@xcelera/cli 2.2.2 → 2.3.1

package/README.md

@@ -4,6 +4,38 @@ A CLI for running Lighthouse performance audits using xcelera.dev
 
 ## Usage
 
+### CLI Usage
+
+```bash
+# Basic audit
+xcelera audit --url https://example.com --token your-api-token
+```
+
+### Authenticated Pages
+
+For pages behind login, you can pass authentication credentials:
+
+```bash
+# With session cookie
+xcelera audit --url https://myapp.com/dashboard --cookie "session=abc123"
+
+# With bearer token header
+xcelera audit --url https://api.myapp.com/admin \
+  --header "Authorization: Bearer eyJhbG..."
+
+# Multiple cookies
+xcelera audit --url https://myapp.com/dashboard \
+  --cookie "session=abc123" --cookie "csrf=xyz"
+
+# Full auth JSON (multiple cookies and custom headers)
+xcelera audit --url https://myapp.com/dashboard \
+  --auth '{"cookies":[{"name":"session","value":"abc123"}],"headers":{"X-Custom":"value"}}'
+
+# Using environment variable
+export XCELERA_AUTH='{"cookies":[{"name":"session","value":"abc123"}]}'
+xcelera audit --url https://myapp.com/dashboard
+```
+
 ### GitHub Action Usage
 
 ```yaml
@@ -14,6 +46,34 @@ A CLI for running Lighthouse performance audits using xcelera.dev
     token: ${{ secrets.XCELERA_TOKEN }}
 ```
 
+For authenticated pages in CI:
+
+```yaml
+# With session cookie
+- name: Lighthouse Audit (Cookie Auth)
+  uses: xcelera/cli@v1
+  with:
+    url: https://example.com/dashboard
+    token: ${{ secrets.XCELERA_TOKEN }}
+    cookie: "session=value"
+
+# With bearer token header
+- name: Lighthouse Audit (Bearer Auth)
+  uses: xcelera/cli@v1
+  with:
+    url: https://example.com/admin
+    token: ${{ secrets.XCELERA_TOKEN }}
+    header: "Authorization: Bearer eybDfd..."
+
+# With full auth JSON (multiple cookies/headers)
+- name: Lighthouse Audit (Full Auth)
+  uses: xcelera/cli@v1
+  with:
+    url: https://example.com/dashboard
+    token: ${{ secrets.XCELERA_TOKEN }}
+    auth: '{"cookies":[{"name":"session","value":"session_value"},{"name":"csrf","value":"csrf_value"}]}'
+```
+
 ## Setup
 
 ### 1. Get Your API Token

package/dist/action.js

@@ -27303,7 +27303,7 @@ function isNetworkError(error) {
 	return errorMessages.has(message);
 }
 
-async function requestAudit(url, token, context) {
+async function requestAudit(url, token, context, auth) {
     const apiUrl = `${getApiBaseUrl()}/api/v1/audit`;
     try {
         const response = await fetch(apiUrl, {
@@ -27314,7 +27314,8 @@ async function requestAudit(url, token, context) {
             },
             body: JSON.stringify({
                 url,
-                context
+                context,
+                ...(auth && { auth })
             })
         });
         if (!response.ok) {
@@ -27346,6 +27347,7 @@ async function requestAudit(url, token, context) {
         throw error;
     }
 }
+/* istanbul ignore next */
 function getApiBaseUrl() {
     if (process.env.NODE_ENV === 'development') {
         return 'http://localhost:3000';
@@ -36509,7 +36511,7 @@ var simpleGit = gitInstanceFactory;
 
 async function inferGitContext() {
     if (!(await isGitRepository())) {
-        throw new Error('No git repository detected.');
+        return undefined;
     }
     const remoteUrl = await getRemoteUrl();
     const parsed = parseGithubUrl(remoteUrl);
@@ -36559,27 +36561,30 @@ async function getCommit(hash = 'HEAD') {
 
 async function inferBuildContext() {
     const ciEnv = envCi();
-    const gitContext = {
-        ...(await inferGitContext()),
-        branch: ('prBranch' in ciEnv && ciEnv.prBranch ? ciEnv.prBranch : ciEnv.branch) ??
-            undefined
-    };
+    const gitContext = await inferGitContext();
+    const branch = ('prBranch' in ciEnv && ciEnv.prBranch ? ciEnv.prBranch : ciEnv.branch) ??
+        undefined;
     return {
         service: ciEnv.isCi ? ciEnv.service : 'unknown',
         prNumber: 'pr' in ciEnv ? ciEnv.pr : undefined,
         buildNumber: 'build' in ciEnv ? ciEnv.build : undefined,
         buildUrl: 'buildUrl' in ciEnv ? ciEnv.buildUrl : undefined,
-        git: gitContext
+        git: gitContext ? { ...gitContext, branch } : undefined
     };
 }
 
-async function runAuditCommand(url, token) {
+async function runAuditCommand(url, token, authOptions) {
     const output = [];
     const errors = [];
     try {
         const buildContext = await inferBuildContext();
         output.push(...formatBuildContext(buildContext));
-        const response = await requestAudit(url, token, buildContext);
+        const auth = parseAuthCredentials(authOptions);
+        if (auth) {
+            output.push('🔐 Authentication credentials detected');
+            output.push('');
+        }
+        const response = await requestAudit(url, token, buildContext, auth);
         if (!response.success) {
             const { message, details } = response.error;
             errors.push('❌ Unable to schedule audit :(');
@@ -36671,13 +36676,67 @@ function formatGitHubIntegrationStatus(context) {
     }
     return { output, errors };
 }
+function parseAuthCredentials(options) {
+    const envAuth = process.env.XCELERA_AUTH;
+    if (envAuth) {
+        try {
+            return JSON.parse(envAuth);
+        }
+        catch {
+            throw new Error('XCELERA_AUTH environment variable contains invalid JSON');
+        }
+    }
+    // Check for --auth JSON option
+    if (options?.authJson) {
+        try {
+            return JSON.parse(options.authJson);
+        }
+        catch {
+            throw new Error('--auth option contains invalid JSON');
+        }
+    }
+    // Build auth from --cookie and --header options
+    const hasCookies = options?.cookies && options.cookies.length > 0;
+    const hasHeaders = options?.headers && options.headers.length > 0;
+    if (!hasCookies && !hasHeaders) {
+        return undefined;
+    }
+    const auth = {};
+    if (hasCookies && options.cookies) {
+        auth.cookies = options.cookies.map(parseCookie);
+    }
+    if (hasHeaders && options.headers) {
+        auth.headers = {};
+        for (const header of options.headers) {
+            const colonIndex = header.indexOf(':');
+            if (colonIndex === -1) {
+                throw new Error(`Invalid header format: "${header}". Expected "Name: Value"`);
+            }
+            const name = header.slice(0, colonIndex).trim();
+            const value = header.slice(colonIndex + 1).trim();
+            auth.headers[name] = value;
+        }
+    }
+    return auth;
+}
+function parseCookie(cookie) {
+    const equalsIndex = cookie.indexOf('=');
+    if (equalsIndex === -1) {
+        throw new Error(`Invalid cookie format: "${cookie}". Expected "name=value"`);
+    }
+    return {
+        name: cookie.slice(0, equalsIndex),
+        value: cookie.slice(equalsIndex + 1)
+    };
+}
 
 /* istanbul ignore file */
 run();
 async function run() {
     const url = coreExports.getInput('url', { required: true });
     const token = coreExports.getInput('token', { required: true });
-    const result = await runAuditCommand(url, token);
+    const authOptions = parseAuthInputs();
+    const result = await runAuditCommand(url, token, authOptions);
     result.output.forEach((line) => coreExports.info(line));
     result.errors.forEach((line) => coreExports.error(line));
     if (result.exitCode !== 0) {
@@ -36688,4 +36747,17 @@ async function run() {
         coreExports.setOutput('status', 'success');
     }
 }
+function parseAuthInputs() {
+    const auth = coreExports.getInput('auth');
+    const cookie = coreExports.getInput('cookie');
+    const header = coreExports.getInput('header');
+    if (!auth && !cookie && !header) {
+        return undefined;
+    }
+    return {
+        authJson: auth || undefined,
+        cookies: cookie ? [cookie] : undefined,
+        headers: header ? [header] : undefined
+    };
+}
 //# sourceMappingURL=action.js.map