get-controller.js +45 -0
package/dist/s3-list-controller.d.ts +17 -0
package/dist/s3-list-controller.js +27 -0
package/dist/s3-put-controller.d.ts +21 -0
package/dist/s3-put-controller.js +27 -0
package/package.json +59 -0
package/src/s3-bucket-controller.ts +111 -0
package/src/s3-get-controller.ts +76 -0
package/src/s3-list-controller.ts +43 -0
package/src/s3-put-controller.ts +47 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,17 @@
+# SUSTAINABLE USE LICENSE (Fair-code)
+Copyright (c) 2026 CodeNet Sp. z o.o.
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to use, copy, modify, and distribute the Software for any purpose—including commercial purposes—subject to the following conditions:
+1. ANTI-COMPETITION RESTRICTION: The Software may not be provided to third parties as a managed service, commercial SaaS (Software-as-a-Service), PaaS (Platform-as-a-Service), BaaS (Backend-as-a-Service), or similar offering where the primary value provided to the user is the functionality of the Software itself, without a separate commercial license from the copyright holder.
+2. PERMITTED COMMERCIAL USE: You are free to use the Software to build, host, and monetize your own commercial applications, products, and services, provided such use does not violate Clause 1.
+3. ATTRIBUTION: This copyright notice and license must be included in all copies or substantial portions of the Software.
+4. CONTRIBUTIONS: Contributions to the Software are welcome and encouraged. By contributing, you agree that your contributions may be incorporated into the Software and distributed under this license.
+5. DISCLAIMER: The Software is provided "as is", without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose and noninfringement. In no event shall the authors or copyright holders be liable for any claim, damages or other liability, whether in an action of contract, tort or otherwise, arising from, out of or in connection with the Software or the use or other dealings in the Software.
+For commercial licensing, managed hosting exemptions, or enterprise inquiries, please contact <contact@codenet.pl>.

package/README.md ADDED Viewed

@@ -0,0 +1,246 @@
+<p align="center">
+  <img src="https://raw.githubusercontent.com/telorun/telo/main/assets/telo.png" alt="Telo" width="200" />
+</p>
+<h1 align="center">Telo</h1>
+<p align="center">Runtime for declarative backends.</p>
+<p align="center">
+  <a href="https://github.com/telorun/telo/actions/workflows/test.yml"><img alt="Tests" src="https://github.com/telorun/telo/actions/workflows/test.yml/badge.svg" /></a>
+  <a href="https://www.npmjs.com/package/@telorun/cli"><img alt="node" src="https://img.shields.io/node/v/@telorun/cli" /></a>
+  <br />
+  <a href="https://github.com/telorun/telo/commits/main"><img alt="Last commit" src="https://img.shields.io/github/last-commit/telorun/telo" /></a>
+  <a href="https://github.com/telorun/telo/issues"><img alt="Issues" src="https://img.shields.io/github/issues/telorun/telo" /></a>
+  <a href="https://github.com/telorun/telo/pulls"><img alt="Pull requests" src="https://img.shields.io/github/issues-pr/telorun/telo" /></a>
+  <br />
+  <img alt="Changesets" src="https://img.shields.io/badge/maintained%20with-changesets-176de3" />
+</p>
+Telo is an execution engine (Micro-Kernel) that runs logic defined entirely in YAML manifests. Instead of writing imperative backend code, you define your routes, databases, schemas, and AI workflows as atomic, interconnected YAML documents. Telo takes those manifests and runs them.
+Built to be language-agnostic and infinitely extensible.
+```bash
+# Reconcile your manifest into a running backend
+$ telo ./examples/hello-api.yaml
+{"level":30,"time":1771610393008,"pid":1310178,"hostname":"dev","msg":"Server listening at http://127.0.0.1:8844"}
+```
+## Why use Telo?
+- **Open Standards:** Built on YAML, JSON Schema, and CEL — no proprietary DSL.
+- **Static Analysis:** CEL type checking, reference validation, and IDE diagnostics catch errors before runtime.
+- **Micro-Kernel Architecture:** Telo itself knows nothing about HTTP or SQL. Everything is a module you import, scope, and compose with typed variable and secret contracts.
+- **Language Agnostic:** Available as a Node.js runtime today, with a shared YAML runtime contract that allows for future Rust or Go implementations without changing your manifests.
+## What It Does
+- **Loads** YAML resources and compiles CEL expressions (`${{ }}`) into an in-memory registry.
+- **Resolves** resource dependencies via a multi-pass init loop, handling ordering automatically.
+- **Indexes** resources by Kind and Name for constant-time lookup.
+- **Dispatches** execution to the controller that owns each Kind.
+## Example manifest
+Here is an example Telo application that defines a simple HTTP API:
+```yaml
+kind: Telo.Application
+metadata:
+  name: feedback
+  version: 1.0.0
+  description: |
+    A complete feedback collection REST API — no code, pure YAML.
+    Persists entries to SQLite and serves them over HTTP.
+targets:
+  - Migrations
+  - Server
+---
+kind: Telo.Import
+metadata:
+  name: Http
+source: std/http-server@0.4.0
+---
+kind: Telo.Import
+metadata:
+  name: Sql
+source: std/sql@0.2.3
+---
+# SQLite database — swap driver/host/database for PostgreSQL with zero YAML changes
+kind: Sql.Connection
+metadata:
+  name: Db
+driver: sqlite
+file: ./tmp/feedback.db
+---
+# Migrations: applied automatically before the server starts
+kind: Sql.Migrations
+metadata:
+  name: Migrations
+connection:
+  kind: Sql.Connection
+  name: Db
+---
+kind: Sql.Migration
+metadata:
+  name: Migration_20260413_182154_CreateFeedback
+version: 20260413_182154_CreateFeedback
+sql: |
+  CREATE TABLE IF NOT EXISTS feedback (
+    id        INTEGER PRIMARY KEY AUTOINCREMENT,
+    text      TEXT    NOT NULL,
+    source    TEXT,
+    score     INTEGER NOT NULL DEFAULT 0,
+    created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+  )
+---
+kind: Http.Server
+metadata:
+  name: Server
+baseUrl: http://localhost:8844
+port: 8844
+logger: true
+openapi:
+  info:
+    title: Feedback API
+    version: 1.0.0
+mounts:
+  - path: /v1
+    type: Http.Api.FeedbackRoutes
+---
+kind: Http.Api
+metadata:
+  name: FeedbackRoutes
+routes:
+  # POST /v1/feedback — insert a new entry, score derived from body length heuristic
+  - request:
+      path: /feedback
+      method: POST
+      schema:
+        body:
+          type: object
+          properties:
+            text:
+              type: string
+              minLength: 1
+            source:
+              type: string
+          required: [text]
+    handler:
+      kind: Sql.Exec
+      connection:
+        kind: Sql.Connection
+        name: Db
+    inputs:
+      sql: "INSERT INTO feedback (text, source, score) VALUES (?, ?, ?)"
+      bindings:
+        - "${{ request.body.text }}"
+        - "${{ request.body.source }}"
+        - "${{ size(request.body.text) }}"
+    response:
+      - status: 201
+        headers:
+          Content-Type: application/json
+        body:
+          ok: true
+          message: Feedback received
+  # GET /v1/feedback — list all entries, newest first
+  - request:
+      path: /feedback
+      method: GET
+    handler:
+      kind: Sql.Select
+      connection:
+        kind: Sql.Connection
+        name: Db
+      from: feedback
+      columns: [id, text, source, score, created_at]
+      orderBy:
+        - { column: created_at, direction: desc }
+    response:
+      - status: 200
+        headers:
+          Content-Type: application/json
+        body: "${{ result.rows }}"
+  # GET /v1/feedback/{id} — fetch a single entry
+  - request:
+      path: /feedback/{id}
+      method: GET
+      schema:
+        params:
+          type: object
+          properties:
+            id:
+              type: integer
+          required: [id]
+    handler:
+      kind: Sql.Select
+      connection:
+        kind: Sql.Connection
+        name: Db
+      from: feedback
+      columns: [id, text, source, score, created_at]
+      where:
+        - { column: id, op: "=", value: "${{ request.params.id }}" }
+    response:
+      - status: 200
+        when: "size(result.rows) > 0"
+        headers:
+          Content-Type: application/json
+        body: "${{ result.rows[0] }}"
+      - status: 404
+        headers:
+          Content-Type: application/json
+        body:
+          ok: false
+          message: Not found
+```
+## Status
+Telo is under **active development**. The core runtime, module system, and standard library are functional, but the API surface — including YAML shapes — may change without notice. Not yet recommended for production use.
+## The Meaning of Telo
+The name Telo is derived from the Greek root Telos - meaning the "end goal", "purpose", or "final state". That is exactly the philosophy behind this runtime. In standard imperative programming, you have to write thousands of lines of code to tell a server exactly how to start. With Telo, you simply declare your desired final state.
+You define the end state. Telo makes it real.
+## Philosophy
+Modern platforms often spend disproportionate effort on technical mechanics-wiring frameworks, managing infrastructure, and negotiating toolchains-while the original business problem gets delayed or diluted. Telo pushes in the opposite direction: it treats kernel execution as a stable, predictable host so teams can concentrate on the **business logic and outcomes** instead of the plumbing.
+By separating "what the system should do" from "how it is hosted", the runtime reduces friction for domain‑level changes. Teams can move faster on product requirements, experiment more safely, and keep conversations centered on value delivered rather than implementation trivia.
+Telo also aims to **join forces across all programming language communities**, so the best ideas, patterns, and implementations can converge into a shared kernel truth without forcing everyone into a single stack.
+YAML also makes the system more **AI‑friendly** than traditional programming languages: it is explicit, structured, and easier for tools to generate, review, and transform without losing intent.
+## Modularity
+Telo is built around **modules** that own specific resource kinds. A module is loaded from a manifest, declares which kinds it implements, and then receives only the resources of those kinds. This keeps concerns isolated and lets teams compose systems from focused building blocks rather than monolithic services.
+At kernel execution time, execution is always routed by **Kind.Name**. The kernel resolves the Kind to its owning module and hands off execution. Modules can call back into the kernel to execute other resources, enabling composition without tight coupling.
+## Architecture
+The architecture is inspired by Kubernetes-style manifests: declarative resources, explicit kinds, and a control plane that routes work based on those definitions.
+Those manifests were taken to the next level by allowing them to run inside a standalone runtime host.
+## See more at
+- [Telo Kernel](./kernel/README.md)
+- [Telo SDK for module authors](sdk/README.md)
+- [Modules](modules/README.md)
+## License
+See [LICENSE](https://github.com/telorun/telo/blob/main/LICENSE).
+## Contribution Note
+By contributing, you agree that code and examples in this repository may be translated or re‑implemented in other programming languages (including by AI systems) to support the project’s polyglot goals.

package/dist/s3-bucket-controller.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import { S3Client } from "@aws-sdk/client-s3";
+import { Static } from "@sinclair/typebox";
+import type { ResourceContext, ResourceInstance } from "@telorun/sdk";
+export declare const schema: import("@sinclair/typebox").TObject<{
+    bucketName: import("@sinclair/typebox").TString;
+    endpoint: import("@sinclair/typebox").TString;
+    accessKeyId: import("@sinclair/typebox").TString;
+    secretAccessKey: import("@sinclair/typebox").TString;
+    forcePathStyle: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
+    createIfMissing: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
+    publicRead: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
+}>;
+export type S3BucketManifest = Static<typeof schema>;
+export declare class S3BucketResource implements ResourceInstance {
+    readonly client: S3Client;
+    readonly bucketName: string;
+    constructor(manifest: S3BucketManifest);
+    getClient(): S3Client;
+    snapshot(): {};
+}
+export declare function register(): void;
+export declare function create(resource: S3BucketManifest, ctx: ResourceContext): Promise<S3BucketResource>;

package/dist/s3-bucket-controller.js ADDED Viewed

@@ -0,0 +1,90 @@
+import { CreateBucketCommand, HeadBucketCommand, PutBucketPolicyCommand, S3Client, S3ServiceException, } from "@aws-sdk/client-s3";
+import { Type } from "@sinclair/typebox";
+export const schema = Type.Object({
+    bucketName: Type.String(),
+    endpoint: Type.String(),
+    accessKeyId: Type.String(),
+    secretAccessKey: Type.String(),
+    forcePathStyle: Type.Optional(Type.Boolean()),
+    createIfMissing: Type.Optional(Type.Boolean()),
+    publicRead: Type.Optional(Type.Boolean()),
+});
+export class S3BucketResource {
+    client;
+    bucketName;
+    constructor(manifest) {
+        this.bucketName = manifest.bucketName;
+        this.client = new S3Client({
+            region: "auto",
+            endpoint: manifest.endpoint,
+            forcePathStyle: manifest.forcePathStyle ?? false,
+            credentials: { accessKeyId: manifest.accessKeyId, secretAccessKey: manifest.secretAccessKey },
+        });
+    }
+    getClient() {
+        return this.client;
+    }
+    snapshot() {
+        return {};
+    }
+}
+export function register() { }
+export async function create(resource, ctx) {
+    ctx.validateSchema(resource, schema);
+    const instance = new S3BucketResource(resource);
+    if (resource.createIfMissing) {
+        await ensureBucket(instance);
+    }
+    if (resource.publicRead) {
+        // await applyPublicReadPolicy(instance);
+    }
+    return instance;
+}
+async function ensureBucket(instance) {
+    if (await bucketExists(instance)) {
+        return;
+    }
+    try {
+        await instance.getClient().send(new CreateBucketCommand({ Bucket: instance.bucketName }));
+    }
+    catch (err) {
+        if (err instanceof S3ServiceException) {
+            if (err.name === "BucketAlreadyOwnedByYou" || err.name === "BucketAlreadyExists") {
+                return;
+            }
+        }
+        throw err;
+    }
+}
+async function bucketExists(instance) {
+    try {
+        await instance.getClient().send(new HeadBucketCommand({ Bucket: instance.bucketName }));
+        return true;
+    }
+    catch (err) {
+        if (err instanceof S3ServiceException) {
+            if (err.name === "NotFound" || err.$metadata?.httpStatusCode === 404) {
+                return false;
+            }
+        }
+        throw err;
+    }
+}
+async function applyPublicReadPolicy(instance) {
+    const policy = {
+        Version: "2012-10-17",
+        Statement: [
+            {
+                Sid: "PublicReadGetObject",
+                Effect: "Allow",
+                Principal: "*",
+                Action: "s3:GetObject",
+                Resource: `arn:aws:s3:::${instance.bucketName}/*`,
+            },
+        ],
+    };
+    await instance.getClient().send(new PutBucketPolicyCommand({
+        Bucket: instance.bucketName,
+        Policy: JSON.stringify(policy),
+    }));
+}

package/dist/s3-get-controller.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import { Stream, type ResourceContext, type ResourceInstance } from "@telorun/sdk";
+interface S3GetManifest {
+    bucketRef: {
+        name: string;
+    };
+}
+interface S3GetInputs {
+    key: string;
+}
+interface S3GetOutput {
+    output: Stream<Uint8Array>;
+    contentType?: string;
+}
+declare class S3GetResource implements ResourceInstance<S3GetInputs, S3GetOutput> {
+    private readonly manifest;
+    private readonly ctx;
+    constructor(manifest: S3GetManifest, ctx: ResourceContext);
+    invoke(input: S3GetInputs): Promise<S3GetOutput>;
+}
+export declare function register(): void;
+export declare function create(resource: S3GetManifest, ctx: ResourceContext): Promise<S3GetResource>;
+export {};

package/dist/s3-get-controller.js ADDED Viewed

@@ -0,0 +1,45 @@
+import { GetObjectCommand, S3ServiceException } from "@aws-sdk/client-s3";
+import { InvokeError, Stream } from "@telorun/sdk";
+class S3GetResource {
+    manifest;
+    ctx;
+    constructor(manifest, ctx) {
+        this.manifest = manifest;
+        this.ctx = ctx;
+    }
+    async invoke(input) {
+        const bucketRefName = this.ctx.expandValue(this.manifest.bucketRef.name, input ?? {});
+        const bucket = this.ctx.moduleContext.getInstance(bucketRefName);
+        if (!bucket) {
+            throw new InvokeError("ERR_INVALID_REFERENCE", `S3.Bucket "${bucketRefName}" not found`);
+        }
+        let response;
+        try {
+            response = await bucket.getClient().send(new GetObjectCommand({ Bucket: bucket.bucketName, Key: input.key }));
+        }
+        catch (err) {
+            if (err instanceof S3ServiceException &&
+                (err.name === "NoSuchKey" || err.$metadata?.httpStatusCode === 404)) {
+                throw new InvokeError("ERR_NOT_FOUND", `S3 object not found: ${input.key}`);
+            }
+            throw err;
+        }
+        const body = response.Body;
+        if (!body || typeof body[Symbol.asyncIterator] !== "function") {
+            throw new InvokeError("ERR_INVALID_RESPONSE", `S3 GetObject returned no iterable body for key '${input.key}'.`);
+        }
+        return {
+            output: new Stream(toUint8ArrayIterable(body)),
+            contentType: response.ContentType,
+        };
+    }
+}
+async function* toUint8ArrayIterable(source) {
+    for await (const chunk of source) {
+        yield chunk instanceof Uint8Array ? chunk : new Uint8Array(chunk);
+    }
+}
+export function register() { }
+export async function create(resource, ctx) {
+    return new S3GetResource(resource, ctx);
+}

package/dist/s3-list-controller.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { ResourceContext, ResourceInstance } from "@telorun/sdk";
+interface S3ListManifest {
+    bucketRef: {
+        name: string;
+    };
+}
+declare class S3ListResource implements ResourceInstance {
+    private readonly manifest;
+    private readonly ctx;
+    constructor(manifest: S3ListManifest, ctx: ResourceContext);
+    invoke(input: any): Promise<{
+        keys: string[];
+    }>;
+}
+export declare function register(): void;
+export declare function create(resource: S3ListManifest, ctx: ResourceContext): Promise<S3ListResource>;
+export {};

package/dist/s3-list-controller.js ADDED Viewed

@@ -0,0 +1,27 @@
+import { ListObjectsCommand } from "@aws-sdk/client-s3";
+class S3ListResource {
+    manifest;
+    ctx;
+    constructor(manifest, ctx) {
+        this.manifest = manifest;
+        this.ctx = ctx;
+    }
+    async invoke(input) {
+        const ctx = this.ctx;
+        const m = this.manifest;
+        const bucketRefName = ctx.expandValue(m.bucketRef.name, input ?? {});
+        const prefix = input?.prefix ?? "";
+        const bucket = ctx.moduleContext.getInstance(bucketRefName);
+        if (!bucket) {
+            throw new Error(`S3.Bucket "${bucketRefName}" not found`);
+        }
+        const client = bucket.getClient();
+        const result = await client.send(new ListObjectsCommand({ Bucket: bucket.bucketName, Prefix: prefix }));
+        const keys = (result.Contents ?? []).map((obj) => obj.Key ?? "");
+        return { keys };
+    }
+}
+export function register() { }
+export async function create(resource, ctx) {
+    return new S3ListResource(resource, ctx);
+}

package/dist/s3-put-controller.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+import type { ResourceContext, ResourceInstance } from "@telorun/sdk";
+interface S3PutManifest {
+    bucketRef: {
+        name: string;
+    };
+}
+declare class S3PutResource implements ResourceInstance {
+    private readonly manifest;
+    private readonly ctx;
+    constructor(manifest: S3PutManifest, ctx: ResourceContext);
+    invoke(input: {
+        key: string;
+        body: string;
+        contentType?: string;
+    }): Promise<{
+        key: string;
+    }>;
+}
+export declare function register(): void;
+export declare function create(resource: S3PutManifest, ctx: ResourceContext): Promise<S3PutResource>;
+export {};

package/dist/s3-put-controller.js ADDED Viewed

@@ -0,0 +1,27 @@
+import { PutObjectCommand } from "@aws-sdk/client-s3";
+class S3PutResource {
+    manifest;
+    ctx;
+    constructor(manifest, ctx) {
+        this.manifest = manifest;
+        this.ctx = ctx;
+    }
+    async invoke(input) {
+        const bucketRefName = this.ctx.expandValue(this.manifest.bucketRef.name, input ?? {});
+        const bucket = this.ctx.moduleContext.getInstance(bucketRefName);
+        if (!bucket) {
+            throw new Error(`S3.Bucket "${bucketRefName}" not found`);
+        }
+        await bucket.getClient().send(new PutObjectCommand({
+            Bucket: bucket.bucketName,
+            Key: input.key,
+            Body: input.body,
+            ContentType: input.contentType ?? "application/octet-stream",
+        }));
+        return { key: input.key };
+    }
+}
+export function register() { }
+export async function create(resource, ctx) {
+    return new S3PutResource(resource, ctx);
+}

package/package.json ADDED Viewed

@@ -0,0 +1,59 @@
+{
+  "name": "@telorun/s3",
+  "version": "0.1.0",
+  "description": "Telo S3 module - AWS S3 resource kinds for Telo manifests.",
+  "keywords": [
+    "telo",
+    "s3",
+    "aws",
+    "storage"
+  ],
+  "author": "Bartosz Pasiński <bartosz.pasinski@codenet.pl>",
+  "license": "SEE LICENSE IN LICENSE",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/telorun/telo.git",
+    "directory": "modules/s3/nodejs"
+  },
+  "homepage": "https://github.com/telorun/telo#readme",
+  "bugs": {
+    "url": "https://github.com/telorun/telo/issues"
+  },
+  "type": "module",
+  "exports": {
+    "./s3-bucket": {
+      "bun": "./src/s3-bucket-controller.ts",
+      "import": "./dist/s3-bucket-controller.js"
+    },
+    "./s3-list": {
+      "bun": "./src/s3-list-controller.ts",
+      "import": "./dist/s3-list-controller.js"
+    },
+    "./s3-put": {
+      "bun": "./src/s3-put-controller.ts",
+      "import": "./dist/s3-put-controller.js"
+    },
+    "./s3-get": {
+      "bun": "./src/s3-get-controller.ts",
+      "import": "./dist/s3-get-controller.js"
+    }
+  },
+  "files": [
+    "dist",
+    "src/**"
+  ],
+  "dependencies": {
+    "@aws-sdk/client-s3": "^3.0.0",
+    "@sinclair/typebox": "^0.34.48"
+  },
+  "devDependencies": {
+    "@types/node": "^20.0.0",
+    "typescript": "^5.0.0"
+  },
+  "peerDependencies": {
+    "@telorun/sdk": "0.12.0"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.lib.json"
+  }
+}

package/src/s3-bucket-controller.ts ADDED Viewed

@@ -0,0 +1,111 @@
+import {
+  CreateBucketCommand,
+  HeadBucketCommand,
+  PutBucketPolicyCommand,
+  S3Client,
+  S3ServiceException,
+} from "@aws-sdk/client-s3";
+import { Static, Type } from "@sinclair/typebox";
+import type { ResourceContext, ResourceInstance } from "@telorun/sdk";
+export const schema = Type.Object({
+  bucketName: Type.String(),
+  endpoint: Type.String(),
+  accessKeyId: Type.String(),
+  secretAccessKey: Type.String(),
+  forcePathStyle: Type.Optional(Type.Boolean()),
+  createIfMissing: Type.Optional(Type.Boolean()),
+  publicRead: Type.Optional(Type.Boolean()),
+});
+export type S3BucketManifest = Static<typeof schema>;
+export class S3BucketResource implements ResourceInstance {
+  readonly client: S3Client;
+  readonly bucketName: string;
+  constructor(manifest: S3BucketManifest) {
+    this.bucketName = manifest.bucketName;
+    this.client = new S3Client({
+      region: "auto",
+      endpoint: manifest.endpoint,
+      forcePathStyle: manifest.forcePathStyle ?? false,
+      credentials: { accessKeyId: manifest.accessKeyId, secretAccessKey: manifest.secretAccessKey },
+    });
+  }
+  getClient() {
+    return this.client;
+  }
+  snapshot() {
+    return {};
+  }
+}
+export function register(): void {}
+export async function create(
+  resource: S3BucketManifest,
+  ctx: ResourceContext,
+): Promise<S3BucketResource> {
+  ctx.validateSchema(resource, schema);
+  const instance = new S3BucketResource(resource);
+  if (resource.createIfMissing) {
+    await ensureBucket(instance);
+  }
+  if (resource.publicRead) {
+    // await applyPublicReadPolicy(instance);
+  }
+  return instance;
+}
+async function ensureBucket(instance: S3BucketResource): Promise<void> {
+  if (await bucketExists(instance)) {
+    return;
+  }
+  try {
+    await instance.getClient().send(new CreateBucketCommand({ Bucket: instance.bucketName }));
+  } catch (err) {
+    if (err instanceof S3ServiceException) {
+      if (err.name === "BucketAlreadyOwnedByYou" || err.name === "BucketAlreadyExists") {
+        return;
+      }
+    }
+    throw err;
+  }
+}
+async function bucketExists(instance: S3BucketResource): Promise<boolean> {
+  try {
+    await instance.getClient().send(new HeadBucketCommand({ Bucket: instance.bucketName }));
+    return true;
+  } catch (err) {
+    if (err instanceof S3ServiceException) {
+      if (err.name === "NotFound" || err.$metadata?.httpStatusCode === 404) {
+        return false;
+      }
+    }
+    throw err;
+  }
+}
+async function applyPublicReadPolicy(instance: S3BucketResource): Promise<void> {
+  const policy = {
+    Version: "2012-10-17",
+    Statement: [
+      {
+        Sid: "PublicReadGetObject",
+        Effect: "Allow",
+        Principal: "*",
+        Action: "s3:GetObject",
+        Resource: `arn:aws:s3:::${instance.bucketName}/*`,
+      },
+    ],
+  };
+  await instance.getClient().send(
+    new PutBucketPolicyCommand({
+      Bucket: instance.bucketName,
+      Policy: JSON.stringify(policy),
+    }),
+  );
+}

package/src/s3-get-controller.ts ADDED Viewed

@@ -0,0 +1,76 @@
+import { GetObjectCommand, S3ServiceException } from "@aws-sdk/client-s3";
+import { InvokeError, Stream, type ResourceContext, type ResourceInstance } from "@telorun/sdk";
+import { S3BucketResource } from "./s3-bucket-controller.js";
+interface S3GetManifest {
+  bucketRef: { name: string };
+}
+interface S3GetInputs {
+  key: string;
+}
+interface S3GetOutput {
+  output: Stream<Uint8Array>;
+  contentType?: string;
+}
+class S3GetResource implements ResourceInstance<S3GetInputs, S3GetOutput> {
+  constructor(
+    private readonly manifest: S3GetManifest,
+    private readonly ctx: ResourceContext,
+  ) {}
+  async invoke(input: S3GetInputs): Promise<S3GetOutput> {
+    const bucketRefName = this.ctx.expandValue(this.manifest.bucketRef.name, input ?? {}) as string;
+    const bucket = this.ctx.moduleContext.getInstance(bucketRefName) as S3BucketResource | undefined;
+    if (!bucket) {
+      throw new InvokeError("ERR_INVALID_REFERENCE", `S3.Bucket "${bucketRefName}" not found`);
+    }
+    let response;
+    try {
+      response = await bucket.getClient().send(
+        new GetObjectCommand({ Bucket: bucket.bucketName, Key: input.key }),
+      );
+    } catch (err) {
+      if (
+        err instanceof S3ServiceException &&
+        (err.name === "NoSuchKey" || err.$metadata?.httpStatusCode === 404)
+      ) {
+        throw new InvokeError("ERR_NOT_FOUND", `S3 object not found: ${input.key}`);
+      }
+      throw err;
+    }
+    const body = response.Body;
+    if (!body || typeof (body as AsyncIterable<unknown>)[Symbol.asyncIterator] !== "function") {
+      throw new InvokeError(
+        "ERR_INVALID_RESPONSE",
+        `S3 GetObject returned no iterable body for key '${input.key}'.`,
+      );
+    }
+    return {
+      output: new Stream(toUint8ArrayIterable(body as AsyncIterable<Uint8Array | Buffer>)),
+      contentType: response.ContentType,
+    };
+  }
+}
+async function* toUint8ArrayIterable(
+  source: AsyncIterable<Uint8Array | Buffer>,
+): AsyncIterable<Uint8Array> {
+  for await (const chunk of source) {
+    yield chunk instanceof Uint8Array ? chunk : new Uint8Array(chunk);
+  }
+}
+export function register(): void {}
+export async function create(
+  resource: S3GetManifest,
+  ctx: ResourceContext,
+): Promise<S3GetResource> {
+  return new S3GetResource(resource, ctx);
+}

package/src/s3-list-controller.ts ADDED Viewed

@@ -0,0 +1,43 @@
+import { ListObjectsCommand } from "@aws-sdk/client-s3";
+import type { ResourceContext, ResourceInstance } from "@telorun/sdk";
+import { S3BucketResource } from "./s3-bucket-controller.js";
+interface S3ListManifest {
+  bucketRef: { name: string };
+}
+class S3ListResource implements ResourceInstance {
+  constructor(
+    private readonly manifest: S3ListManifest,
+    private readonly ctx: ResourceContext,
+  ) {}
+  async invoke(input: any): Promise<{ keys: string[] }> {
+    const ctx = this.ctx;
+    const m = this.manifest;
+    const bucketRefName = ctx.expandValue(m.bucketRef.name, input ?? {}) as string;
+    const prefix = (input?.prefix as string) ?? "";
+    const bucket: S3BucketResource = ctx.moduleContext.getInstance(bucketRefName) as any;
+    if (!bucket) {
+      throw new Error(`S3.Bucket "${bucketRefName}" not found`);
+    }
+    const client = bucket.getClient();
+    const result = await client.send(
+      new ListObjectsCommand({ Bucket: bucket.bucketName as string, Prefix: prefix }),
+    );
+    const keys = (result.Contents ?? []).map((obj) => obj.Key ?? "");
+    return { keys };
+  }
+}
+export function register(): void {}
+export async function create(
+  resource: S3ListManifest,
+  ctx: ResourceContext,
+): Promise<S3ListResource> {
+  return new S3ListResource(resource, ctx);
+}

package/src/s3-put-controller.ts ADDED Viewed

@@ -0,0 +1,47 @@
+import { PutObjectCommand } from "@aws-sdk/client-s3";
+import type { ResourceContext, ResourceInstance } from "@telorun/sdk";
+import { S3BucketResource } from "./s3-bucket-controller.js";
+interface S3PutManifest {
+  bucketRef: { name: string };
+}
+class S3PutResource implements ResourceInstance {
+  constructor(
+    private readonly manifest: S3PutManifest,
+    private readonly ctx: ResourceContext,
+  ) {}
+  async invoke(input: {
+    key: string;
+    body: string;
+    contentType?: string;
+  }): Promise<{ key: string }> {
+    const bucketRefName = this.ctx.expandValue(this.manifest.bucketRef.name, input ?? {}) as string;
+    const bucket: S3BucketResource = this.ctx.moduleContext.getInstance(bucketRefName) as any;
+    if (!bucket) {
+      throw new Error(`S3.Bucket "${bucketRefName}" not found`);
+    }
+    await bucket.getClient().send(
+      new PutObjectCommand({
+        Bucket: bucket.bucketName,
+        Key: input.key,
+        Body: input.body,
+        ContentType: input.contentType ?? "application/octet-stream",
+      }),
+    );
+    return { key: input.key };
+  }
+}
+export function register(): void {}
+export async function create(
+  resource: S3PutManifest,
+  ctx: ResourceContext,
+): Promise<S3PutResource> {
+  return new S3PutResource(resource, ctx);
+}