@unikernelai/sandbox-cli 1.0.0

package/dist/cli.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/cli.js

@@ -0,0 +1,290 @@
+#!/usr/bin/env node
+import { program } from "commander";
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { homedir } from "os";
+import { join } from "path";
+import { UnikernelsClient, DEFAULT_BASE_URL, } from "@unikernelai/sandbox";
+// ─── Config file: ~/.unik/config.json ───────────────────────────────────────
+const CONFIG_DIR = join(homedir(), ".unik");
+const CONFIG_FILE = join(CONFIG_DIR, "config.json");
+function loadConfig() {
+    if (!existsSync(CONFIG_FILE))
+        return {};
+    try {
+        return JSON.parse(readFileSync(CONFIG_FILE, "utf8"));
+    }
+    catch {
+        return {};
+    }
+}
+function saveConfig(cfg) {
+    if (!existsSync(CONFIG_DIR))
+        mkdirSync(CONFIG_DIR, { recursive: true });
+    writeFileSync(CONFIG_FILE, JSON.stringify(cfg, null, 2) + "\n", "utf8");
+}
+function getClient(overrides = {}) {
+    const cfg = loadConfig();
+    const apiKey = overrides.apiKey ?? cfg.api_key;
+    const authToken = overrides.authToken ?? cfg.auth_token;
+    const baseUrl = overrides.baseUrl ?? cfg.base_url ?? DEFAULT_BASE_URL;
+    if (!apiKey && !authToken) {
+        console.error("Error: no credentials found.\n" +
+            "  Set an API key:    unik auth set-key <key>\n" +
+            "  Or set a JWT:      unik auth set-token <jwt>\n" +
+            "  Or login:          unik auth login");
+        process.exit(1);
+    }
+    return new UnikernelsClient({ apiKey, authToken, baseUrl });
+}
+function jsonOut(data) {
+    console.log(JSON.stringify(data, null, 2));
+}
+function readStdin() {
+    return new Promise((resolve) => {
+        let buf = "";
+        process.stdin.setEncoding("utf8");
+        process.stdin.on("data", (chunk) => (buf += chunk));
+        process.stdin.on("end", () => resolve(buf.trim()));
+    });
+}
+// ─── CLI definition ──────────────────────────────────────────────────────────
+program
+    .name("unik")
+    .description("Unikraft sandbox CLI — run code in unikernel-isolated sandboxes")
+    .version("1.0.0");
+// ── auth ─────────────────────────────────────────────────────────────────────
+const auth = program.command("auth").description("Manage credentials");
+auth
+    .command("set-key <key>")
+    .description("Save an API key to ~/.unik/config.json")
+    .action((key) => {
+    const cfg = loadConfig();
+    cfg.api_key = key;
+    delete cfg.auth_token;
+    saveConfig(cfg);
+    console.log(`✓ API key saved (prefix: ${key.slice(0, 12)}...)`);
+});
+auth
+    .command("set-token <jwt>")
+    .description("Save a JWT bearer token (for admin operations like creating API keys)")
+    .action((jwt) => {
+    const cfg = loadConfig();
+    cfg.auth_token = jwt;
+    saveConfig(cfg);
+    console.log("✓ JWT saved");
+});
+auth
+    .command("set-url <url>")
+    .description("Override the base URL (default: DEFAULT_BASE_URL)")
+    .action((url) => {
+    const cfg = loadConfig();
+    cfg.base_url = url;
+    saveConfig(cfg);
+    console.log(`✓ Base URL set to ${url}`);
+});
+auth
+    .command("whoami")
+    .description("Show stored credentials")
+    .action(() => {
+    const cfg = loadConfig();
+    console.log("Base URL:", cfg.base_url ?? DEFAULT_BASE_URL);
+    console.log("API key: ", cfg.api_key ? cfg.api_key.slice(0, 16) + "..." : "(none)");
+    console.log("JWT:     ", cfg.auth_token ? cfg.auth_token.slice(0, 20) + "..." : "(none)");
+});
+auth
+    .command("logout")
+    .description("Clear stored credentials")
+    .action(() => {
+    saveConfig({});
+    console.log("✓ Credentials cleared");
+});
+// ── api-keys ─────────────────────────────────────────────────────────────────
+const keys = program.command("keys").description("Manage API keys (requires JWT)");
+keys
+    .command("create")
+    .description("Create a new API key and save it locally")
+    .option("-l, --label <label>", "Human-readable label for the key")
+    .option("-e, --expires <date>", "Expiry date (ISO 8601, e.g. 2026-12-31T00:00:00Z)")
+    .option("--no-save", "Print the key without saving to ~/.unik/config.json")
+    .action(async (opts) => {
+    const client = getClient();
+    const key = await client.createApiKey({
+        label: opts.label,
+        expires_at: opts.expires,
+    });
+    console.log("\n✓ API key created:");
+    console.log("  Key:    ", key.key);
+    console.log("  ID:     ", key.id);
+    console.log("  Prefix: ", key.prefix);
+    if (key.expires_at)
+        console.log("  Expires:", key.expires_at);
+    if (opts.save !== false) {
+        const cfg = loadConfig();
+        cfg.api_key = key.key;
+        delete cfg.auth_token;
+        saveConfig(cfg);
+        console.log("\n✓ Key saved to ~/.unik/config.json. Future commands will use it automatically.");
+    }
+    else {
+        console.log("\n  ⚠  Store this key — it will NOT be shown again.");
+    }
+});
+keys
+    .command("list")
+    .description("List all API keys for this account")
+    .action(async () => {
+    const client = getClient();
+    const list = await client.listApiKeys();
+    if (list.length === 0) {
+        console.log("No API keys found.");
+        return;
+    }
+    console.log(`\n${list.length} key(s):\n`);
+    for (const k of list) {
+        const status = k.revoked_at ? "REVOKED" : "active";
+        console.log(`  ${k.prefix}...  [${status}]  id=${k.id}  label=${k.label ?? "-"}  created=${k.created_at.slice(0, 10)}`);
+    }
+});
+keys
+    .command("revoke <id>")
+    .description("Revoke an API key by its ID")
+    .action(async (id) => {
+    const client = getClient();
+    await client.revokeApiKey(id);
+    console.log(`✓ Key ${id} revoked`);
+});
+// ── run ───────────────────────────────────────────────────────────────────────
+program
+    .command("run <language> [code]")
+    .description("Execute code directly (stateless). Language: python | nodejs | shell.\n" +
+    "  Pass code as argument or pipe via stdin:\n" +
+    "    unik run python 'print(\"hello\")'\n" +
+    "    echo 'print(1+1)' | unik run python\n" +
+    "    cat script.py | unik run python")
+    .option("-t, --timeout <ms>", "Timeout in milliseconds (max 8000)", "8000")
+    .option("--json", "Output raw JSON response")
+    .action(async (language, codeArg, opts) => {
+    const code = codeArg ?? (await readStdin());
+    if (!code) {
+        console.error("Error: provide code as argument or pipe via stdin");
+        process.exit(1);
+    }
+    const client = getClient();
+    const result = await client.execute({
+        language: language,
+        code,
+        timeout_ms: parseInt(opts.timeout),
+    });
+    if (opts.json) {
+        jsonOut(result);
+        return;
+    }
+    if (result.stdout)
+        process.stdout.write(result.stdout);
+    if (result.stderr)
+        process.stderr.write(result.stderr);
+    if (result.status !== "success") {
+        console.error(`\n✗ Exited with status: ${result.status} (${result.execution_time_ms}ms)`);
+        process.exit(1);
+    }
+});
+// ── sandbox ───────────────────────────────────────────────────────────────────
+const sbx = program.command("sandbox").description("Manage persistent sandbox sessions");
+sbx
+    .command("create")
+    .description("Create a new sandbox and print its ID")
+    .option("--json", "Output raw JSON")
+    .action(async (opts) => {
+    const client = getClient();
+    const sandbox = await client.createSandbox();
+    if (opts.json) {
+        jsonOut({ id: sandbox.id });
+    }
+    else {
+        console.log(sandbox.id);
+    }
+});
+sbx
+    .command("exec <id> <language> [code]")
+    .description("Run code inside an existing sandbox")
+    .option("-t, --timeout <ms>", "Timeout in milliseconds (max 8000)", "8000")
+    .option("--json", "Output raw JSON")
+    .action(async (id, language, codeArg, opts) => {
+    const code = codeArg ?? (await readStdin());
+    if (!code) {
+        console.error("Error: provide code as argument or pipe via stdin");
+        process.exit(1);
+    }
+    const client = getClient();
+    const sandbox = client.getSandboxHandle(id);
+    const result = await sandbox.execute({
+        language: language,
+        code,
+        timeout_ms: parseInt(opts.timeout),
+    });
+    if (opts.json) {
+        jsonOut(result);
+        return;
+    }
+    if (result.stdout)
+        process.stdout.write(result.stdout);
+    if (result.stderr)
+        process.stderr.write(result.stderr);
+    if (result.status !== "success")
+        process.exit(1);
+});
+sbx
+    .command("delete <id>")
+    .description("Delete a sandbox")
+    .action(async (id) => {
+    const client = getClient();
+    await client.deleteSandbox(id);
+    console.log(`✓ Sandbox ${id} deleted`);
+});
+sbx
+    .command("upload <id> <path> [content]")
+    .description("Upload a file into a sandbox (base64 content, or pipe stdin)")
+    .action(async (id, path, contentArg) => {
+    const raw = contentArg ?? (await readStdin());
+    const b64 = Buffer.from(raw).toString("base64");
+    const client = getClient();
+    const sandbox = client.getSandboxHandle(id);
+    const file = await sandbox.uploadFile(path, b64);
+    console.log(`✓ Uploaded ${file.path} (${file.size_bytes} bytes)`);
+});
+sbx
+    .command("ls <id> [path]")
+    .description("List files in a sandbox")
+    .action(async (id, path = "") => {
+    const client = getClient();
+    const sandbox = client.getSandboxHandle(id);
+    const files = await sandbox.listFiles(path);
+    if (files.length === 0) {
+        console.log("(empty)");
+        return;
+    }
+    for (const f of files) {
+        console.log(`  ${f.path}  (${f.size_bytes}B)`);
+    }
+});
+// ── status ────────────────────────────────────────────────────────────────────
+program
+    .command("status")
+    .description("Check if the server is healthy")
+    .option("--json", "Output raw JSON")
+    .action(async (opts) => {
+    const cfg = loadConfig();
+    const baseUrl = cfg.base_url ?? DEFAULT_BASE_URL;
+    const res = await fetch(`${baseUrl}/readyz`).then((r) => r.json());
+    if (opts.json) {
+        jsonOut(res);
+    }
+    else {
+        const r = res;
+        console.log("Status:", r.status);
+        for (const [name, check] of Object.entries(r.checks ?? {})) {
+            console.log(`  ${check.ok ? "✓" : "✗"} ${name}`);
+        }
+    }
+});
+program.parseAsync(process.argv);

package/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "@unikernelai/sandbox-cli",
+  "version": "1.0.0",
+  "description": "CLI for the Unikraft sandbox API — run code, manage sandboxes, provision API keys",
+  "type": "module",
+  "bin": {
+    "unik": "./dist/cli.js"
+  },
+  "main": "dist/cli.js",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "dev": "node --loader ts-node/esm src/cli.ts"
+  },
+  "dependencies": {
+    "@unikernelai/sandbox": "^1.1.0",
+    "commander": "^12.1.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.0.0",
+    "typescript": "^5.4.0"
+  },
+  "keywords": [
+    "sandbox",
+    "unikraft",
+    "code-execution",
+    "cli"
+  ],
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public"
+  },
+  "engines": {
+    "node": ">=18"
+  }
+}