@tolgamorf/env2op-cli 0.1.5 → 0.2.1

package/dist/index.js

@@ -0,0 +1,521 @@
+// src/core/env-parser.ts
+import { readFile } from "node:fs/promises";
+
+// src/utils/errors.ts
+class Env2OpError extends Error {
+  code;
+  suggestion;
+  constructor(message, code, suggestion) {
+    super(message);
+    this.code = code;
+    this.suggestion = suggestion;
+    this.name = "Env2OpError";
+  }
+}
+var ErrorCodes = {
+  ENV_FILE_NOT_FOUND: "ENV_FILE_NOT_FOUND",
+  ENV_FILE_EMPTY: "ENV_FILE_EMPTY",
+  OP_CLI_NOT_INSTALLED: "OP_CLI_NOT_INSTALLED",
+  OP_NOT_SIGNED_IN: "OP_NOT_SIGNED_IN",
+  OP_SIGNIN_FAILED: "OP_SIGNIN_FAILED",
+  VAULT_NOT_FOUND: "VAULT_NOT_FOUND",
+  VAULT_CREATE_FAILED: "VAULT_CREATE_FAILED",
+  ITEM_EXISTS: "ITEM_EXISTS",
+  ITEM_CREATE_FAILED: "ITEM_CREATE_FAILED",
+  ITEM_EDIT_FAILED: "ITEM_EDIT_FAILED",
+  PARSE_ERROR: "PARSE_ERROR",
+  TEMPLATE_NOT_FOUND: "TEMPLATE_NOT_FOUND",
+  INJECT_FAILED: "INJECT_FAILED"
+};
+var errors = {
+  envFileNotFound: (path) => new Env2OpError(`File not found: ${path}`, ErrorCodes.ENV_FILE_NOT_FOUND, "Check that the file path is correct"),
+  envFileEmpty: (path) => new Env2OpError(`No valid environment variables found in ${path}`, ErrorCodes.ENV_FILE_EMPTY, "Ensure the file contains KEY=value pairs"),
+  opCliNotInstalled: () => new Env2OpError("1Password CLI (op) is not installed", ErrorCodes.OP_CLI_NOT_INSTALLED, "Install it from https://1password.com/downloads/command-line/"),
+  opNotSignedIn: () => new Env2OpError("Not signed in to 1Password CLI", ErrorCodes.OP_NOT_SIGNED_IN, 'Run "op signin" to authenticate'),
+  vaultNotFound: (vault) => new Env2OpError(`Vault not found: ${vault}`, ErrorCodes.VAULT_NOT_FOUND, 'Run "op vault list" to see available vaults'),
+  vaultCreateFailed: (message) => new Env2OpError(`Failed to create vault: ${message}`, ErrorCodes.VAULT_CREATE_FAILED),
+  itemExists: (title, vault) => new Env2OpError(`Item "${title}" already exists in vault "${vault}"`, ErrorCodes.ITEM_EXISTS, "Use default behavior (overwrites) or choose a different item name"),
+  itemCreateFailed: (message) => new Env2OpError(`Failed to create 1Password item: ${message}`, ErrorCodes.ITEM_CREATE_FAILED),
+  itemEditFailed: (message) => new Env2OpError(`Failed to edit 1Password item: ${message}`, ErrorCodes.ITEM_EDIT_FAILED),
+  parseError: (line, message) => new Env2OpError(`Parse error at line ${line}: ${message}`, ErrorCodes.PARSE_ERROR)
+};
+
+// src/core/env-parser.ts
+var HEADER_SEPARATOR = "# ===========================================================================";
+function stripHeaders(content) {
+  const lines = content.split(`
+`);
+  const result = [];
+  let inHeader = false;
+  for (const line of lines) {
+    const trimmed = line.trim();
+    if (trimmed === HEADER_SEPARATOR) {
+      if (!inHeader) {
+        inHeader = true;
+      } else {
+        inHeader = false;
+      }
+      continue;
+    }
+    if (!inHeader) {
+      result.push(line);
+    }
+  }
+  while (result.length > 0 && result[0]?.trim() === "") {
+    result.shift();
+  }
+  return result.join(`
+`);
+}
+function parseValue(raw) {
+  const trimmed = raw.trim();
+  if (trimmed.startsWith('"')) {
+    const endQuote = trimmed.indexOf('"', 1);
+    if (endQuote !== -1) {
+      return trimmed.slice(1, endQuote);
+    }
+  }
+  if (trimmed.startsWith("'")) {
+    const endQuote = trimmed.indexOf("'", 1);
+    if (endQuote !== -1) {
+      return trimmed.slice(1, endQuote);
+    }
+  }
+  const parts = trimmed.split(/\s+#/);
+  return (parts[0] ?? trimmed).trim();
+}
+function stripBom(content) {
+  if (content.charCodeAt(0) === 65279) {
+    return content.slice(1);
+  }
+  return content;
+}
+async function parseEnvFile(filePath) {
+  let rawContent;
+  try {
+    rawContent = await readFile(filePath, "utf-8");
+  } catch {
+    throw errors.envFileNotFound(filePath);
+  }
+  const content = stripHeaders(stripBom(rawContent));
+  const rawLines = content.split(`
+`);
+  const variables = [];
+  const lines = [];
+  const parseErrors = [];
+  let currentComment = "";
+  for (let i = 0;i < rawLines.length; i++) {
+    const line = rawLines[i] ?? "";
+    const trimmed = line.trim();
+    const lineNumber = i + 1;
+    if (!trimmed) {
+      lines.push({ type: "empty" });
+      currentComment = "";
+      continue;
+    }
+    if (trimmed.startsWith("#")) {
+      lines.push({ type: "comment", content: line });
+      currentComment = trimmed.slice(1).trim();
+      continue;
+    }
+    const match = trimmed.match(/^([A-Za-z_][A-Za-z0-9_]*)=(.*)$/);
+    if (match?.[1]) {
+      const key = match[1];
+      const rawValue = match[2] ?? "";
+      const value = parseValue(rawValue);
+      variables.push({
+        key,
+        value,
+        comment: currentComment || undefined,
+        line: lineNumber
+      });
+      lines.push({ type: "variable", key, value });
+      currentComment = "";
+    } else if (trimmed.includes("=")) {
+      parseErrors.push(`Line ${lineNumber}: Invalid variable name`);
+    }
+  }
+  return { variables, lines, errors: parseErrors };
+}
+function validateParseResult(result, filePath) {
+  if (result.variables.length === 0) {
+    throw errors.envFileEmpty(filePath);
+  }
+}
+// src/utils/shell.ts
+import { spawn } from "node:child_process";
+import pc from "picocolors";
+function quoteArg(arg) {
+  if (/[ [\]'"\\=]/.test(arg)) {
+    return `'${arg.replace(/'/g, "'\\''")}'`;
+  }
+  return arg;
+}
+async function exec(command, args = [], options = {}) {
+  const { verbose = false } = options;
+  const fullCommand = `${command} ${args.map(quoteArg).join(" ")}`;
+  if (verbose) {
+    console.log(pc.dim(`$ ${fullCommand}`));
+  }
+  return new Promise((resolve) => {
+    const proc = spawn(command, args, {
+      stdio: ["ignore", "pipe", "pipe"]
+    });
+    const stdoutChunks = [];
+    const stderrChunks = [];
+    proc.stdout?.on("data", (data) => {
+      const text = Buffer.isBuffer(data) ? data.toString() : String(data);
+      stdoutChunks.push(text);
+      if (verbose) {
+        process.stdout.write(text);
+      }
+    });
+    proc.stderr?.on("data", (data) => {
+      const text = Buffer.isBuffer(data) ? data.toString() : String(data);
+      stderrChunks.push(text);
+      if (verbose) {
+        process.stderr.write(text);
+      }
+    });
+    proc.on("close", (code) => {
+      resolve({
+        stdout: stdoutChunks.join(""),
+        stderr: stderrChunks.join(""),
+        exitCode: code ?? 1
+      });
+    });
+    proc.on("error", (err) => {
+      stderrChunks.push(err.message);
+      resolve({
+        stdout: stdoutChunks.join(""),
+        stderr: stderrChunks.join(""),
+        exitCode: 1
+      });
+    });
+  });
+}
+async function execWithStdin(command, args = [], options) {
+  const { stdin: stdinContent, verbose = false } = options;
+  if (verbose) {
+    const fullCommand = `${command} ${args.map(quoteArg).join(" ")}`;
+    console.log(pc.dim(`$ echo '...' | ${fullCommand}`));
+  }
+  return new Promise((resolve) => {
+    const proc = spawn(command, args, {
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    const stdoutChunks = [];
+    const stderrChunks = [];
+    proc.stdin?.write(stdinContent);
+    proc.stdin?.end();
+    proc.stdout?.on("data", (data) => {
+      const text = Buffer.isBuffer(data) ? data.toString() : String(data);
+      stdoutChunks.push(text);
+      if (verbose)
+        process.stdout.write(text);
+    });
+    proc.stderr?.on("data", (data) => {
+      const text = Buffer.isBuffer(data) ? data.toString() : String(data);
+      stderrChunks.push(text);
+      if (verbose)
+        process.stderr.write(text);
+    });
+    proc.on("close", (code) => {
+      resolve({
+        stdout: stdoutChunks.join(""),
+        stderr: stderrChunks.join(""),
+        exitCode: code ?? 1
+      });
+    });
+    proc.on("error", (err) => {
+      stderrChunks.push(err.message);
+      resolve({
+        stdout: stdoutChunks.join(""),
+        stderr: stderrChunks.join(""),
+        exitCode: 1
+      });
+    });
+  });
+}
+
+// src/core/onepassword.ts
+async function checkOpCli(options = {}) {
+  const result = await exec("op", ["--version"], options);
+  return result.exitCode === 0;
+}
+async function checkSignedIn(options = {}) {
+  const result = await exec("op", ["whoami", "--format", "json"], options);
+  return result.exitCode === 0;
+}
+async function signIn(options = {}) {
+  const result = await exec("op", ["signin"], options);
+  return result.exitCode === 0;
+}
+async function itemExists(vault, title, options = {}) {
+  const result = await exec("op", ["item", "list", "--vault", vault, "--format", "json"], options);
+  if (result.exitCode !== 0) {
+    return null;
+  }
+  try {
+    const items = JSON.parse(result.stdout);
+    const item = items.find((item2) => item2.title === title);
+    return item?.id ?? null;
+  } catch {
+    return null;
+  }
+}
+async function vaultExists(vault, options = {}) {
+  const result = await exec("op", ["vault", "list", "--format", "json"], options);
+  if (result.exitCode !== 0) {
+    return false;
+  }
+  try {
+    const vaults = JSON.parse(result.stdout);
+    return vaults.some((v) => v.name === vault);
+  } catch {
+    return false;
+  }
+}
+async function createVault(name, options = {}) {
+  try {
+    await exec("op", ["vault", "create", name], options);
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    throw errors.vaultCreateFailed(message);
+  }
+}
+function buildItemTemplate(title, vault, fields, secret) {
+  const fieldType = secret ? "CONCEALED" : "STRING";
+  return {
+    title,
+    vault: { name: vault },
+    category: "SECURE_NOTE",
+    fields: fields.map(({ key, value }) => ({
+      type: fieldType,
+      label: key,
+      value
+    }))
+  };
+}
+async function createSecureNote(options) {
+  const { vault, title, fields, secret, verbose } = options;
+  const template = buildItemTemplate(title, vault, fields, secret);
+  const json = JSON.stringify(template);
+  try {
+    const result = await execWithStdin("op", ["item", "create", "--format", "json"], { stdin: json, verbose });
+    if (result.exitCode !== 0) {
+      throw new Error(result.stderr || "Failed to create item");
+    }
+    const item = JSON.parse(result.stdout);
+    const fieldIds = {};
+    for (const field of item.fields ?? []) {
+      if (field.label && field.id) {
+        fieldIds[field.label] = field.id;
+      }
+    }
+    return {
+      id: item.id,
+      title: item.title,
+      vault: item.vault?.name ?? vault,
+      vaultId: item.vault?.id ?? "",
+      fieldIds
+    };
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    throw errors.itemCreateFailed(message);
+  }
+}
+async function editSecureNote(options) {
+  const { vault, title, fields, secret, verbose, itemId } = options;
+  const template = buildItemTemplate(title, vault, fields, secret);
+  const json = JSON.stringify(template);
+  try {
+    const result = await execWithStdin("op", ["item", "edit", itemId, "--format", "json"], {
+      stdin: json,
+      verbose
+    });
+    if (result.exitCode !== 0) {
+      throw new Error(result.stderr || "Failed to edit item");
+    }
+    const item = JSON.parse(result.stdout);
+    const fieldIds = {};
+    for (const field of item.fields ?? []) {
+      if (field.label && field.id) {
+        fieldIds[field.label] = field.id;
+      }
+    }
+    return {
+      id: item.id,
+      title: item.title,
+      vault: item.vault?.name ?? vault,
+      vaultId: item.vault?.id ?? "",
+      fieldIds
+    };
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    throw errors.itemEditFailed(message);
+  }
+}
+// src/core/template-generator.ts
+import { writeFileSync } from "node:fs";
+// package.json
+var package_default = {
+  name: "@tolgamorf/env2op-cli",
+  version: "0.2.1",
+  description: "Convert .env files to 1Password Secure Notes and generate templates for op inject/run",
+  type: "module",
+  main: "dist/index.js",
+  module: "dist/index.js",
+  types: "dist/index.d.ts",
+  exports: {
+    ".": {
+      import: "./dist/index.js",
+      types: "./dist/index.d.ts"
+    }
+  },
+  bin: {
+    env2op: "dist/cli.js",
+    op2env: "dist/op2env-cli.js"
+  },
+  files: [
+    "dist",
+    "LICENSE",
+    "README.md"
+  ],
+  scripts: {
+    dev: "bun run src/cli.ts",
+    build: "bunup",
+    test: "bun test",
+    "test:watch": "bun test --watch",
+    "test:coverage": "bun test --coverage",
+    typecheck: "tsc --noEmit",
+    lint: "bunx biome check .",
+    "lint:fix": "bunx biome check . --write",
+    format: "bunx biome format --write .",
+    "format:check": "bunx biome format .",
+    prepublishOnly: "bun run build",
+    release: "bun run scripts/release.ts"
+  },
+  keywords: [
+    "env",
+    "1password",
+    "op",
+    "cli",
+    "secrets",
+    "environment-variables",
+    "dotenv",
+    "secure-notes",
+    "bun",
+    "op-inject",
+    "op-run",
+    "template"
+  ],
+  author: {
+    name: "Tolga O.",
+    url: "https://github.com/tolgamorf"
+  },
+  license: "MIT",
+  repository: {
+    type: "git",
+    url: "git+https://github.com/tolgamorf/env2op-cli.git"
+  },
+  bugs: {
+    url: "https://github.com/tolgamorf/env2op-cli/issues"
+  },
+  homepage: "https://github.com/tolgamorf/env2op-cli#readme",
+  engines: {
+    node: ">=18.0.0"
+  },
+  dependencies: {
+    "@clack/prompts": "^0.11.0",
+    picocolors: "^1.1.1"
+  },
+  devDependencies: {
+    "@biomejs/biome": "^2.3.10",
+    "@tsconfig/bun": "^1.0.10",
+    "@types/bun": "^1.3.5",
+    bunup: "^0.16.17",
+    typescript: "^5.9.3"
+  }
+};
+
+// src/core/template-generator.ts
+var SEPARATOR = "# ===========================================================================";
+function deriveEnvFileName(templateFileName) {
+  if (templateFileName.endsWith(".tpl")) {
+    return templateFileName.slice(0, -4);
+  }
+  return templateFileName;
+}
+function formatTimestamp() {
+  return new Date().toISOString().replace("T", " ").replace(/\.\d{3}Z$/, " UTC");
+}
+function generateTemplateHeader(templateFileName) {
+  const envFileName = deriveEnvFileName(templateFileName);
+  return [
+    SEPARATOR,
+    `#  ${templateFileName} — 1Password Secret References`,
+    "#",
+    "#  This template contains references to secrets stored in 1Password.",
+    "#  The actual values are not stored here — only secret references.",
+    "#",
+    `#  To generate ${envFileName} with real values:`,
+    `#    op2env ${templateFileName}`,
+    "#",
+    "#  To run a command with secrets injected:",
+    `#    op run --env-file ${templateFileName} -- npm start`,
+    "#",
+    `#  Pushed: ${formatTimestamp()}`,
+    `#  Generated by env2op v${package_default.version}`,
+    "#  https://github.com/tolgamorf/env2op-cli",
+    SEPARATOR,
+    ""
+  ];
+}
+function generateTemplateContent(options, templateFileName) {
+  const { vaultId, itemId, lines: envLines, fieldIds } = options;
+  const outputLines = generateTemplateHeader(templateFileName);
+  for (const line of envLines) {
+    switch (line.type) {
+      case "empty":
+        outputLines.push("");
+        break;
+      case "comment":
+        outputLines.push(line.content);
+        break;
+      case "variable": {
+        const fieldId = fieldIds[line.key] ?? line.key;
+        outputLines.push(`${line.key}=op://${vaultId}/${itemId}/${fieldId}`);
+        break;
+      }
+    }
+  }
+  return `${outputLines.join(`
+`)}
+`;
+}
+function writeTemplate(content, outputPath) {
+  writeFileSync(outputPath, content, "utf-8");
+}
+function generateUsageInstructions(templatePath) {
+  return ["Usage:", `  op2env ${templatePath}`, `  op run --env-file ${templatePath} -- npm start`].join(`
+`);
+}
+export {
+  writeTemplate,
+  vaultExists,
+  validateParseResult,
+  signIn,
+  parseEnvFile,
+  itemExists,
+  generateUsageInstructions,
+  generateTemplateContent,
+  errors,
+  editSecureNote,
+  createVault,
+  createSecureNote,
+  checkSignedIn,
+  checkOpCli,
+  ErrorCodes,
+  Env2OpError
+};