@underpostnet/underpost 2.90.4 → 2.95.0

package/.github/workflows/pwa-microservices-template-page.cd.yml

@@ -4,7 +4,7 @@ name: CD | Gihub page | PWA Microservices Template
 on:
   # Runs on pushes targeting the default branch
   push:
-    branches: ["main"]
+    branches: ['main']
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
@@ -18,7 +18,7 @@ permissions:
 # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
 # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
 concurrency:
-  group: "pages"
+  group: 'pages'
   cancel-in-progress: false
 
 jobs:
@@ -53,7 +53,8 @@ jobs:
         run: |
           npm install -g underpost
           npm install
-          node bin/deploy update-default-conf dd-github-pages
+          node bin new --default-conf --conf-workflow-id dd-github-pages
+          node bin new --deploy-id dd-github-pages
           underpost env dd-github-pages production
           env-cmd -f .env.production node bin/deploy build-full-client dd-github-pages underpostnet.github.io /pwa-microservices-template-ghpkg
       # git lfs install
@@ -66,7 +67,7 @@ jobs:
         uses: actions/upload-pages-artifact@v3
         with:
           # Upload entire repository
-          path: "./public/underpostnet.github.io/pwa-microservices-template-ghpkg/"
+          path: './public/underpostnet.github.io/pwa-microservices-template-ghpkg/'
       - name: Deploy to GitHub Pages
         id: deployment
         uses: actions/deploy-pages@v4

package/.github/workflows/release.cd.yml

@@ -30,11 +30,11 @@ jobs:
           script: |
             set -e
             echo "Starting remote release deploy"
-            underpost run pull
-            underpost run secret
-            npm install -g underpost
             cd /home/dd/engine
-            underpost run secret
-            node bin run --dev git-conf
-            node bin run --dev template-deploy-image
-            node bin run --dev ssh-deploy sync-engine-test
+            sudo -n -- /bin/bash -lc "node bin run pull"
+            sudo -n -- /bin/bash -lc "underpost run secret"
+            sudo -n -- /bin/bash -lc "npm install -g underpost"
+            sudo -n -- /bin/bash -lc "underpost run secret"
+            sudo -n -- /bin/bash -lc "node bin run --dev git-conf"
+            sudo -n -- /bin/bash -lc "node bin run --dev template-deploy-image"
+            sudo -n -- /bin/bash -lc "node bin run --dev ssh-deploy sync-engine-test"

package/README.md

@@ -18,7 +18,7 @@
 
 <!-- badges -->
 
-[![Node.js CI](https://github.com/underpostnet/engine/actions/workflows/docker-image.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/docker-image.yml) [![Test](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml) [![Downloads](https://img.shields.io/npm/dm/underpost.svg)](https://www.npmjs.com/package/underpost) [![Socket Badge](https://socket.dev/api/badge/npm/package/underpost/2.90.4)](https://socket.dev/npm/package/underpost/overview/2.90.4) [![Coverage Status](https://coveralls.io/repos/github/underpostnet/engine/badge.svg?branch=master)](https://coveralls.io/github/underpostnet/engine?branch=master) [![Version](https://img.shields.io/npm/v/underpost.svg)](https://www.npmjs.org/package/underpost) [![License](https://img.shields.io/npm/l/underpost.svg)](https://www.npmjs.com/package/underpost)
+[![Node.js CI](https://github.com/underpostnet/engine/actions/workflows/docker-image.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/docker-image.yml) [![Test](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml) [![Downloads](https://img.shields.io/npm/dm/underpost.svg)](https://www.npmjs.com/package/underpost) [![Socket Badge](https://socket.dev/api/badge/npm/package/underpost/2.95.0)](https://socket.dev/npm/package/underpost/overview/2.95.0) [![Coverage Status](https://coveralls.io/repos/github/underpostnet/engine/badge.svg?branch=master)](https://coveralls.io/github/underpostnet/engine?branch=master) [![Version](https://img.shields.io/npm/v/underpost.svg)](https://www.npmjs.org/package/underpost) [![License](https://img.shields.io/npm/l/underpost.svg)](https://www.npmjs.com/package/underpost)
 
 <!-- end-badges -->
 
@@ -66,7 +66,7 @@ Run dev client server
 npm run dev
 ```
 <!-- -->
-## underpost ci/cd cli v2.90.4
+## underpost ci/cd cli v2.95.0
 
 ### Usage: `underpost [options] [command]`
   ```
@@ -85,22 +85,21 @@ Commands:
   static [options]                                           Manages static build of page, bundles, and documentation with comprehensive customization options.
   config [options] <operator> [key] [value]                  Manages Underpost configurations using various operators.
   root                                                       Displays the root path of the npm installation.
-  ip [options]                                               Displays the current public machine IP addresses.
+  ip [options] [ips]                                         Displays the current public machine IP addresses.
   cluster [options] [pod-name]                               Manages Kubernetes clusters, defaulting to Kind cluster initialization.
   deploy [options] [deploy-list] [env]                       Manages application deployments, defaulting to deploying development pods.
   secret [options] <platform>                                Manages secrets for various platforms.
-  dockerfile-image-build [options]                           Builds a Docker image from a specified Dockerfile with various options for naming, saving, and loading.
-  dockerfile-pull-base-images [options]                      Pulls required Underpost Dockerfile base images and optionally loads them into clusters.
+  image [options]                                            Manages Docker images, including building, saving, and loading into Kubernetes clusters.
   install                                                    Quickly imports Underpost npm dependencies by copying them.
-  db [options] <deploy-list>                                 Manages database operations, including import, export, and collection management.
+  db [options] <deploy-list>                                 Manages database operations with support for MariaDB and MongoDB, including import/export, multi-pod targeting, and Git integration.
   metadata [options] [deploy-id] [host] [path]               Manages cluster metadata operations, including import and export.
   script [options] <operator> <script-name> [script-value]   Supports a variety of built-in Underpost global scripts, their preset lifecycle events, and arbitrary custom scripts.
   cron [options] [deploy-list] [job-list]                    Manages cron jobs, including initialization, execution, and configuration updates.
   fs [options] [path]                                        Manages file storage, defaulting to file upload operations.
   test [options] [deploy-list]                               Manages and runs tests, defaulting to the current Underpost default test suite.
   monitor [options] <deploy-id> [env]                        Manages health server monitoring for specified deployments.
-  ssh [options]                                              Import and start ssh server and client based on current default deployment ID.
-  run [options] <runner-id> [path]                           Runs a script from the specified path.
+  ssh [options]
+  run [options] <runner-id> [path]                           Runs specified scripts using various runners.
   lxd [options]                                              Manages LXD containers and virtual machines.
   baremetal [options] [workflow-id] [hostname] [ip-address]  Manages baremetal server operations, including installation, database setup, commissioning, and user management.
   help [command]                                             display help for command

package/bin/build.js

@@ -47,7 +47,9 @@ if (process.argv.includes('conf')) {
     if (!fs.existsSync(`../${privateRepoName}`)) {
       shellExec(`cd .. && underpost clone ${privateGitUri}`, { silent: true });
     } else {
-      shellExec(`cd ../${privateRepoName} && git checkout . && git clean -f -d && underpost pull . ${privateGitUri}`);
+      shellExec(`cd ../${privateRepoName} && git checkout . && git clean -f -d && underpost pull . ${privateGitUri}`, {
+        silent: true,
+      });
     }
     const toPath = `../${privateRepoName}/conf/${_confName}`;
     fs.removeSync(toPath);
@@ -72,6 +74,9 @@ if (process.argv.includes('conf')) {
         ` && git add .` +
         ` && underpost cmt . ci engine-core-conf 'Update ${_confName} conf'` +
         ` && underpost push . ${privateGitUri}`,
+      {
+        silent: true,
+      },
     );
   }
   process.exit(0);

package/bin/deploy.js

@@ -24,10 +24,8 @@ import {
   buildCliDoc,
 } from '../src/server/conf.js';
 import { buildClient } from '../src/server/client-build.js';
-import { DefaultConf } from '../conf.js';
 import colors from 'colors';
 import { program } from '../src/cli/index.js';
-import Dns, { getLocalIPv4Address } from '../src/server/dns.js';
 import { timer } from '../src/client/components/core/CommonJs.js';
 
 colors.enable();
@@ -598,198 +596,6 @@ ${shellExec(`git log | grep Author: | sort -u`, { stdout: true }).split(`\n`).jo
       break;
     }
 
-    case 'update-default-conf': {
-      const defaultServer = DefaultConf.server['default.net']['/'];
-      let confName = process.argv[3];
-      let defaultConf = false;
-      if (confName === 'dd-github-pages') {
-        const host = `${process.env.GITHUB_USERNAME ?? 'underpostnet'}.github.io`;
-        const path = '/pwa-microservices-template-ghpkg';
-        DefaultConf.server = {
-          [host]: { [path]: defaultServer },
-        };
-        DefaultConf.server[host][path].apiBaseProxyPath = '/';
-        DefaultConf.server[host][path].apiBaseHost = 'www.nexodev.org';
-        defaultConf = true;
-      } else if (confName === 'template') {
-        const host = 'default.net';
-        const path = '/';
-        DefaultConf.server[host][path].valkey = {
-          port: 6379,
-          host: 'valkey-service.default.svc.cluster.local',
-        };
-        // mongodb-0.mongodb-service
-        DefaultConf.server[host][path].db.host = 'mongodb://mongodb-service:27017';
-        defaultConf = true;
-      } else if (confName && fs.existsSync(`./engine-private/conf/${confName}`)) {
-        DefaultConf.client = JSON.parse(fs.readFileSync(`./engine-private/conf/${confName}/conf.client.json`, 'utf8'));
-        DefaultConf.server = JSON.parse(fs.readFileSync(`./engine-private/conf/${confName}/conf.server.json`, 'utf8'));
-        DefaultConf.ssr = JSON.parse(fs.readFileSync(`./engine-private/conf/${confName}/conf.ssr.json`, 'utf8'));
-        // DefaultConf.cron = JSON.parse(fs.readFileSync(`./engine-private/conf/${confName}/conf.cron.json`, 'utf8'));
-
-        for (const host of Object.keys(DefaultConf.server)) {
-          for (const path of Object.keys(DefaultConf.server[host])) {
-            DefaultConf.server[host][path].db = defaultServer.db;
-            DefaultConf.server[host][path].mailer = defaultServer.mailer;
-
-            delete DefaultConf.server[host][path]._wp_client;
-            delete DefaultConf.server[host][path]._wp_git;
-            delete DefaultConf.server[host][path]._wp_directory;
-            delete DefaultConf.server[host][path].wp;
-            delete DefaultConf.server[host][path].git;
-            delete DefaultConf.server[host][path].directory;
-          }
-        }
-      }
-      const sepRender = '/**/';
-      const confRawPaths = fs.readFileSync('./conf.js', 'utf8').split(sepRender);
-      confRawPaths[1] = `${JSON.stringify(DefaultConf)};`;
-      const targetConfPath = `./conf${defaultConf ? '' : `.${confName}`}.js`;
-      fs.writeFileSync(targetConfPath, confRawPaths.join(sepRender), 'utf8');
-      shellExec(`prettier --write ${targetConfPath}`);
-
-      switch (confName) {
-        case 'dd-github-pages':
-          {
-            if (fs.exists(`./engine-private/conf/${confName}`)) fs.removeSync(`./engine-private/conf/${confName}`);
-            shellExec(`node bin new --deploy-id ${confName}`);
-          }
-          break;
-
-        default:
-          break;
-      }
-
-      break;
-    }
-
-    case 'ssh': {
-      // only import + start
-      // node bin/deploy ssh root@<host> <password> import
-
-      // generate + import + start
-      // node bin/deploy ssh root@<host> <password>
-
-      const host = process.argv[3] ?? `root@${await Dns.getPublicIp()}`;
-      const domain = host.split('@')[1];
-      const user = 'root'; // host.split('@')[0];
-      const password = process.argv[4] ?? '';
-      const port = 22;
-
-      const setUpSSH = () => {
-        // Required port forwarding mapping
-        // ssh	TCP	2222	22	<local-server-ip>
-        // ssh	UDP	2222	22	<local-server-ip>
-
-        // Remote connect via public key
-        // ssh -i <key-path> <user>@<host>:2222
-
-        shellExec(`cat ./engine-private/deploy/id_rsa.pub > ~/.ssh/authorized_keys`);
-
-        // local trust on first use validator
-        // check ~/.ssh/known_hosts
-
-        // shellExec(`sudo sed -i -e "s@#PasswordAuthentication yes@PasswordAuthentication no@g" /etc/ssh/sshd_config`);
-        // shellExec(`sudo sed -i -e "s@#UsePAM no@UsePAM yes@g" /etc/ssh/sshd_config`);
-
-        // Include /etc/ssh/sshd_config.d/*.conf
-        // sudo tee /etc/ssh/sshd_config.d/99-custom.conf
-        shellExec(`sudo tee /etc/ssh/sshd_config <<EOF
-PasswordAuthentication	no
-ChallengeResponseAuthentication	yes
-UsePAM	yes
-PubkeyAuthentication	Yes
-RSAAuthentication	Yes
-PermitRootLogin	Yes
-X11Forwarding	yes
-X11DisplayOffset	10
-LoginGraceTime	120
-StrictModes	yes
-SyslogFacility	AUTH
-LogLevel	INFO
-#HostKey	/etc/ssh/ssh_host_ecdsa_key
-HostKey	/etc/ssh/ssh_host_ed25519_key
-#HostKey	/etc/ssh/ssh_host_rsa_key
-AuthorizedKeysFile	~/.ssh/authorized_keys
-Subsystem	sftp	/usr/libexec/openssh/sftp-server
-ListenAddress 0.0.0.0
-ListenAddress ::
-ListenAddress ${domain}
-ListenAddress ${domain}:22
-EOF`);
-
-        shellExec(`sudo chmod 700 ~/.ssh/`);
-        shellExec(`sudo chmod 600 ~/.ssh/authorized_keys`);
-        shellExec(`sudo chmod 644 ~/.ssh/known_hosts`);
-        shellExec(`sudo chmod 600 ~/.ssh/id_rsa`);
-        shellExec(`sudo chmod 600 /etc/ssh/ssh_host_ed25519_key`);
-        shellExec(`chown -R ${user}:${user} ~/.ssh`);
-
-        shellExec(`ufw allow ${port}/tcp`);
-        shellExec(`ufw allow ${port}/udp`);
-        shellExec(`ufw allow ssh`);
-        shellExec(`ufw allow from 192.168.0.0/16 to any port 22`);
-
-        // active ssh-agent
-        shellExec('eval `ssh-agent -s`' + ` && ssh-add ~/.ssh/id_rsa` + ` && ssh-add -l`);
-        // remove all
-        // shellExec(`ssh-add -D`);
-        // remove single
-        // shellExec(`ssh-add -d ~/.ssh/id_rsa`);
-
-        // shellExec(`echo "@${host.split(`@`)[1]} * $(cat ~/.ssh/id_rsa.pub)" > ~/.ssh/known_hosts`);
-        shellExec('eval `ssh-agent -s`' + `&& ssh-keyscan -H -t ed25519 ${host.split(`@`)[1]} > ~/.ssh/known_hosts`);
-        // shellExec(`sudo echo "" > ~/.ssh/known_hosts`);
-
-        // ssh-copy-id -i ~/.ssh/id_rsa.pub -p <port_number> <username>@<host>
-        // shellExec(`ssh-copy-id -i ~/.ssh/id_rsa.pub -p ${port} ${host}`);
-        // debug:
-        // shellExec(`ssh -vvv ${host}`);
-
-        shellExec(`sudo cp ./engine-private/deploy/id_rsa ~/.ssh/id_rsa`);
-        shellExec(`sudo cp ./engine-private/deploy/id_rsa.pub ~/.ssh/id_rsa.pub`);
-
-        shellExec(`sudo echo "" > /etc/ssh/ssh_host_ecdsa_key`);
-        shellExec(`sudo cp ./engine-private/deploy/id_rsa /etc/ssh/ssh_host_ed25519_key`);
-        shellExec(`sudo echo "" > /etc/ssh/ssh_host_rsa_key`);
-
-        shellExec(`sudo echo "" > /etc/ssh/ssh_host_ecdsa_key.pub`);
-        shellExec(`sudo cp ./engine-private/deploy/id_rsa.pub /etc/ssh/ssh_host_ed25519_key.pub`);
-        shellExec(`sudo echo "" > /etc/ssh/ssh_host_rsa_key.pub`);
-
-        shellExec(`sudo systemctl enable sshd`);
-        shellExec(`sudo systemctl restart sshd`);
-
-        const status = shellExec(`sudo systemctl status sshd`, { silent: true, stdout: true });
-        console.log(
-          status.match('running') ? status.replaceAll(`running`, `running`.green) : `ssh service not running`.red,
-        );
-      };
-
-      if (process.argv.includes('import')) {
-        setUpSSH();
-        break;
-      }
-
-      shellExec(`sudo rm -rf ./id_rsa`);
-      shellExec(`sudo rm -rf ./id_rsa.pub`);
-
-      if (process.argv.includes('legacy'))
-        shellExec(`ssh-keygen -t rsa -b 4096 -f id_rsa -N "${password}" -q -C "${host}"`);
-      else shellExec(`ssh-keygen -t ed25519 -f id_rsa -N "${password}" -q -C "${host}"`);
-
-      shellExec(`sudo cp ./id_rsa ~/.ssh/id_rsa`);
-      shellExec(`sudo cp ./id_rsa.pub ~/.ssh/id_rsa.pub`);
-
-      shellExec(`sudo cp ./id_rsa ./engine-private/deploy/id_rsa`);
-      shellExec(`sudo cp ./id_rsa.pub ./engine-private/deploy/id_rsa.pub`);
-
-      shellExec(`sudo rm -rf ./id_rsa`);
-      shellExec(`sudo rm -rf ./id_rsa.pub`);
-      setUpSSH();
-      break;
-    }
-
     case 'maas-db': {
       // DROP, ALTER, CREATE, WITH ENCRYPTED
       // sudo -u <user> -h <host> psql <db-name>
@@ -1052,7 +858,7 @@ EOF`);
         shellExec(`sudo podman pull ghcr.io/astral-sh/uv:0.5.11`);
         shellExec(`sudo rm -rf ${path}/${imageName.replace(':', '_')}.tar`);
         const args = [
-          `node bin dockerfile-image-build --path ${path}/backend/`,
+          `node bin image --build --path ${path}/backend/`,
           `--image-name=${imageName} --image-path=${path}`,
           `--podman-save --${process.argv.includes('kubeadm') ? 'kubeadm' : 'kind'}-load --reset`,
         ];
@@ -1064,7 +870,7 @@ EOF`);
         shellExec(`sudo podman pull docker.io/library/nginx:1`);
         shellExec(`sudo rm -rf ${path}/${imageName.replace(':', '_')}.tar`);
         const args = [
-          `node bin dockerfile-image-build --path ${path}/frontend/`,
+          `node bin image --build --path ${path}/frontend/`,
           `--image-name=${imageName} --image-path=${path}`,
           `--podman-save --${process.argv.includes('kubeadm') ? 'kubeadm' : 'kind'}-load --reset`,
         ];