@xcelera/cli 2.2.1 → 2.3.0

package/README.md

@@ -4,6 +4,38 @@ A CLI for running Lighthouse performance audits using xcelera.dev
 
 ## Usage
 
+### CLI Usage
+
+```bash
+# Basic audit
+xcelera audit --url https://example.com --token your-api-token
+```
+
+### Authenticated Pages
+
+For pages behind login, you can pass authentication credentials:
+
+```bash
+# With session cookie
+xcelera audit --url https://myapp.com/dashboard --cookie "session=abc123"
+
+# With bearer token header
+xcelera audit --url https://api.myapp.com/admin \
+  --header "Authorization: Bearer eyJhbG..."
+
+# Multiple cookies
+xcelera audit --url https://myapp.com/dashboard \
+  --cookie "session=abc123" --cookie "csrf=xyz"
+
+# Full auth JSON (multiple cookies and custom headers)
+xcelera audit --url https://myapp.com/dashboard \
+  --auth '{"cookies":[{"name":"session","value":"abc123"}],"headers":{"X-Custom":"value"}}'
+
+# Using environment variable
+export XCELERA_AUTH='{"cookies":[{"name":"session","value":"abc123"}]}'
+xcelera audit --url https://myapp.com/dashboard
+```
+
 ### GitHub Action Usage
 
 ```yaml
@@ -14,6 +46,34 @@ A CLI for running Lighthouse performance audits using xcelera.dev
     token: ${{ secrets.XCELERA_TOKEN }}
 ```
 
+For authenticated pages in CI:
+
+```yaml
+# With session cookie
+- name: Lighthouse Audit (Cookie Auth)
+  uses: xcelera/cli@v1
+  with:
+    url: https://example.com/dashboard
+    token: ${{ secrets.XCELERA_TOKEN }}
+    cookie: "session=value"
+
+# With bearer token header
+- name: Lighthouse Audit (Bearer Auth)
+  uses: xcelera/cli@v1
+  with:
+    url: https://example.com/admin
+    token: ${{ secrets.XCELERA_TOKEN }}
+    header: "Authorization: Bearer eybDfd..."
+
+# With full auth JSON (multiple cookies/headers)
+- name: Lighthouse Audit (Full Auth)
+  uses: xcelera/cli@v1
+  with:
+    url: https://example.com/dashboard
+    token: ${{ secrets.XCELERA_TOKEN }}
+    auth: '{"cookies":[{"name":"session","value":"session_value"},{"name":"csrf","value":"csrf_value"}]}'
+```
+
 ## Setup
 
 ### 1. Get Your API Token

package/dist/action.js

@@ -27303,7 +27303,7 @@ function isNetworkError(error) {
 	return errorMessages.has(message);
 }
 
-async function requestAudit(url, token, context) {
+async function requestAudit(url, token, context, auth) {
     const apiUrl = `${getApiBaseUrl()}/api/v1/audit`;
     try {
         const response = await fetch(apiUrl, {
@@ -27314,7 +27314,8 @@ async function requestAudit(url, token, context) {
             },
             body: JSON.stringify({
                 url,
-                context
+                context,
+                ...(auth && { auth })
             })
         });
         if (!response.ok) {
@@ -27346,6 +27347,7 @@ async function requestAudit(url, token, context) {
         throw error;
     }
 }
+/* istanbul ignore next */
 function getApiBaseUrl() {
     if (process.env.NODE_ENV === 'development') {
         return 'http://localhost:3000';
@@ -36538,24 +36540,21 @@ async function isGitRepository() {
     return simpleGit().checkIsRepo();
 }
 async function getCommit(hash = 'HEAD') {
-    // format: %H: commit hash, %s: subject, %an: author name, %ae: author email, %ai: author date
+    // format: %H: commit hash, %s: subject, %an: author name, %ai: author date
     // Use null byte (%x00) as delimiter - cannot appear in commit data
     const commit = await simpleGit().show([
         hash,
         '--no-patch',
-        '--format=%H%x00%s%x00%an%x00%ae%x00%ai'
+        '--format=%H%x00%s%x00%an%x00%ai'
     ]);
-    const [resolvedHash, message, author_name, author_email, date] = commit
-        .trim()
-        .split('\0');
+    const [resolvedHash, message, author_name, date] = commit.trim().split('\0');
     if (!resolvedHash) {
         throw new Error(`No commit found for ${hash}`);
     }
     return {
         hash: resolvedHash,
         message: message,
-        author: author_name || 'Unknown',
-        email: author_email || '',
+        author: author_name || 'Unknown Author',
         date: date ? new Date(date).toISOString() : new Date().toISOString()
     };
 }
@@ -36576,13 +36575,18 @@ async function inferBuildContext() {
     };
 }
 
-async function runAuditCommand(url, token) {
+async function runAuditCommand(url, token, authOptions) {
     const output = [];
     const errors = [];
     try {
         const buildContext = await inferBuildContext();
         output.push(...formatBuildContext(buildContext));
-        const response = await requestAudit(url, token, buildContext);
+        const auth = parseAuthCredentials(authOptions);
+        if (auth) {
+            output.push('🔐 Authentication credentials detected');
+            output.push('');
+        }
+        const response = await requestAudit(url, token, buildContext, auth);
         if (!response.success) {
             const { message, details } = response.error;
             errors.push('❌ Unable to schedule audit :(');
@@ -36674,13 +36678,67 @@ function formatGitHubIntegrationStatus(context) {
     }
     return { output, errors };
 }
+function parseAuthCredentials(options) {
+    const envAuth = process.env.XCELERA_AUTH;
+    if (envAuth) {
+        try {
+            return JSON.parse(envAuth);
+        }
+        catch {
+            throw new Error('XCELERA_AUTH environment variable contains invalid JSON');
+        }
+    }
+    // Check for --auth JSON option
+    if (options?.authJson) {
+        try {
+            return JSON.parse(options.authJson);
+        }
+        catch {
+            throw new Error('--auth option contains invalid JSON');
+        }
+    }
+    // Build auth from --cookie and --header options
+    const hasCookies = options?.cookies && options.cookies.length > 0;
+    const hasHeaders = options?.headers && options.headers.length > 0;
+    if (!hasCookies && !hasHeaders) {
+        return undefined;
+    }
+    const auth = {};
+    if (hasCookies && options.cookies) {
+        auth.cookies = options.cookies.map(parseCookie);
+    }
+    if (hasHeaders && options.headers) {
+        auth.headers = {};
+        for (const header of options.headers) {
+            const colonIndex = header.indexOf(':');
+            if (colonIndex === -1) {
+                throw new Error(`Invalid header format: "${header}". Expected "Name: Value"`);
+            }
+            const name = header.slice(0, colonIndex).trim();
+            const value = header.slice(colonIndex + 1).trim();
+            auth.headers[name] = value;
+        }
+    }
+    return auth;
+}
+function parseCookie(cookie) {
+    const equalsIndex = cookie.indexOf('=');
+    if (equalsIndex === -1) {
+        throw new Error(`Invalid cookie format: "${cookie}". Expected "name=value"`);
+    }
+    return {
+        name: cookie.slice(0, equalsIndex),
+        value: cookie.slice(equalsIndex + 1)
+    };
+}
 
 /* istanbul ignore file */
 run();
 async function run() {
     const url = coreExports.getInput('url', { required: true });
     const token = coreExports.getInput('token', { required: true });
-    const result = await runAuditCommand(url, token);
+    const authOptions = parseAuthInputs();
+    const result = await runAuditCommand(url, token, authOptions);
     result.output.forEach((line) => coreExports.info(line));
     result.errors.forEach((line) => coreExports.error(line));
     if (result.exitCode !== 0) {
@@ -36691,4 +36749,17 @@ async function run() {
         coreExports.setOutput('status', 'success');
     }
 }
+function parseAuthInputs() {
+    const auth = coreExports.getInput('auth');
+    const cookie = coreExports.getInput('cookie');
+    const header = coreExports.getInput('header');
+    if (!auth && !cookie && !header) {
+        return undefined;
+    }
+    return {
+        authJson: auth || undefined,
+        cookies: cookie ? [cookie] : undefined,
+        headers: header ? [header] : undefined
+    };
+}
 //# sourceMappingURL=action.js.map