@underpostnet/underpost 2.99.8 → 3.0.1

package/src/cli/lxd.js

@@ -1,11 +1,12 @@
 /**
- * LXD module for managing LXD virtual machines and networks.
+ * LXD module for managing LXD virtual machines as K3s nodes.
  * @module src/cli/lxd.js
  * @namespace UnderpostLxd
  */
 
 import { getNpmRootPath } from '../server/conf.js';
 import { pbcopy, shellExec } from '../server/process.js';
+import walk from 'ignore-walk';
 import fs from 'fs-extra';
 import { loggerFactory } from '../server/logger.js';
 import Underpost from '../index.js';
@@ -16,34 +17,36 @@ const logger = loggerFactory(import.meta);
  * @class UnderpostLxd
  * @description Provides a set of static methods to interact with LXD,
  * encapsulating common LXD operations for VM management and network testing.
+ * @memberof UnderpostLxd
  */
 class UnderpostLxd {
   static API = {
     /**
      * @method callback
-     * @description Main entry point for LXD operations based on provided options.
-     * @param {object} options - Configuration options for LXD operations.
-     * @param {boolean} [options.init=false] - Initialize LXD.
-     * @param {boolean} [options.reset=false] - Reset LXD installation.
-     * @param {boolean} [options.dev=false] - Run in development mode (adjusts paths).
+     * @description Main entry point for LXD VM operations. Each VM is a K3s node (control or worker).
+     * @param {object} options
+     * @param {boolean} [options.init=false] - Initialize LXD via preseed.
+     * @param {boolean} [options.reset=false] - Remove LXD snap and purge data.
+     * @param {boolean} [options.dev=false] - Use local paths instead of npm global.
      * @param {boolean} [options.install=false] - Install LXD snap.
-     * @param {boolean} [options.createVirtualNetwork=false] - Create default LXD bridge network (lxdbr0).
+     * @param {boolean} [options.createVirtualNetwork=false] - Create lxdbr0 bridge network.
+     * @param {string} [options.ipv4Address='10.250.250.1/24'] - IPv4 address/CIDR for the lxdbr0 bridge network.
      * @param {boolean} [options.createAdminProfile=false] - Create admin-profile for VMs.
-     * @param {boolean} [options.control=false] - Flag for control plane VM initialization.
-     * @param {boolean} [options.worker=false] - Flag for worker node VM initialization.
-     * @param {boolean} [options.k3s=false] - Flag to indicate K3s cluster type for VM initialization.
-     * @param {string} [options.initVm=''] - Initialize a specific VM.
-     * @param {string} [options.createVm=''] - Create a new VM with the given name.
-     * @param {string} [options.infoVm=''] - Display information about a specific VM.
-     * @param {string} [options.rootSize=''] - Root disk size for new VMs (e.g., '32GiB').
-     * @param {string} [options.joinNode=''] - Join a worker node to a control plane (format: 'workerName,controlName').
-     * @param {string} [options.expose=''] - Expose ports from a VM to the host (format: 'vmName:port1,port2').
-     * @param {string} [options.deleteExpose=''] - Delete exposed ports from a VM (format: 'vmName:port1,port2').
-     * @param {string} [options.test=''] - Test health, status and network connectivity for a VM.
-     * @param {string} [options.workflowId=''] - Workflow identifier for workflow execution.
-     * @param {string} [options.vmId=''] - VM identifier for workflow execution.
-     * @param {string} [options.deployId=''] - Deployment identifier for workflow execution.
-     * @param {string} [options.namespace=''] - Namespace for workflow execution.
+     * @param {boolean} [options.control=false] - Initialize VM as K3s control plane node.
+     * @param {boolean} [options.worker=false] - Initialize VM as K3s worker node.
+     * @param {string} [options.initVm=''] - VM name to initialize as a K3s node.
+     * @param {string} [options.deleteVm=''] - VM name to stop and delete.
+     * @param {string} [options.createVm=''] - VM name to create (copies launch command to clipboard).
+     * @param {string} [options.infoVm=''] - VM name to inspect.
+     * @param {string} [options.rootSize=''] - Root disk size in GiB for new VMs (e.g. '32').
+     * @param {string} [options.joinNode=''] - Join format: 'workerName,controlName' (standalone join). When used with --init-vm --worker, just the control node name.
+     * @param {string} [options.expose=''] - Expose VM ports to host: 'vmName:port1,port2'.
+     * @param {string} [options.deleteExpose=''] - Remove exposed ports: 'vmName:port1,port2'.
+     * @param {string} [options.test=''] - VM name to run connectivity and health checks on.
+     * @param {string} [options.workflowId=''] - Workflow ID for runWorkflow.
+     * @param {string} [options.vmId=''] - VM name for workflow execution.
+     * @param {string} [options.deployId=''] - Deployment ID for workflow context.
+     * @param {string} [options.namespace=''] - Kubernetes namespace context.
      * @memberof UnderpostLxd
      */
     async callback(
@@ -53,11 +56,12 @@ class UnderpostLxd {
         dev: false,
         install: false,
         createVirtualNetwork: false,
+        ipv4Address: '10.250.250.1/24',
         createAdminProfile: false,
         control: false,
         worker: false,
-        k3s: false,
         initVm: '',
+        deleteVm: '',
         createVm: '',
         infoVm: '',
         rootSize: '',
@@ -73,77 +77,101 @@ class UnderpostLxd {
     ) {
       const npmRoot = getNpmRootPath();
       const underpostRoot = options?.dev === true ? '.' : `${npmRoot}/underpost`;
+
       if (options.reset === true) {
         shellExec(`sudo systemctl stop snap.lxd.daemon`);
         shellExec(`sudo snap remove lxd --purge`);
       }
+
       if (options.install === true) shellExec(`sudo snap install lxd`);
+
       if (options.init === true) {
         shellExec(`sudo systemctl start snap.lxd.daemon`);
         shellExec(`sudo systemctl status snap.lxd.daemon`);
-        const lxdPressedContent = fs
+        const lxdPreseedContent = fs
           .readFileSync(`${underpostRoot}/manifests/lxd/lxd-preseed.yaml`, 'utf8')
           .replaceAll(`127.0.0.1`, Underpost.dns.getLocalIPv4Address());
-        shellExec(`echo "${lxdPressedContent}" | lxd init --preseed`);
+        shellExec(`echo "${lxdPreseedContent}" | lxd init --preseed`);
         shellExec(`lxc cluster list`);
       }
+
       if (options.createVirtualNetwork === true) {
+        const ipv4Address = options.ipv4Address ? options.ipv4Address : '10.250.250.1/24';
         shellExec(`lxc network create lxdbr0 \
-ipv4.address=10.250.250.1/24 \
+ipv4.address=${ipv4Address} \
 ipv4.nat=true \
 ipv4.dhcp=true \
 ipv6.address=none`);
       }
+
       if (options.createAdminProfile === true) {
         const existingProfiles = await new Promise((resolve) => {
           shellExec(`lxc profile show admin-profile`, {
             silent: true,
-            callback: (...args) => {
-              return resolve(JSON.stringify(args));
-            },
+            callback: (...args) => resolve(JSON.stringify(args)),
           });
         });
         if (existingProfiles.toLowerCase().match('error')) {
-          logger.warn('Profile does not exist. Using following command to create admin-profile:');
+          logger.warn('Profile does not exist. Use the following command to create it:');
           pbcopy(`lxc profile create admin-profile`);
         } else {
           shellExec(`cat ${underpostRoot}/manifests/lxd/lxd-admin-profile.yaml | lxc profile edit admin-profile`);
           shellExec(`lxc profile show admin-profile`);
         }
       }
-      if (options.createVm && typeof options.createVm === 'string') {
+
+      if (options.deleteVm) {
+        const vmName = options.deleteVm;
+        logger.info(`Stopping VM: ${vmName}`);
+        shellExec(`lxc stop ${vmName}`);
+        logger.info(`Deleting VM: ${vmName}`);
+        shellExec(`lxc delete ${vmName}`);
+        logger.info(`VM ${vmName} deleted.`);
+      }
+
+      if (options.createVm) {
         pbcopy(
           `lxc launch images:rockylinux/9 ${
             options.createVm
           } --vm --target lxd-node1 -c limits.cpu=2 -c limits.memory=4GB --profile admin-profile -d root,size=${
-            options.rootSize && typeof options.rootSize === 'string' ? options.rootSize + 'GiB' : '32GiB'
+            options.rootSize ? options.rootSize + 'GiB' : '32GiB'
           }`,
         );
       }
-      if (options.initVm && typeof options.initVm === 'string') {
-        let flag = '';
-        if (options.control === true) {
-          if (options.k3s === true) {
-            flag = ' -s -- --k3s';
-          } else {
-            // Default to kubeadm if not K3s
-            flag = ' -s -- --kubeadm';
-          }
-          await Underpost.lxd.runWorkflow({
-            workflowId: 'engine',
-            vmName: options.initVm,
-          });
-        } else if (options.worker == true) {
-          if (options.k3s === true) {
-            flag = ' -s -- --worker --k3s';
+
+      if (options.initVm) {
+        const vmName = options.initVm;
+        const lxdSetupPath = `${underpostRoot}/scripts/lxd-vm-setup.sh`;
+        const k3sSetupPath = `${underpostRoot}/scripts/k3s-node-setup.sh`;
+
+        // Step 1: OS base setup (disk, packages, kernel modules)
+        shellExec(`cat ${lxdSetupPath} | lxc exec ${vmName} -- bash`);
+
+        // Step 2: Push engine source from host to VM
+        await Underpost.lxd.runWorkflow({ workflowId: 'engine', vmName, dev: options.dev });
+
+        // Step 3: K3s role setup (installs Node, npm deps, then k3s via node bin --dev)
+        if (options.worker === true) {
+          if (options.joinNode) {
+            const controlNode = options.joinNode.includes(',') ? options.joinNode.split(',').pop() : options.joinNode;
+            const k3sToken = shellExec(
+              `lxc exec ${controlNode} -- bash -c 'sudo cat /var/lib/rancher/k3s/server/node-token'`,
+              { stdout: true },
+            ).trim();
+            const controlPlaneIp = shellExec(
+              `lxc list ${controlNode} --format json | jq -r '.[0].state.network.enp5s0.addresses[] | select(.family=="inet") | .address'`,
+              { stdout: true },
+            ).trim();
+            logger.info(`Initializing worker ${vmName} and joining control plane ${controlNode} (${controlPlaneIp})`);
+            shellExec(
+              `cat ${k3sSetupPath} | lxc exec ${vmName} -- bash -s -- --worker --control-ip=${controlPlaneIp} --token=${k3sToken}`,
+            );
           } else {
-            // Default to kubeadm worker
-            flag = ' -s -- --worker';
+            shellExec(`cat ${k3sSetupPath} | lxc exec ${vmName} -- bash -s -- --worker`);
           }
+        } else {
+          shellExec(`cat ${k3sSetupPath} | lxc exec ${vmName} -- bash -s -- --control`);
         }
-        console.log(`Executing underpost-setup.sh on VM: ${options.initVm}`);
-        shellExec(`cat ${underpostRoot}/manifests/lxd/underpost-setup.sh | lxc exec ${options.initVm} -- bash${flag}`);
-        console.log(`underpost-setup.sh execution completed on VM: ${options.initVm}`);
       }
 
       if (options.workflowId) {
@@ -155,241 +183,168 @@ ipv6.address=none`);
         });
       }
 
-      if (options.joinNode && typeof options.joinNode === 'string') {
+      // Standalone join: --join-node workerName,controlName (without --init-vm)
+      if (options.joinNode && !options.initVm) {
         const [workerNode, controlNode] = options.joinNode.split(',');
-        // Determine if it's a Kubeadm or K3s join
-        const isK3sJoin = options.k3s === true;
-
-        if (isK3sJoin) {
-          console.log(`Attempting to join K3s worker node ${workerNode} to control plane ${controlNode}`);
-          // Get K3s token from control plane
-          const k3sToken = shellExec(
-            `lxc exec ${controlNode} -- bash -c 'sudo cat /var/lib/rancher/k3s/server/node-token'`,
-            { stdout: true },
-          ).trim();
-          // Get control plane IP
-          const controlPlaneIp = shellExec(
-            `lxc list ${controlNode} --format json | jq -r '.[0].state.network.enp5s0.addresses[] | select(.family=="inet") | .address'`,
-            { stdout: true },
-          ).trim();
-
-          if (!k3sToken || !controlPlaneIp) {
-            console.error(`Failed to get K3s token or control plane IP. Cannot join worker.`);
-            return;
-          }
-          const k3sJoinCommand = `K3S_URL=https://${controlPlaneIp}:6443 K3S_TOKEN=${k3sToken} curl -sfL https://get.k3s.io | sh -`;
-          shellExec(`lxc exec ${workerNode} -- bash -c '${k3sJoinCommand}'`);
-          console.log(`K3s worker node ${workerNode} join command executed.`);
-        } else {
-          // Kubeadm join
-          console.log(`Attempting to join Kubeadm worker node ${workerNode} to control plane ${controlNode}`);
-          const token = shellExec(
-            `echo "$(lxc exec ${controlNode} -- bash -c 'sudo kubeadm token create --print-join-command')"`,
-            { stdout: true },
-          );
-          shellExec(`lxc exec ${workerNode} -- bash -c '${token}'`);
-          console.log(`Kubeadm worker node ${workerNode} join command executed.`);
-        }
+        const k3sToken = shellExec(
+          `lxc exec ${controlNode} -- bash -c 'sudo cat /var/lib/rancher/k3s/server/node-token'`,
+          { stdout: true },
+        ).trim();
+        const controlPlaneIp = shellExec(
+          `lxc list ${controlNode} --format json | jq -r '.[0].state.network.enp5s0.addresses[] | select(.family=="inet") | .address'`,
+          { stdout: true },
+        ).trim();
+        logger.info(`Joining K3s worker ${workerNode} to control plane ${controlNode} (${controlPlaneIp})`);
+        shellExec(
+          `lxc exec ${workerNode} -- bash -c 'K3S_URL=https://${controlPlaneIp}:6443 K3S_TOKEN=${k3sToken} curl -sfL https://get.k3s.io | sh -s - agent'`,
+        );
+        logger.info(`Worker ${workerNode} joined successfully.`);
       }
-      if (options.infoVm && typeof options.infoVm === 'string') {
+
+      if (options.infoVm) {
         shellExec(`lxc config show ${options.infoVm}`);
         shellExec(`lxc info --show-log ${options.infoVm}`);
         shellExec(`lxc info ${options.infoVm}`);
         shellExec(`lxc list ${options.infoVm}`);
       }
-      if (options.expose && typeof options.expose === 'string') {
+
+      if (options.expose) {
         const [vmName, ports] = options.expose.split(':');
-        console.log({ vmName, ports });
-        const protocols = ['tcp']; // udp
+        const protocols = ['tcp'];
         const hostIp = Underpost.dns.getLocalIPv4Address();
         const vmIp = shellExec(
           `lxc list ${vmName} --format json | jq -r '.[0].state.network.enp5s0.addresses[] | select(.family=="inet") | .address'`,
           { stdout: true },
         ).trim();
         if (!vmIp) {
-          console.error(`Could not get VM IP for ${vmName}. Cannot expose ports.`);
+          logger.error(`Could not get VM IP for ${vmName}. Cannot expose ports.`);
           return;
         }
         for (const port of ports.split(',')) {
           for (const protocol of protocols) {
             const deviceName = `${vmName}-${protocol}-port-${port}`;
-            shellExec(`lxc config device remove ${vmName} ${deviceName}`); // Use to prevent error if device doesn't exist
+            shellExec(`lxc config device remove ${vmName} ${deviceName}`);
             shellExec(
               `lxc config device add ${vmName} ${deviceName} proxy listen=${protocol}:${hostIp}:${port} connect=${protocol}:${vmIp}:${port} nat=true`,
             );
-            console.log(`Manually exposed ${protocol}:${hostIp}:${port} -> ${vmIp}:${port} for ${vmName}`);
+            logger.info(`Exposed ${protocol}:${hostIp}:${port} -> ${vmIp}:${port} on ${vmName}`);
           }
         }
       }
-      if (options.deleteExpose && typeof options.deleteExpose === 'string') {
-        const [controlNode, ports] = options.deleteExpose.split(':');
-        console.log({ controlNode, ports });
-        const protocols = ['tcp']; // udp
+
+      if (options.deleteExpose) {
+        const [vmName, ports] = options.deleteExpose.split(':');
+        const protocols = ['tcp'];
         for (const port of ports.split(',')) {
           for (const protocol of protocols) {
-            shellExec(`lxc config device remove ${controlNode} ${controlNode}-${protocol}-port-${port}`);
+            shellExec(`lxc config device remove ${vmName} ${vmName}-${protocol}-port-${port}`);
           }
         }
       }
 
-      if (options.test && typeof options.test === 'string') {
+      if (options.test) {
         const vmName = options.test;
-        console.log(`Starting comprehensive test for VM: ${vmName}`);
-
-        // 1. Monitor for IPv4 address
-        let vmIp = '';
-        let retries = 0;
-        const maxRetries = 10;
-        const delayMs = 5000; // 5 seconds
-
-        while (!vmIp && retries < maxRetries) {
-          try {
-            console.log(`Attempting to get IPv4 address for ${vmName} (Attempt ${retries + 1}/${maxRetries})...`);
-            vmIp = shellExec(
-              `lxc list ${vmName} --format json | jq -r '.[0].state.network.enp5s0.addresses[] | select(.family=="inet") | .address'`,
-              { stdout: true },
-            ).trim();
-            if (vmIp) {
-              console.log(`IPv4 address found for ${vmName}: ${vmIp}`);
-            } else {
-              console.log(`IPv4 address not yet available for ${vmName}. Retrying in ${delayMs / 1000} seconds...`);
-              await new Promise((resolve) => setTimeout(resolve, delayMs));
-            }
-          } catch (error) {
-            console.error(`Error getting IPv4 address: ${error.message}`);
-            console.log(`Retrying in ${delayMs / 1000} seconds...`);
-            await new Promise((resolve) => setTimeout(resolve, delayMs));
-          }
-          retries++;
-        }
-
-        if (!vmIp) {
-          console.error(`Failed to get IPv4 address for ${vmName} after ${maxRetries} attempts. Aborting tests.`);
-          return;
-        }
-
-        // 2. Iteratively check connection to google.com
-        let connectedToGoogle = false;
-        retries = 0;
-        while (!connectedToGoogle && retries < maxRetries) {
-          try {
-            console.log(`Checking connectivity to google.com from ${vmName} (Attempt ${retries + 1}/${maxRetries})...`);
-            const curlOutput = shellExec(
-              `lxc exec ${vmName} -- bash -c 'curl -s -o /dev/null -w "%{http_code}" http://google.com'`,
-              { stdout: true },
-            );
-            if (curlOutput.startsWith('2') || curlOutput.startsWith('3')) {
-              console.log(`Successfully connected to google.com from ${vmName}.`);
-              connectedToGoogle = true;
-            } else {
-              console.log(`Connectivity to google.com not yet verified. Retrying in ${delayMs / 1000} seconds...`);
-              await new Promise((resolve) => setTimeout(resolve, delayMs));
-            }
-          } catch (error) {
-            console.error(`Error checking connectivity to google.com: ${error.message}`);
-            console.log(`Retrying in ${delayMs / 1000} seconds...`);
-            await new Promise((resolve) => setTimeout(resolve, delayMs));
-          }
-          retries++;
-        }
-
-        if (!connectedToGoogle) {
-          console.error(
-            `Failed to connect to google.com from ${vmName} after ${maxRetries} attempts. Aborting further tests.`,
-          );
-          return;
-        }
-
-        // 3. Check other connectivity, network, and VM health parameters
-        console.log(`\n--- Comprehensive Health Report for ${vmName} ---`);
-
-        // VM Status
-        console.log('\n--- VM Status ---');
-        try {
-          const vmStatus = shellExec(`lxc list ${vmName} --format json`, { stdout: true, silent: true });
-          console.log(JSON.stringify(JSON.parse(vmStatus), null, 2));
-        } catch (error) {
-          console.error(`Error getting VM status: ${error.message}`);
-        }
-
-        // CPU Usage
-        console.log('\n--- CPU Usage ---');
-        try {
-          const cpuUsage = shellExec(`lxc exec ${vmName} -- bash -c 'top -bn1 | grep "Cpu(s)"'`, { stdout: true });
-          console.log(cpuUsage.trim());
-        } catch (error) {
-          console.error(`Error getting CPU usage: ${error.message}`);
-        }
+        const vmIp = shellExec(
+          `lxc list ${vmName} --format json | jq -r '.[0].state.network.enp5s0.addresses[] | select(.family=="inet") | .address'`,
+          { stdout: true },
+        ).trim();
+        logger.info(`VM ${vmName} IPv4: ${vmIp || 'none'}`);
+        const httpStatus = shellExec(
+          `lxc exec ${vmName} -- curl -s -o /dev/null -w "%{http_code}" --max-time 5 http://google.com`,
+          { stdout: true },
+        ).trim();
+        logger.info(`VM ${vmName} HTTP connectivity: ${httpStatus}`);
+        logger.info(`Health report for VM: ${vmName}`);
+        shellExec(`lxc list ${vmName} --format json`);
+        shellExec(`lxc exec ${vmName} -- bash -c 'top -bn1 | grep "Cpu(s)"'`);
+        shellExec(`lxc exec ${vmName} -- bash -c 'free -m'`);
+        shellExec(`lxc exec ${vmName} -- bash -c 'df -h /'`);
+        shellExec(`lxc exec ${vmName} -- bash -c 'ip a'`);
+        shellExec(`lxc exec ${vmName} -- bash -c 'cat /etc/resolv.conf'`);
+        shellExec(`lxc exec ${vmName} -- bash -c 'sudo k3s kubectl get nodes'`);
+      }
+    },
 
-        // Memory Usage
-        console.log('\n--- Memory Usage ---');
-        try {
-          const memoryUsage = shellExec(`lxc exec ${vmName} -- bash -c 'free -m'`, { stdout: true });
-          console.log(memoryUsage.trim());
-        } catch (error) {
-          console.error(`Error getting memory usage: ${error.message}`);
-        }
+    /**
+     * @method pushDirectory
+     * @description Pushes a host directory into a VM using ignore-walk (respecting .gitignore)
+     * and a tar pipe. Skips gitignored paths (e.g. node_modules, .git, build artifacts).
+     * @param {object} params
+     * @param {string} params.srcPath - Absolute path of the source directory on the host.
+     * @param {string} params.vmName - Target LXD VM name.
+     * @param {string} params.destPath - Absolute path of the destination directory inside the VM.
+     * @param {string[]} [params.ignoreFiles=['.gitignore']] - Ignore-file names to respect during walk.
+     * @returns {Promise<void>}
+     * @memberof UnderpostLxd
+     */
+    async pushDirectory({ srcPath, vmName, destPath, ignoreFiles }) {
+      const includesFile = `/tmp/lxd-push-${vmName}-${Date.now()}.txt`;
+      if (!ignoreFiles) ignoreFiles = ['.gitignore'];
+      // Collect non-ignored files via ignore-walk
+      const files = await new Promise((resolve) =>
+        walk(
+          {
+            path: srcPath,
+            ignoreFiles,
+            includeEmpty: false,
+            follow: false,
+          },
+          (_, result) => resolve(result),
+        ),
+      );
 
-        // Disk Usage
-        console.log('\n--- Disk Usage (Root Partition) ---');
-        try {
-          const diskUsage = shellExec(`lxc exec ${vmName} -- bash -c 'df -h /'`, { stdout: true });
-          console.log(diskUsage.trim());
-        } catch (error) {
-          console.error(`Error getting disk usage: ${error.message}`);
-        }
+      // Write relative paths (one per line) to a temp includes file
+      fs.writeFileSync(includesFile, files.join('\n'));
+      logger.info(`lxd pushDirectory: ${files.length} files collected`, { srcPath, vmName, destPath, includesFile });
 
-        // Network Interface Status
-        console.log('\n--- Network Interface Status (ip a) ---');
-        try {
-          const ipA = shellExec(`lxc exec ${vmName} -- bash -c 'ip a'`, { stdout: true });
-          console.log(ipA.trim());
-        } catch (error) {
-          console.error(`Error getting network interface status: ${error.message}`);
-        }
+      // Reset destination directory inside the VM
+      shellExec(`lxc exec ${vmName} -- bash -c 'rm -rf ${destPath} && mkdir -p ${destPath}'`);
 
-        // DNS Resolution (resolv.conf)
-        console.log('\n--- DNS Configuration (/etc/resolv.conf) ---');
-        try {
-          const resolvConf = shellExec(`lxc exec ${vmName} -- bash -c 'cat /etc/resolv.conf'`, { stdout: true });
-          console.log(resolvConf.trim());
-        } catch (error) {
-          console.error(`Error getting DNS configuration: ${error.message}`);
-        }
+      // Stream tar archive from host into VM
+      shellExec(
+        `tar -C ${srcPath} -cf - --files-from=${includesFile} | lxc exec ${vmName} -- tar -C ${destPath} -xf -`,
+      );
 
-        console.log(`\nComprehensive test for VM: ${vmName} completed.`);
-      }
+      // Clean up temp includes file
+      fs.removeSync(includesFile);
     },
+
     /**
      * @method runWorkflow
      * @description Executes predefined workflows on LXD VMs.
-     * @param {object} params - Parameters for the workflow.
-     * @param {string} params.workflowId - The workflow id to execute (e.g., 'init').
-     * @param {string} params.vmName - The name of the VM to run the workflow on.
-     * @param {string} [params.deployId] - Optional deployment identifier.
-     * @param {boolean} [params.dev=false] - Run in development mode (adjusts paths).
+     * @param {object} params
+     * @param {string} params.workflowId - Workflow ID to execute.
+     * @param {string} params.vmName - Target VM name.
+     * @param {string} [params.deployId] - Deployment identifier.
+     * @param {boolean} [params.dev=false] - Use local paths.
      * @memberof UnderpostLxd
      */
     async runWorkflow({ workflowId, vmName, deployId, dev }) {
       switch (workflowId) {
         case 'engine': {
-          const basePath = `/home/dd`;
-          const subDir = 'engine';
-          shellExec(`lxc exec ${vmName} -- bash -c 'rm ${basePath} && mkdir -p ${basePath}/${subDir}'`);
-          shellExec(`lxc file push ${basePath}/${subDir}/package.json ${vmName}${basePath}/${subDir}/package.json`);
-          shellExec(`lxc file push ${basePath}/${subDir}/src ${vmName}${basePath}/${subDir} --recursive`);
-          shellExec(`lxc file push ${basePath}/${subDir}/${subDir}-private ${vmName}${basePath}/${subDir} --recursive`);
+          await Underpost.lxd.pushDirectory({
+            srcPath: `/home/dd/engine`,
+            vmName,
+            destPath: `/home/dd/engine`,
+          });
+          await Underpost.lxd.pushDirectory({
+            srcPath: `/home/dd/engine/engine-private`,
+            vmName,
+            destPath: `/home/dd/engine/engine-private`,
+            ignoreFiles: ['/home/dd/engine/.gitignore', '.gitignore'],
+          });
           break;
         }
-        case 'setup-underpost-engine': {
-          const basePath = `/home/dd/engine`;
-          shellExec(`lxc exec ${vmName} -- bash -lc 'nvm use $(node --version) && cd ${basePath} && npm install'`);
-          shellExec(`lxc exec ${vmName} -- bash -lc 'underpost run secret'`);
+        case 'engine-recursive-push': {
+          const enginePath = '/home/dd/engine';
+          shellExec(`lxc exec ${vmName} -- bash -c 'rm -rf ${enginePath}'`);
+          shellExec(`lxc exec ${vmName} -- bash -c 'mkdir -p /home/dd'`);
+          shellExec(`lxc file push ${enginePath} ${vmName}/home/dd --recursive`);
           break;
         }
-        case 'k3s-setup': {
+        case 'dev-reset': {
           shellExec(
-            `lxc exec ${vmName} -- bash -lc 'cd /home/dd/engine && node bin cluster --dev --reset && node bin cluster --dev --k3s'`,
+            `lxc exec ${vmName} -- bash -lc 'cd /home/dd/engine && node bin cluster --dev --reset --k3s && node bin cluster --dev --k3s'`,
           );
           break;
         }

package/src/cli/repository.js

@@ -124,6 +124,7 @@ class UnderpostRepository {
 
       if (options.changelog !== undefined || options.changelogBuild) {
         const ciIntegrationPrefix = 'ci(package-pwa-microservices-';
+        const ciIntegrationVersionPrefix = 'New release v:';
         const releaseMatch = 'New release v:';
 
         // Helper: parse [<tag>] commits into grouped sections
@@ -261,7 +262,9 @@ class UnderpostRepository {
           let commits;
           if (!hasExplicitCount) {
             // No explicit count: find commits up to the last CI integration boundary
-            const ciIndex = allCommits.findIndex((c) => c.message.startsWith(ciIntegrationPrefix));
+            const ciIndex = allCommits.findIndex(
+              (c) => c.message.startsWith(ciIntegrationPrefix) && !c.message.match(ciIntegrationVersionPrefix),
+            );
             commits = ciIndex >= 0 ? allCommits.slice(0, ciIndex) : allCommits;
           } else {
             commits = allCommits;

package/src/cli/run.js

@@ -1148,7 +1148,7 @@ EOF
       const baseClusterCommand = options.dev ? ' --dev' : '';
       const clusterType = options.k3s ? 'k3s' : 'kubeadm';
       shellCd(`/home/dd/engine`);
-      shellExec(`${baseCommand} cluster${baseClusterCommand} --reset`);
+      shellExec(`${baseCommand} cluster${baseClusterCommand} --reset --${clusterType}`);
       await timer(5000);
       shellExec(`${baseCommand} cluster${baseClusterCommand} --${clusterType}`);
       await timer(5000);
@@ -1779,8 +1779,9 @@ EOF
      * @memberof UnderpostRun
      */
     'gpu-env': (path, options = DEFAULT_OPTION) => {
+      const clusterType = 'kubeadm';
       shellExec(
-        `node bin cluster --dev --reset && node bin cluster --dev --dedicated-gpu --kubeadm && kubectl get pods --all-namespaces -o wide -w`,
+        `node bin cluster --dev --reset --${clusterType} && node bin cluster --dev --dedicated-gpu --${clusterType} && kubectl get pods --all-namespaces -o wide -w`,
       );
     },
     /**