npm - @uofx/cli - Versions diffs - 1.0.2 → 1.1.0 - Mend

@uofx/cli 1.0.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (240) hide show

package/dist/domain/value-objects/output-path.value-object.js ADDED Viewed

@@ -0,0 +1,85 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OutputPath = void 0;
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+/**
+ * 輸出路徑 Value Object
+ *
+ * 封裝輸出路徑的安全驗證邏輯，防止寫入系統保護目錄
+ */
+class OutputPath {
+    constructor(resolvedPath) {
+        this.resolvedPath = resolvedPath;
+    }
+    /**
+     * 建立輸出路徑
+     * @param rawPath - 原始路徑字串
+     * @returns 輸出路徑物件
+     */
+    static create(rawPath) {
+        return new OutputPath(path.resolve(rawPath));
+    }
+    /**
+     * 檢查路徑是否為系統保護路徑
+     * @param resolvedPath - 已解析的絕對路徑
+     * @returns 若為系統保護路徑則回傳 true
+     */
+    static isProtected(resolvedPath) {
+        const normalized = resolvedPath.replace(/\\/g, '/').toLowerCase();
+        const homeDir = os.homedir().replace(/\\/g, '/').toLowerCase();
+        if (normalized === homeDir) {
+            return true;
+        }
+        return this.FORBIDDEN_PREFIXES.some((prefix) => normalized.startsWith(prefix));
+    }
+    /**
+     * 取得已解析的絕對路徑
+     * @returns 已解析的路徑字串
+     */
+    get value() {
+        return this.resolvedPath;
+    }
+}
+exports.OutputPath = OutputPath;
+/** 系統保護路徑前綴清單 */
+OutputPath.FORBIDDEN_PREFIXES = [
+    '/windows',
+    '/system32',
+    'c:/windows',
+    'c:/program files',
+];
+//# sourceMappingURL=output-path.value-object.js.map

package/dist/domain/value-objects/rsa-key-pair.value-object.js CHANGED Viewed

@@ -5,6 +5,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.RsaKeyPair = void 0;
 const crypto_1 = __importDefault(require("crypto"));
+const errors_1 = require("../errors");
 /**
  * RSA 金鑰對 Value Object
  *
@@ -32,12 +33,14 @@ class RsaKeyPair {
             const keyPair = new RsaKeyPair(privateKey, publicKey);
             // 驗證生成的金鑰對
             if (!keyPair.validate()) {
-                throw new Error('Generated RSA key pair validation failed');
+                throw new errors_1.AppError('Generated RSA key pair validation failed', {
+                    exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+                });
             }
             return keyPair;
         }
         catch (error) {
-            throw new Error(`Failed to generate RSA key pair: ${error instanceof Error ? error.message : String(error)}`);
+            throw new errors_1.AppError(`Failed to generate RSA key pair: ${error instanceof Error ? error.message : String(error)}`, { exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR });
         }
     }
     /**
@@ -50,7 +53,9 @@ class RsaKeyPair {
     static create(privateKey, publicKey) {
         const keyPair = new RsaKeyPair(privateKey, publicKey);
         if (!keyPair.validate()) {
-            throw new Error('Invalid RSA key pair: keys do not match');
+            throw new errors_1.AppError('Invalid RSA key pair: keys do not match', {
+                exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+            });
         }
         return keyPair;
     }
@@ -168,6 +173,27 @@ class RsaKeyPair {
         // 第二次 Base64 編碼使用 UTF-8 (Helm 參數需求)
         return Buffer.from(first, 'utf8').toString('base64');
     }
+    /**
+     * 防止 JSON.stringify 意外洩露金鑰，回傳遮罩值
+     * @returns 遮罩後的物件
+     */
+    toJSON() {
+        return {
+            privateKey: '***MASKED***',
+            publicKey: '***MASKED***',
+        };
+    }
+    /**
+     * 回傳可安全記錄到日志的物件
+     * 金鑰欄位將被遮罩
+     * @returns 遮罩後的物件，可安全寫入日志
+     */
+    toSafeLog() {
+        return {
+            privateKey: '***MASKED***',
+            publicKey: '***MASKED***',
+        };
+    }
     /**
      * 比較兩個金鑰對是否相等
      * @param other - 另一個金鑰對

package/dist/index.js CHANGED Viewed

@@ -2,5 +2,10 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 const cli_1 = require("./cli");
-(0, cli_1.run)(process.argv);
+(0, cli_1.run)(process.argv)
+    .then(() => process.exit(0))
+    .catch(() => {
+    // 錯誤已由 BaseController.executeAction 和全域 ErrorHandler 處理
+    // 此處僅確保 Promise chain 不產生 unhandled rejection
+});
 //# sourceMappingURL=index.js.map

package/dist/infrastructure/config/{app-config.service.js → app-config.adapter.js} RENAMED Viewed

@@ -45,15 +45,16 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
     return function (target, key) { decorator(target, key, paramIndex); }
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AppConfig = void 0;
+exports.AppConfigAdapter = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const os = __importStar(require("os"));
 const tsyringe_1 = require("tsyringe");
-const config_validator_1 = require("./config-validator");
+const config_validator_util_1 = require("./config-validator.util");
 const acr_credentials_value_object_1 = require("../../domain/value-objects/acr-credentials.value-object");
 const tokens_1 = require("../../di/tokens");
-const crypto_service_1 = require("./crypto.service");
+const errors_1 = require("../../domain/errors");
+const crypto_service_1 = require("./services/crypto.service");
 /**
  * 混淆用字典字串
  */
@@ -78,11 +79,9 @@ function decodeObfuscated(indices) {
  * 設定服務實作
  * 負責載入、合併與驗證配置
  *
- * 實作：
- * - IAppConfig: Infrastructure 層內部介面（完整配置功能）
- * - IAppConfigPort: Domain Port（供 Application 層使用）
+ * 實作 IAppConfigPort Domain Port，供 Application 層使用
  */
-let AppConfig = class AppConfig {
+let AppConfigAdapter = class AppConfigAdapter {
     constructor(logger) {
         this.logger = logger;
     }
@@ -140,7 +139,7 @@ let AppConfig = class AppConfig {
         const userConfig = this.loadUserConfig();
         const merged = this.mergeConfigs(defaultConfig, userConfig);
         // 驗證設定
-        (0, config_validator_1.validateConfig)(merged, this.logger);
+        (0, config_validator_util_1.validateConfig)(merged, this.logger);
         return merged;
     }
     /**
@@ -173,7 +172,7 @@ let AppConfig = class AppConfig {
                 password: crypto_service_1.CryptoService.encrypt(configToSave.acr.password),
             };
         }
-        fs.writeFileSync(configPath, JSON.stringify(configToSave, null, 2), 'utf-8');
+        fs.writeFileSync(configPath, JSON.stringify(configToSave, null, 2), { encoding: 'utf-8', mode: 0o600 });
         this.logger.debug('Configuration saved', { configPath });
     }
     /**
@@ -182,7 +181,7 @@ let AppConfig = class AppConfig {
      */
     getCliVersion() {
         try {
-            // 目錄結構：dist/infrastructure/config/app-config.service.js
+            // 目錄結構：dist/infrastructure/config/app-config.adapter.js
             // 需要往上 3 層才能到達專案根目錄
             const possiblePaths = [
                 path.resolve(__dirname, '../../../package.json'), // dist 環境
@@ -236,23 +235,36 @@ let AppConfig = class AppConfig {
      */
     loadAcrCredentialsFromFile(filePath) {
         if (!fs.existsSync(filePath)) {
-            throw new Error(`ACR credentials file not found: ${filePath}`);
+            throw new errors_1.AppError(`ACR credentials file not found: ${filePath}`, {
+                exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+            });
         }
         try {
             const content = fs.readFileSync(filePath, 'utf-8');
             const data = JSON.parse(content);
             if (!acr_credentials_value_object_1.AcrCredentials.isValid(data.name, data.account, data.password)) {
-                throw new Error('Invalid ACR credentials format: name, account, and password are required');
+                throw new errors_1.AppError('Invalid ACR credentials format: name, account, and password are required', {
+                    exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+                });
             }
             return acr_credentials_value_object_1.AcrCredentials.create(data.name, data.account, data.password);
         }
         catch (error) {
             if (error instanceof SyntaxError) {
-                throw new Error(`Invalid JSON in ACR credentials file: ${filePath}`);
+                throw new errors_1.AppError(`Invalid JSON in ACR credentials file: ${filePath}`, {
+                    exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+                });
             }
             throw error;
         }
     }
+    /**
+     * 取得使用者配置目錄路徑
+     * @returns 使用者配置目錄路徑（如 ~/.uofx）
+     */
+    getUserConfigDir() {
+        return path.join(os.homedir(), '.uofx');
+    }
     /**
      * 深度合併設定物件
      * @param defaultConfig 預設設定
@@ -271,10 +283,10 @@ let AppConfig = class AppConfig {
         };
     }
 };
-exports.AppConfig = AppConfig;
-exports.AppConfig = AppConfig = __decorate([
+exports.AppConfigAdapter = AppConfigAdapter;
+exports.AppConfigAdapter = AppConfigAdapter = __decorate([
     (0, tsyringe_1.injectable)(),
     __param(0, (0, tsyringe_1.inject)(tokens_1.TOKENS.ILoggerPort)),
     __metadata("design:paramtypes", [Object])
-], AppConfig);
-//# sourceMappingURL=app-config.service.js.map
+], AppConfigAdapter);
+//# sourceMappingURL=app-config.adapter.js.map

package/dist/infrastructure/config/{config-validator.js → config-validator.util.js} RENAMED Viewed

@@ -28,4 +28,4 @@ function validateConfig(config, logger) {
         config.logLevel = 'error';
     }
 }
-//# sourceMappingURL=config-validator.js.map
+//# sourceMappingURL=config-validator.util.js.map

package/dist/infrastructure/config/index.js ADDED Viewed

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateConfig = exports.validateLogLevel = exports.CryptoService = exports.AppConfigAdapter = void 0;
+/**
+ * Infrastructure Config 模組匯出
+ */
+var app_config_adapter_1 = require("./app-config.adapter");
+Object.defineProperty(exports, "AppConfigAdapter", { enumerable: true, get: function () { return app_config_adapter_1.AppConfigAdapter; } });
+var crypto_service_1 = require("./services/crypto.service");
+Object.defineProperty(exports, "CryptoService", { enumerable: true, get: function () { return crypto_service_1.CryptoService; } });
+var config_validator_util_1 = require("./config-validator.util");
+Object.defineProperty(exports, "validateLogLevel", { enumerable: true, get: function () { return config_validator_util_1.validateLogLevel; } });
+Object.defineProperty(exports, "validateConfig", { enumerable: true, get: function () { return config_validator_util_1.validateConfig; } });
+//# sourceMappingURL=index.js.map

package/dist/infrastructure/config/interfaces/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=index.js.map

package/dist/infrastructure/config/{crypto.service.js → services/crypto.service.js} RENAMED Viewed

@@ -35,6 +35,7 @@ var __importStar = (this && this.__importStar) || (function () {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CryptoService = void 0;
 const crypto = __importStar(require("crypto"));
+const errors_1 = require("../../../domain/errors");
 /**
  * 混淆用字典字串
  */
@@ -93,7 +94,9 @@ class CryptoService {
      */
     static decrypt(encrypted) {
         if (!this.isEncrypted(encrypted)) {
-            throw new Error('Invalid encrypted format');
+            throw new errors_1.AppError('Invalid encrypted format', {
+                exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+            });
         }
         const key = this.getKey();
         const data = Buffer.from(encrypted.slice(ENCRYPTED_PREFIX.length), 'base64');

package/dist/infrastructure/config/services/index.js ADDED Viewed

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CryptoService = void 0;
+/**
+ * Config 模組服務匯出
+ */
+var crypto_service_1 = require("./crypto.service");
+Object.defineProperty(exports, "CryptoService", { enumerable: true, get: function () { return crypto_service_1.CryptoService; } });
+//# sourceMappingURL=index.js.map

package/dist/infrastructure/deployment/deployment.adapter.js CHANGED Viewed

@@ -107,11 +107,11 @@ exports.DeploymentAdapter = DeploymentAdapter = __decorate([
     (0, tsyringe_1.injectable)(),
     __param(0, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.IMssqlHelmDeployment)),
     __param(1, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.IK8sJobRunner)),
-    __param(2, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.InfraManagerService)),
-    __param(3, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.ServiceManagerService)),
-    __param(4, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.AppManagerService)),
-    __param(5, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.SecretManagerService)),
-    __param(6, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.HelmRegistryService)),
+    __param(2, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.IInfraManager)),
+    __param(3, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.IServiceManager)),
+    __param(4, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.IAppManager)),
+    __param(5, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.ISecretManager)),
+    __param(6, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.IHelmRegistry)),
     __param(7, (0, tsyringe_1.inject)(tokens_1.TOKENS.Internal.VersionCompatibilityService)),
     __metadata("design:paramtypes", [Object, Object, Object, Object, Object, Object, Object, Object])
 ], DeploymentAdapter);

package/dist/infrastructure/deployment/index.js ADDED Viewed

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DeploymentAdapter = void 0;
+/**
+ * Infrastructure Deployment 模組匯出
+ */
+var deployment_adapter_1 = require("./deployment.adapter");
+Object.defineProperty(exports, "DeploymentAdapter", { enumerable: true, get: function () { return deployment_adapter_1.DeploymentAdapter; } });
+//# sourceMappingURL=index.js.map

package/dist/infrastructure/deployment/interfaces/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=index.js.map

package/dist/infrastructure/deployment/services/acr-credential-manager.service.js CHANGED Viewed

@@ -49,7 +49,8 @@ exports.AcrCredentialManagerService = void 0;
 const tsyringe_1 = require("tsyringe");
 const fs = __importStar(require("fs"));
 const tokens_1 = require("../../../di/tokens");
-const sensitive_decorator_1 = require("../../../domain/decorators/sensitive.decorator");
+const sensitive_decorator_1 = require("../../interceptors/decorators/sensitive.decorator");
+const errors_1 = require("../../../domain/errors");
 let AcrCredentialManagerService = class AcrCredentialManagerService {
     constructor(appConfig) {
         this.appConfig = appConfig;
@@ -62,7 +63,9 @@ let AcrCredentialManagerService = class AcrCredentialManagerService {
     loadCredentialsFromFile(filePath) {
         // 檢查檔案存在
         if (!fs.existsSync(filePath)) {
-            throw new Error(`Pull secret file not found: ${filePath}`);
+            throw new errors_1.AppError(`Pull secret file not found: ${filePath}`, {
+                exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+            });
         }
         // 讀取檔案
         const content = fs.readFileSync(filePath, 'utf8');
@@ -72,7 +75,9 @@ let AcrCredentialManagerService = class AcrCredentialManagerService {
             raw = JSON.parse(content);
         }
         catch {
-            throw new Error('Invalid JSON format in pull secret file');
+            throw new errors_1.AppError('Invalid JSON format in pull secret file', {
+                exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+            });
         }
         // 正規化欄位名稱（支援舊格式相容）
         const credentials = this.normalizeCredentials(raw);
@@ -113,13 +118,19 @@ let AcrCredentialManagerService = class AcrCredentialManagerService {
      */
     validateCredentials(credentials) {
         if (!credentials.name) {
-            throw new Error('Missing required field in pull secret: name (or acrName)');
+            throw new errors_1.AppError('Missing required field in pull secret: name (or acrName)', {
+                exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+            });
         }
         if (!credentials.account) {
-            throw new Error('Missing required field in pull secret: account (or acrAccount)');
+            throw new errors_1.AppError('Missing required field in pull secret: account (or acrAccount)', {
+                exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+            });
         }
         if (!credentials.password) {
-            throw new Error('Missing required field in pull secret: password (or acrPassword)');
+            throw new errors_1.AppError('Missing required field in pull secret: password (or acrPassword)', {
+                exitCode: errors_1.EXIT_CODES.VALIDATION_ERROR,
+            });
         }
     }
 };
@@ -138,7 +149,7 @@ __decorate([
 ], AcrCredentialManagerService.prototype, "getDefaultCredentials", null);
 exports.AcrCredentialManagerService = AcrCredentialManagerService = __decorate([
     (0, tsyringe_1.injectable)(),
-    __param(0, (0, tsyringe_1.inject)(tokens_1.TOKENS.IAppConfig)),
+    __param(0, (0, tsyringe_1.inject)(tokens_1.TOKENS.IAppConfigPort)),
     __metadata("design:paramtypes", [Object])
 ], AcrCredentialManagerService);
 //# sourceMappingURL=acr-credential-manager.service.js.map

package/dist/infrastructure/deployment/services/app-manager.service.js CHANGED Viewed

@@ -16,7 +16,7 @@ exports.AppManagerService = void 0;
 const tsyringe_1 = require("tsyringe");
 const tokens_1 = require("../../../di/tokens");
 const deployment_parameters_entity_1 = require("../../../domain/entities/deployment-parameters.entity");
-const sensitive_decorator_1 = require("../../../domain/decorators/sensitive.decorator");
+const sensitive_decorator_1 = require("../../interceptors/decorators/sensitive.decorator");
 const base_helm_deployment_service_1 = require("./base-helm-deployment.service");
 const index_1 = require("../../../constants/index");
 /**
@@ -71,7 +71,7 @@ let AppManagerService = class AppManagerService extends base_helm_deployment_ser
             releaseName: 'uofx-blue',
             chartPath,
             wait: true,
-            timeout: '1800s',
+            timeout: '3600s',
             sensitiveStdin: valuesContent,
         });
         this.logger.debug('[App] Deploying application chart', {
@@ -102,7 +102,7 @@ let AppManagerService = class AppManagerService extends base_helm_deployment_ser
             .arg('secret')
             .arg('web-appsettings-secret')
             .arg('-n', 'uofx')
-            .arg('-p', `'${patchData}'`);
+            .arg('-p', patchData);
         try {
             await builder.exec();
         }

package/dist/infrastructure/deployment/services/base-helm-deployment.service.js CHANGED Viewed

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.BaseHelmDeploymentService = void 0;
 const retry_util_1 = require("../../utils/retry.util");
+const errors_1 = require("../../../domain/errors");
 /**
  * Helm 部署基類
  *
@@ -97,7 +98,9 @@ class BaseHelmDeploymentService {
      */
     createHelmUpgradeBuilder(instanceName, options) {
         if (!this.envFactory) {
-            throw new Error('ExecutionEnvironmentFactory is required for createHelmUpgradeBuilder');
+            throw new errors_1.AppError('ExecutionEnvironmentFactory is required for createHelmUpgradeBuilder', {
+                exitCode: errors_1.EXIT_CODES.SYSTEM_ERROR,
+            });
         }
         const env = this.envFactory.getForInstance(instanceName);
         const builder = env.helm('upgrade')
@@ -112,7 +115,7 @@ class BaseHelmDeploymentService {
         }
         // Release 名稱和 Chart 路徑
         builder.arg(options.releaseName);
-        builder.arg(`"${options.chartPath}"`);
+        builder.arg(options.chartPath);
         // 命名空間
         const namespace = options.namespace ?? 'uofx';
         builder.arg('-n', namespace);
@@ -126,7 +129,7 @@ class BaseHelmDeploymentService {
         // 添加敏感的 --set 參數
         if (options.sensitiveSetArgs) {
             for (const { key, value } of options.sensitiveSetArgs) {
-                builder.sensitiveArg('--set', `${key}="${value}"`);
+                builder.sensitiveArg('--set', `${key}=${value}`);
             }
         }
         // 從 stdin 讀取 values
@@ -147,7 +150,10 @@ class BaseHelmDeploymentService {
         await (0, retry_util_1.retryWithBackoff)(async () => {
             const result = await builder.exec();
             if (result.exitCode !== 0) {
-                throw new Error(result.stderr);
+                this.logger.debug('Helm deployment failed', { stderr: result.stderr });
+                throw new errors_1.AppError('Helm deployment failed', {
+                    exitCode: errors_1.EXIT_CODES.SYSTEM_ERROR,
+                });
             }
         }, (0, retry_util_1.createHelmRetryOptions)({
             onRetry: (attempt) => {
@@ -155,7 +161,9 @@ class BaseHelmDeploymentService {
                 this.logger.warn(`[${serviceName}] Retrying install (${attempt}/3)...`);
             },
         })).catch((error) => {
-            throw new Error(`Failed to install ${chartName} chart: ${error.message}`);
+            throw new errors_1.AppError(`Failed to install ${chartName} chart: ${error.message}`, {
+                exitCode: errors_1.EXIT_CODES.SYSTEM_ERROR,
+            });
         });
     }
 }

package/dist/infrastructure/deployment/services/helm-registry.service.js CHANGED Viewed

@@ -16,7 +16,8 @@ exports.HelmRegistryService = void 0;
 const tsyringe_1 = require("tsyringe");
 const tokens_1 = require("../../../di/tokens");
 const acr_credentials_value_object_1 = require("../../../domain/value-objects/acr-credentials.value-object");
-const sensitive_decorator_1 = require("../../../domain/decorators/sensitive.decorator");
+const sensitive_decorator_1 = require("../../interceptors/decorators/sensitive.decorator");
+const errors_1 = require("../../../domain/errors");
 /**
  * Helm Registry 服務
  *
@@ -56,7 +57,10 @@ let HelmRegistryService = class HelmRegistryService {
             .sensitiveStdin(acrPassword);
         const result = await builder.exec();
         if (result.exitCode !== 0) {
-            throw new Error(`Failed to login to helm registry: ${result.stderr}`);
+            this.logger.debug('Failed to login to helm registry', { stderr: result.stderr });
+            throw new errors_1.AppError('Failed to login to helm registry', {
+                exitCode: errors_1.EXIT_CODES.SYSTEM_ERROR,
+            });
         }
         this.logger.debug(`[HelmRegistry] Successfully logged in to ${registry}`);
     }
@@ -85,7 +89,10 @@ let HelmRegistryService = class HelmRegistryService {
             .arg('--destination', destDir);
         const result = await builder.exec();
         if (result.exitCode !== 0) {
-            throw new Error(`Failed to pull ${chartName} chart: ${result.stderr}`);
+            this.logger.debug(`Failed to pull ${chartName} chart`, { stderr: result.stderr });
+            throw new errors_1.AppError(`Failed to pull ${chartName} chart`, {
+                exitCode: errors_1.EXIT_CODES.SYSTEM_ERROR,
+            });
         }
         const chartPath = `${destDir}/${chartName}-${version}.tgz`;
         this.logger.debug(`[HelmRegistry] Chart pulled successfully: ${chartPath}`);

package/dist/infrastructure/deployment/services/index.js ADDED Viewed

@@ -0,0 +1,35 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VersionCompatibilityService = exports.ServiceManagerService = exports.SecretManagerService = exports.OciArtifactService = exports.MssqlUserManagerService = exports.MssqlStorageService = exports.MssqlHelmDeploymentService = exports.MssqlDatabaseInitService = exports.K8sJobRunnerService = exports.InfraManagerService = exports.HelmRegistryService = exports.BaseHelmDeploymentService = exports.AppManagerService = exports.AcrCredentialManagerService = void 0;
+/**
+ * Deployment 模組服務匯出
+ */
+var acr_credential_manager_service_1 = require("./acr-credential-manager.service");
+Object.defineProperty(exports, "AcrCredentialManagerService", { enumerable: true, get: function () { return acr_credential_manager_service_1.AcrCredentialManagerService; } });
+var app_manager_service_1 = require("./app-manager.service");
+Object.defineProperty(exports, "AppManagerService", { enumerable: true, get: function () { return app_manager_service_1.AppManagerService; } });
+var base_helm_deployment_service_1 = require("./base-helm-deployment.service");
+Object.defineProperty(exports, "BaseHelmDeploymentService", { enumerable: true, get: function () { return base_helm_deployment_service_1.BaseHelmDeploymentService; } });
+var helm_registry_service_1 = require("./helm-registry.service");
+Object.defineProperty(exports, "HelmRegistryService", { enumerable: true, get: function () { return helm_registry_service_1.HelmRegistryService; } });
+var infra_manager_service_1 = require("./infra-manager.service");
+Object.defineProperty(exports, "InfraManagerService", { enumerable: true, get: function () { return infra_manager_service_1.InfraManagerService; } });
+var k8s_job_runner_service_1 = require("./k8s-job-runner.service");
+Object.defineProperty(exports, "K8sJobRunnerService", { enumerable: true, get: function () { return k8s_job_runner_service_1.K8sJobRunnerService; } });
+var mssql_database_init_service_1 = require("./mssql-database-init.service");
+Object.defineProperty(exports, "MssqlDatabaseInitService", { enumerable: true, get: function () { return mssql_database_init_service_1.MssqlDatabaseInitService; } });
+var mssql_helm_deployment_service_1 = require("./mssql-helm-deployment.service");
+Object.defineProperty(exports, "MssqlHelmDeploymentService", { enumerable: true, get: function () { return mssql_helm_deployment_service_1.MssqlHelmDeploymentService; } });
+var mssql_storage_service_1 = require("./mssql-storage.service");
+Object.defineProperty(exports, "MssqlStorageService", { enumerable: true, get: function () { return mssql_storage_service_1.MssqlStorageService; } });
+var mssql_user_manager_service_1 = require("./mssql-user-manager.service");
+Object.defineProperty(exports, "MssqlUserManagerService", { enumerable: true, get: function () { return mssql_user_manager_service_1.MssqlUserManagerService; } });
+var oci_artifact_service_1 = require("./oci-artifact.service");
+Object.defineProperty(exports, "OciArtifactService", { enumerable: true, get: function () { return oci_artifact_service_1.OciArtifactService; } });
+var secret_manager_service_1 = require("./secret-manager.service");
+Object.defineProperty(exports, "SecretManagerService", { enumerable: true, get: function () { return secret_manager_service_1.SecretManagerService; } });
+var service_manager_service_1 = require("./service-manager.service");
+Object.defineProperty(exports, "ServiceManagerService", { enumerable: true, get: function () { return service_manager_service_1.ServiceManagerService; } });
+var version_compatibility_service_1 = require("./version-compatibility.service");
+Object.defineProperty(exports, "VersionCompatibilityService", { enumerable: true, get: function () { return version_compatibility_service_1.VersionCompatibilityService; } });
+//# sourceMappingURL=index.js.map

package/dist/infrastructure/deployment/services/infra-manager.service.js CHANGED Viewed

@@ -16,9 +16,10 @@ exports.InfraManagerService = void 0;
 const tsyringe_1 = require("tsyringe");
 const tokens_1 = require("../../../di/tokens");
 const deployment_parameters_entity_1 = require("../../../domain/entities/deployment-parameters.entity");
-const sensitive_decorator_1 = require("../../../domain/decorators/sensitive.decorator");
+const sensitive_decorator_1 = require("../../interceptors/decorators/sensitive.decorator");
 const base_helm_deployment_service_1 = require("./base-helm-deployment.service");
 const paths_1 = require("../../../constants/paths");
+const errors_1 = require("../../../domain/errors");
 /**
  * 基礎設施管理服務
  *
@@ -61,21 +62,21 @@ let InfraManagerService = class InfraManagerService extends base_helm_deployment
             releaseName: 'uofx-infra',
             chartPath,
             setArgs: [
-                `k8sType="microk8s"`,
+                `k8sType=microk8s`,
                 `traefik.web.TLS.enable=true`,
                 `traefik.admin.TLS.enable=true`,
-                `imageCredentials.registry="${registry}"`,
-                `imageCredentials.username="${acrAccount}"`,
-                `storage.type="local"`,
-                `storage.local.defaultPath="${paths_1.LINUX_PATHS.UOFX_STORAGE_BASE}"`,
-                `storage.local.mqShare.path="/rabbitmq"`,
-                `storage.local.lokiShare.path="/loki"`,
-                `storage.local.redisShare.path="/redis"`,
-                `storage.local.fileShare.path="/file"`,
-                `storage.local.syncShare.path="/system"`,
-                `storage.local.searchShare.path="/search"`,
-                `loki.retentionPeriod="365d"`,
-                `installType="install"`,
+                `imageCredentials.registry=${registry}`,
+                `imageCredentials.username=${acrAccount}`,
+                `storage.type=local`,
+                `storage.local.defaultPath=${paths_1.LINUX_PATHS.UOFX_STORAGE_BASE}`,
+                `storage.local.mqShare.path=/rabbitmq`,
+                `storage.local.lokiShare.path=/loki`,
+                `storage.local.redisShare.path=/redis`,
+                `storage.local.fileShare.path=/file`,
+                `storage.local.syncShare.path=/system`,
+                `storage.local.searchShare.path=/search`,
+                `loki.retentionPeriod=365d`,
+                `installType=install`,
                 `enabledSearch=true`,
             ],
             sensitiveSetArgs: [
@@ -108,7 +109,10 @@ let InfraManagerService = class InfraManagerService extends base_helm_deployment
             .args(...directories);
         const result = await builder.exec();
         if (result.exitCode !== 0) {
-            throw new Error(`Failed to create storage directories: ${result.stderr}`);
+            this.logger.debug('Failed to create storage directories', { stderr: result.stderr });
+            throw new errors_1.AppError('Failed to create storage directories', {
+                exitCode: errors_1.EXIT_CODES.SYSTEM_ERROR,
+            });
         }
         this.logger.debug('[Infra] Storage directories created');
     }