@zincapp/znvault-cli 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +310 -0
- package/dist/commands/agent.d.ts +3 -0
- package/dist/commands/agent.d.ts.map +1 -0
- package/dist/commands/agent.js +660 -0
- package/dist/commands/agent.js.map +1 -0
- package/dist/commands/apikey.d.ts +3 -0
- package/dist/commands/apikey.d.ts.map +1 -0
- package/dist/commands/apikey.js +767 -0
- package/dist/commands/apikey.js.map +1 -0
- package/dist/commands/audit.d.ts +3 -0
- package/dist/commands/audit.d.ts.map +1 -0
- package/dist/commands/audit.js +147 -0
- package/dist/commands/audit.js.map +1 -0
- package/dist/commands/auth.d.ts +3 -0
- package/dist/commands/auth.d.ts.map +1 -0
- package/dist/commands/auth.js +426 -0
- package/dist/commands/auth.js.map +1 -0
- package/dist/commands/cert.d.ts +3 -0
- package/dist/commands/cert.d.ts.map +1 -0
- package/dist/commands/cert.js +398 -0
- package/dist/commands/cert.js.map +1 -0
- package/dist/commands/cluster.d.ts +3 -0
- package/dist/commands/cluster.d.ts.map +1 -0
- package/dist/commands/cluster.js +228 -0
- package/dist/commands/cluster.js.map +1 -0
- package/dist/commands/emergency.d.ts +3 -0
- package/dist/commands/emergency.d.ts.map +1 -0
- package/dist/commands/emergency.js +223 -0
- package/dist/commands/emergency.js.map +1 -0
- package/dist/commands/health.d.ts +3 -0
- package/dist/commands/health.d.ts.map +1 -0
- package/dist/commands/health.js +188 -0
- package/dist/commands/health.js.map +1 -0
- package/dist/commands/lockdown.d.ts +3 -0
- package/dist/commands/lockdown.d.ts.map +1 -0
- package/dist/commands/lockdown.js +232 -0
- package/dist/commands/lockdown.js.map +1 -0
- package/dist/commands/permissions.d.ts +3 -0
- package/dist/commands/permissions.d.ts.map +1 -0
- package/dist/commands/permissions.js +168 -0
- package/dist/commands/permissions.js.map +1 -0
- package/dist/commands/policy.d.ts +3 -0
- package/dist/commands/policy.d.ts.map +1 -0
- package/dist/commands/policy.js +660 -0
- package/dist/commands/policy.js.map +1 -0
- package/dist/commands/superadmin.d.ts +3 -0
- package/dist/commands/superadmin.d.ts.map +1 -0
- package/dist/commands/superadmin.js +203 -0
- package/dist/commands/superadmin.js.map +1 -0
- package/dist/commands/tenant.d.ts +3 -0
- package/dist/commands/tenant.d.ts.map +1 -0
- package/dist/commands/tenant.js +277 -0
- package/dist/commands/tenant.js.map +1 -0
- package/dist/commands/update.d.ts +9 -0
- package/dist/commands/update.d.ts.map +1 -0
- package/dist/commands/update.js +359 -0
- package/dist/commands/update.js.map +1 -0
- package/dist/commands/user.d.ts +3 -0
- package/dist/commands/user.d.ts.map +1 -0
- package/dist/commands/user.js +363 -0
- package/dist/commands/user.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +82 -0
- package/dist/index.js.map +1 -0
- package/dist/lib/client.d.ts +246 -0
- package/dist/lib/client.d.ts.map +1 -0
- package/dist/lib/client.js +734 -0
- package/dist/lib/client.js.map +1 -0
- package/dist/lib/config.d.ts +130 -0
- package/dist/lib/config.d.ts.map +1 -0
- package/dist/lib/config.js +342 -0
- package/dist/lib/config.js.map +1 -0
- package/dist/lib/db.d.ts +111 -0
- package/dist/lib/db.d.ts.map +1 -0
- package/dist/lib/db.js +698 -0
- package/dist/lib/db.js.map +1 -0
- package/dist/lib/local.d.ts +41 -0
- package/dist/lib/local.d.ts.map +1 -0
- package/dist/lib/local.js +236 -0
- package/dist/lib/local.js.map +1 -0
- package/dist/lib/mode.d.ts +210 -0
- package/dist/lib/mode.d.ts.map +1 -0
- package/dist/lib/mode.js +389 -0
- package/dist/lib/mode.js.map +1 -0
- package/dist/lib/output.d.ts +61 -0
- package/dist/lib/output.d.ts.map +1 -0
- package/dist/lib/output.js +190 -0
- package/dist/lib/output.js.map +1 -0
- package/dist/lib/prompts.d.ts +32 -0
- package/dist/lib/prompts.d.ts.map +1 -0
- package/dist/lib/prompts.js +96 -0
- package/dist/lib/prompts.js.map +1 -0
- package/dist/services/auto-update-daemon.d.ts +48 -0
- package/dist/services/auto-update-daemon.d.ts.map +1 -0
- package/dist/services/auto-update-daemon.js +296 -0
- package/dist/services/auto-update-daemon.js.map +1 -0
- package/dist/services/signature-verifier.d.ts +38 -0
- package/dist/services/signature-verifier.d.ts.map +1 -0
- package/dist/services/signature-verifier.js +209 -0
- package/dist/services/signature-verifier.js.map +1 -0
- package/dist/services/update-checker.d.ts +39 -0
- package/dist/services/update-checker.d.ts.map +1 -0
- package/dist/services/update-checker.js +198 -0
- package/dist/services/update-checker.js.map +1 -0
- package/dist/services/update-installer.d.ts +54 -0
- package/dist/services/update-installer.d.ts.map +1 -0
- package/dist/services/update-installer.js +360 -0
- package/dist/services/update-installer.js.map +1 -0
- package/dist/types/index.d.ts +411 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +2 -0
- package/dist/types/index.js.map +1 -0
- package/dist/types/update.d.ts +137 -0
- package/dist/types/update.d.ts.map +1 -0
- package/dist/types/update.js +27 -0
- package/dist/types/update.js.map +1 -0
- package/dist/utils/platform.d.ts +35 -0
- package/dist/utils/platform.d.ts.map +1 -0
- package/dist/utils/platform.js +115 -0
- package/dist/utils/platform.js.map +1 -0
- package/package.json +59 -0
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Prompt for username
|
|
3
|
+
*/
|
|
4
|
+
export declare function promptUsername(message?: string): Promise<string>;
|
|
5
|
+
/**
|
|
6
|
+
* Prompt for password
|
|
7
|
+
*/
|
|
8
|
+
export declare function promptPassword(message?: string): Promise<string>;
|
|
9
|
+
/**
|
|
10
|
+
* Prompt for TOTP code
|
|
11
|
+
*/
|
|
12
|
+
export declare function promptTotp(message?: string): Promise<string | undefined>;
|
|
13
|
+
/**
|
|
14
|
+
* Prompt for confirmation
|
|
15
|
+
*/
|
|
16
|
+
export declare function promptConfirm(message: string, defaultValue?: boolean): Promise<boolean>;
|
|
17
|
+
/**
|
|
18
|
+
* Prompt for text input
|
|
19
|
+
*/
|
|
20
|
+
export declare function promptInput(message: string, defaultValue?: string): Promise<string>;
|
|
21
|
+
/**
|
|
22
|
+
* Prompt for selection
|
|
23
|
+
*/
|
|
24
|
+
export declare function promptSelect<T extends string>(message: string, choices: {
|
|
25
|
+
name: string;
|
|
26
|
+
value: T;
|
|
27
|
+
}[]): Promise<T>;
|
|
28
|
+
/**
|
|
29
|
+
* Prompt for new password with confirmation
|
|
30
|
+
*/
|
|
31
|
+
export declare function promptNewPassword(message?: string): Promise<string>;
|
|
32
|
+
//# sourceMappingURL=prompts.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"prompts.d.ts","sourceRoot":"","sources":["../../src/lib/prompts.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,wBAAsB,cAAc,CAAC,OAAO,SAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAQ1E;AAED;;GAEG;AACH,wBAAsB,cAAc,CAAC,OAAO,SAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAS1E;AAED;;GAEG;AACH,wBAAsB,UAAU,CAAC,OAAO,SAA2B,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAShG;AAED;;GAEG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,UAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,CAK3F;AAED;;GAEG;AACH,wBAAsB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAKzF;AAED;;GAEG;AACH,wBAAsB,YAAY,CAAC,CAAC,SAAS,MAAM,EACjD,OAAO,EAAE,MAAM,EACf,OAAO,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,CAAC,CAAA;CAAE,EAAE,GACpC,OAAO,CAAC,CAAC,CAAC,CAKZ;AAED;;GAEG;AACH,wBAAsB,iBAAiB,CAAC,OAAO,SAAiB,GAAG,OAAO,CAAC,MAAM,CAAC,CAqBjF"}
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
import { input, password, confirm, select } from '@inquirer/prompts';
|
|
2
|
+
/**
|
|
3
|
+
* Prompt for username
|
|
4
|
+
*/
|
|
5
|
+
export async function promptUsername(message = 'Username') {
|
|
6
|
+
return input({
|
|
7
|
+
message,
|
|
8
|
+
validate: (value) => {
|
|
9
|
+
if (!value.trim())
|
|
10
|
+
return 'Username is required';
|
|
11
|
+
return true;
|
|
12
|
+
},
|
|
13
|
+
});
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Prompt for password
|
|
17
|
+
*/
|
|
18
|
+
export async function promptPassword(message = 'Password') {
|
|
19
|
+
return password({
|
|
20
|
+
message,
|
|
21
|
+
mask: '*',
|
|
22
|
+
validate: (value) => {
|
|
23
|
+
if (!value)
|
|
24
|
+
return 'Password is required';
|
|
25
|
+
return true;
|
|
26
|
+
},
|
|
27
|
+
});
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Prompt for TOTP code
|
|
31
|
+
*/
|
|
32
|
+
export async function promptTotp(message = 'TOTP Code (if enabled)') {
|
|
33
|
+
const code = await input({
|
|
34
|
+
message,
|
|
35
|
+
validate: (value) => {
|
|
36
|
+
if (value && !/^\d{6}$/.test(value))
|
|
37
|
+
return 'TOTP code must be 6 digits';
|
|
38
|
+
return true;
|
|
39
|
+
},
|
|
40
|
+
});
|
|
41
|
+
return code || undefined;
|
|
42
|
+
}
|
|
43
|
+
/**
|
|
44
|
+
* Prompt for confirmation
|
|
45
|
+
*/
|
|
46
|
+
export async function promptConfirm(message, defaultValue = false) {
|
|
47
|
+
return confirm({
|
|
48
|
+
message,
|
|
49
|
+
default: defaultValue,
|
|
50
|
+
});
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Prompt for text input
|
|
54
|
+
*/
|
|
55
|
+
export async function promptInput(message, defaultValue) {
|
|
56
|
+
return input({
|
|
57
|
+
message,
|
|
58
|
+
default: defaultValue,
|
|
59
|
+
});
|
|
60
|
+
}
|
|
61
|
+
/**
|
|
62
|
+
* Prompt for selection
|
|
63
|
+
*/
|
|
64
|
+
export async function promptSelect(message, choices) {
|
|
65
|
+
return select({
|
|
66
|
+
message,
|
|
67
|
+
choices,
|
|
68
|
+
});
|
|
69
|
+
}
|
|
70
|
+
/**
|
|
71
|
+
* Prompt for new password with confirmation
|
|
72
|
+
*/
|
|
73
|
+
export async function promptNewPassword(message = 'New Password') {
|
|
74
|
+
const newPass = await password({
|
|
75
|
+
message,
|
|
76
|
+
mask: '*',
|
|
77
|
+
validate: (value) => {
|
|
78
|
+
if (!value)
|
|
79
|
+
return 'Password is required';
|
|
80
|
+
if (value.length < 8)
|
|
81
|
+
return 'Password must be at least 8 characters';
|
|
82
|
+
return true;
|
|
83
|
+
},
|
|
84
|
+
});
|
|
85
|
+
const confirmPass = await password({
|
|
86
|
+
message: 'Confirm Password',
|
|
87
|
+
mask: '*',
|
|
88
|
+
validate: (value) => {
|
|
89
|
+
if (value !== newPass)
|
|
90
|
+
return 'Passwords do not match';
|
|
91
|
+
return true;
|
|
92
|
+
},
|
|
93
|
+
});
|
|
94
|
+
return confirmPass;
|
|
95
|
+
}
|
|
96
|
+
//# sourceMappingURL=prompts.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"prompts.js","sourceRoot":"","sources":["../../src/lib/prompts.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAErE;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,OAAO,GAAG,UAAU;IACvD,OAAO,KAAK,CAAC;QACX,OAAO;QACP,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE;YAClB,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE;gBAAE,OAAO,sBAAsB,CAAC;YACjD,OAAO,IAAI,CAAC;QACd,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,OAAO,GAAG,UAAU;IACvD,OAAO,QAAQ,CAAC;QACd,OAAO;QACP,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE;YAClB,IAAI,CAAC,KAAK;gBAAE,OAAO,sBAAsB,CAAC;YAC1C,OAAO,IAAI,CAAC;QACd,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAAO,GAAG,wBAAwB;IACjE,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC;QACvB,OAAO;QACP,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE;YAClB,IAAI,KAAK,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC;gBAAE,OAAO,4BAA4B,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC;KACF,CAAC,CAAC;IACH,OAAO,IAAI,IAAI,SAAS,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAe,EAAE,YAAY,GAAG,KAAK;IACvE,OAAO,OAAO,CAAC;QACb,OAAO;QACP,OAAO,EAAE,YAAY;KACtB,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAe,EAAE,YAAqB;IACtE,OAAO,KAAK,CAAC;QACX,OAAO;QACP,OAAO,EAAE,YAAY;KACtB,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAAe,EACf,OAAqC;IAErC,OAAO,MAAM,CAAC;QACZ,OAAO;QACP,OAAO;KACR,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,OAAO,GAAG,cAAc;IAC9D,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC;QAC7B,OAAO;QACP,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE;YAClB,IAAI,CAAC,KAAK;gBAAE,OAAO,sBAAsB,CAAC;YAC1C,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;gBAAE,OAAO,wCAAwC,CAAC;YACtE,OAAO,IAAI,CAAC;QACd,CAAC;KACF,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC;QACjC,OAAO,EAAE,kBAAkB;QAC3B,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE;YAClB,IAAI,KAAK,KAAK,OAAO;gBAAE,OAAO,wBAAwB,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;KACF,CAAC,CAAC;IAEH,OAAO,WAAW,CAAC;AACrB,CAAC"}
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
import type { UpdateConfig } from '../types/update.js';
|
|
2
|
+
export declare class AutoUpdateDaemon {
|
|
3
|
+
private config;
|
|
4
|
+
private checker;
|
|
5
|
+
private ws;
|
|
6
|
+
private checkTimer;
|
|
7
|
+
private reconnectTimer;
|
|
8
|
+
private isShuttingDown;
|
|
9
|
+
private pendingUpdate;
|
|
10
|
+
constructor(config: UpdateConfig);
|
|
11
|
+
/**
|
|
12
|
+
* Log with timestamp
|
|
13
|
+
*/
|
|
14
|
+
private log;
|
|
15
|
+
/**
|
|
16
|
+
* Log error with timestamp
|
|
17
|
+
*/
|
|
18
|
+
private logError;
|
|
19
|
+
/**
|
|
20
|
+
* Start the daemon
|
|
21
|
+
*/
|
|
22
|
+
start(): Promise<void>;
|
|
23
|
+
/**
|
|
24
|
+
* Check for updates and install if appropriate
|
|
25
|
+
*/
|
|
26
|
+
private checkForUpdates;
|
|
27
|
+
/**
|
|
28
|
+
* Try to install pending update if within maintenance window
|
|
29
|
+
*/
|
|
30
|
+
private tryInstallPendingUpdate;
|
|
31
|
+
/**
|
|
32
|
+
* Install the pending update
|
|
33
|
+
*/
|
|
34
|
+
private installUpdate;
|
|
35
|
+
/**
|
|
36
|
+
* Connect to vault WebSocket for real-time notifications
|
|
37
|
+
*/
|
|
38
|
+
private connectWebSocket;
|
|
39
|
+
/**
|
|
40
|
+
* Schedule WebSocket reconnection
|
|
41
|
+
*/
|
|
42
|
+
private scheduleReconnect;
|
|
43
|
+
/**
|
|
44
|
+
* Shutdown the daemon
|
|
45
|
+
*/
|
|
46
|
+
private shutdown;
|
|
47
|
+
}
|
|
48
|
+
//# sourceMappingURL=auto-update-daemon.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auto-update-daemon.d.ts","sourceRoot":"","sources":["../../src/services/auto-update-daemon.ts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,YAAY,EAAqC,MAAM,oBAAoB,CAAC;AA2D1F,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAe;IAC7B,OAAO,CAAC,OAAO,CAAyC;IACxD,OAAO,CAAC,EAAE,CAA0B;IACpC,OAAO,CAAC,UAAU,CAA+C;IACjE,OAAO,CAAC,cAAc,CAA8C;IACpE,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,aAAa,CAAmD;gBAE5D,MAAM,EAAE,YAAY;IAKhC;;OAEG;IACH,OAAO,CAAC,GAAG;IAIX;;OAEG;IACH,OAAO,CAAC,QAAQ;IAIhB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA+B5B;;OAEG;YACW,eAAe;IAgC7B;;OAEG;YACW,uBAAuB;IAiBrC;;OAEG;YACW,aAAa;IAkC3B;;OAEG;YACW,gBAAgB;IA4D9B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAgBzB;;OAEG;IACH,OAAO,CAAC,QAAQ;CA+BjB"}
|
|
@@ -0,0 +1,296 @@
|
|
|
1
|
+
// Path: znvault-cli/src/services/auto-update-daemon.ts
|
|
2
|
+
/**
|
|
3
|
+
* Auto-Update Daemon
|
|
4
|
+
*
|
|
5
|
+
* Background service that periodically checks for updates
|
|
6
|
+
* and installs them during configured maintenance windows.
|
|
7
|
+
* Supports WebSocket notifications from vault for real-time updates.
|
|
8
|
+
*/
|
|
9
|
+
import WebSocket from 'ws';
|
|
10
|
+
import { createUpdateChecker } from './update-checker.js';
|
|
11
|
+
import { createUpdateInstaller } from './update-installer.js';
|
|
12
|
+
import * as mode from '../lib/mode.js';
|
|
13
|
+
/**
|
|
14
|
+
* Get current version from package.json
|
|
15
|
+
*/
|
|
16
|
+
function getCurrentVersion() {
|
|
17
|
+
// This should match the implementation in update.ts
|
|
18
|
+
// In a real scenario, we'd share this utility
|
|
19
|
+
try {
|
|
20
|
+
const pkg = require('../../package.json');
|
|
21
|
+
return pkg.version || 'unknown';
|
|
22
|
+
}
|
|
23
|
+
catch {
|
|
24
|
+
return 'unknown';
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
/**
|
|
28
|
+
* Check if current time is within a maintenance window
|
|
29
|
+
*/
|
|
30
|
+
function isWithinMaintenanceWindow(window) {
|
|
31
|
+
const now = new Date();
|
|
32
|
+
// Parse window times
|
|
33
|
+
const [startHour, startMin] = window.start.split(':').map(Number);
|
|
34
|
+
const [endHour, endMin] = window.end.split(':').map(Number);
|
|
35
|
+
// Get current time in the specified timezone
|
|
36
|
+
let currentHour;
|
|
37
|
+
let currentMin;
|
|
38
|
+
try {
|
|
39
|
+
const formatter = new Intl.DateTimeFormat('en-US', {
|
|
40
|
+
timeZone: window.timezone,
|
|
41
|
+
hour: 'numeric',
|
|
42
|
+
minute: 'numeric',
|
|
43
|
+
hour12: false,
|
|
44
|
+
});
|
|
45
|
+
const parts = formatter.formatToParts(now);
|
|
46
|
+
currentHour = parseInt(parts.find(p => p.type === 'hour')?.value || '0', 10);
|
|
47
|
+
currentMin = parseInt(parts.find(p => p.type === 'minute')?.value || '0', 10);
|
|
48
|
+
}
|
|
49
|
+
catch {
|
|
50
|
+
// Fallback to local time
|
|
51
|
+
currentHour = now.getHours();
|
|
52
|
+
currentMin = now.getMinutes();
|
|
53
|
+
}
|
|
54
|
+
const currentTime = currentHour * 60 + currentMin;
|
|
55
|
+
const startTime = startHour * 60 + startMin;
|
|
56
|
+
const endTime = endHour * 60 + endMin;
|
|
57
|
+
// Handle windows that span midnight
|
|
58
|
+
if (endTime < startTime) {
|
|
59
|
+
return currentTime >= startTime || currentTime < endTime;
|
|
60
|
+
}
|
|
61
|
+
return currentTime >= startTime && currentTime < endTime;
|
|
62
|
+
}
|
|
63
|
+
export class AutoUpdateDaemon {
|
|
64
|
+
config;
|
|
65
|
+
checker;
|
|
66
|
+
ws = null;
|
|
67
|
+
checkTimer = null;
|
|
68
|
+
reconnectTimer = null;
|
|
69
|
+
isShuttingDown = false;
|
|
70
|
+
pendingUpdate = null;
|
|
71
|
+
constructor(config) {
|
|
72
|
+
this.config = config;
|
|
73
|
+
this.checker = createUpdateChecker(config.channel);
|
|
74
|
+
}
|
|
75
|
+
/**
|
|
76
|
+
* Log with timestamp
|
|
77
|
+
*/
|
|
78
|
+
log(message) {
|
|
79
|
+
console.log(`[${new Date().toISOString()}] [AutoUpdate] ${message}`);
|
|
80
|
+
}
|
|
81
|
+
/**
|
|
82
|
+
* Log error with timestamp
|
|
83
|
+
*/
|
|
84
|
+
logError(message) {
|
|
85
|
+
console.error(`[${new Date().toISOString()}] [AutoUpdate] ERROR: ${message}`);
|
|
86
|
+
}
|
|
87
|
+
/**
|
|
88
|
+
* Start the daemon
|
|
89
|
+
*/
|
|
90
|
+
async start() {
|
|
91
|
+
this.log('Starting auto-update daemon...');
|
|
92
|
+
this.log(`Channel: ${this.config.channel}`);
|
|
93
|
+
this.log(`Check interval: ${this.config.checkInterval / 60000} minutes`);
|
|
94
|
+
if (this.config.maintenanceWindow) {
|
|
95
|
+
this.log(`Maintenance window: ${this.config.maintenanceWindow.start}-${this.config.maintenanceWindow.end} ${this.config.maintenanceWindow.timezone}`);
|
|
96
|
+
}
|
|
97
|
+
else {
|
|
98
|
+
this.log('No maintenance window configured - updates allowed anytime');
|
|
99
|
+
}
|
|
100
|
+
// Initial check
|
|
101
|
+
await this.checkForUpdates();
|
|
102
|
+
// Start periodic checks
|
|
103
|
+
this.checkTimer = setInterval(() => {
|
|
104
|
+
this.checkForUpdates().catch(err => {
|
|
105
|
+
this.logError(`Check failed: ${err.message}`);
|
|
106
|
+
});
|
|
107
|
+
}, this.config.checkInterval);
|
|
108
|
+
// Connect to vault WebSocket if URL configured
|
|
109
|
+
if (this.config.vaultUrl) {
|
|
110
|
+
await this.connectWebSocket();
|
|
111
|
+
}
|
|
112
|
+
// Handle shutdown signals
|
|
113
|
+
process.on('SIGINT', () => this.shutdown());
|
|
114
|
+
process.on('SIGTERM', () => this.shutdown());
|
|
115
|
+
}
|
|
116
|
+
/**
|
|
117
|
+
* Check for updates and install if appropriate
|
|
118
|
+
*/
|
|
119
|
+
async checkForUpdates() {
|
|
120
|
+
this.log('Checking for updates...');
|
|
121
|
+
try {
|
|
122
|
+
const currentVersion = getCurrentVersion();
|
|
123
|
+
const result = await this.checker.checkForUpdates(currentVersion);
|
|
124
|
+
if (result.error) {
|
|
125
|
+
this.logError(result.error);
|
|
126
|
+
return;
|
|
127
|
+
}
|
|
128
|
+
if (!result.updateAvailable) {
|
|
129
|
+
this.log(`Up to date (${currentVersion})`);
|
|
130
|
+
return;
|
|
131
|
+
}
|
|
132
|
+
this.log(`Update available: ${currentVersion} -> ${result.latestVersion}`);
|
|
133
|
+
// Store pending update
|
|
134
|
+
this.pendingUpdate = {
|
|
135
|
+
version: result.latestVersion,
|
|
136
|
+
artifact: result.artifact,
|
|
137
|
+
};
|
|
138
|
+
// Check if we can install now
|
|
139
|
+
await this.tryInstallPendingUpdate();
|
|
140
|
+
}
|
|
141
|
+
catch (err) {
|
|
142
|
+
this.logError(`Check failed: ${err instanceof Error ? err.message : String(err)}`);
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
/**
|
|
146
|
+
* Try to install pending update if within maintenance window
|
|
147
|
+
*/
|
|
148
|
+
async tryInstallPendingUpdate() {
|
|
149
|
+
if (!this.pendingUpdate) {
|
|
150
|
+
return;
|
|
151
|
+
}
|
|
152
|
+
// Check maintenance window
|
|
153
|
+
if (this.config.maintenanceWindow) {
|
|
154
|
+
if (!isWithinMaintenanceWindow(this.config.maintenanceWindow)) {
|
|
155
|
+
this.log('Outside maintenance window - update deferred');
|
|
156
|
+
return;
|
|
157
|
+
}
|
|
158
|
+
this.log('Within maintenance window - proceeding with update');
|
|
159
|
+
}
|
|
160
|
+
await this.installUpdate();
|
|
161
|
+
}
|
|
162
|
+
/**
|
|
163
|
+
* Install the pending update
|
|
164
|
+
*/
|
|
165
|
+
async installUpdate() {
|
|
166
|
+
if (!this.pendingUpdate) {
|
|
167
|
+
return;
|
|
168
|
+
}
|
|
169
|
+
const { version, artifact } = this.pendingUpdate;
|
|
170
|
+
this.log(`Installing update to version ${version}...`);
|
|
171
|
+
const progressHandler = (progress) => {
|
|
172
|
+
this.log(`${progress.stage}: ${progress.message}`);
|
|
173
|
+
};
|
|
174
|
+
try {
|
|
175
|
+
const installer = createUpdateInstaller(this.config.installPath, progressHandler);
|
|
176
|
+
// Check permissions
|
|
177
|
+
const { canInstall, reason } = installer.canInstall();
|
|
178
|
+
if (!canInstall) {
|
|
179
|
+
this.logError(`Cannot install: ${reason}`);
|
|
180
|
+
return;
|
|
181
|
+
}
|
|
182
|
+
await installer.install(artifact, version);
|
|
183
|
+
this.log(`Successfully updated to version ${version}`);
|
|
184
|
+
this.pendingUpdate = null;
|
|
185
|
+
// Save last known version
|
|
186
|
+
this.checker.saveLastKnownVersion(version);
|
|
187
|
+
}
|
|
188
|
+
catch (err) {
|
|
189
|
+
this.logError(`Installation failed: ${err instanceof Error ? err.message : String(err)}`);
|
|
190
|
+
}
|
|
191
|
+
}
|
|
192
|
+
/**
|
|
193
|
+
* Connect to vault WebSocket for real-time notifications
|
|
194
|
+
*/
|
|
195
|
+
async connectWebSocket() {
|
|
196
|
+
if (!this.config.vaultUrl || this.isShuttingDown) {
|
|
197
|
+
return;
|
|
198
|
+
}
|
|
199
|
+
try {
|
|
200
|
+
const wsUrl = this.config.vaultUrl
|
|
201
|
+
.replace(/^https?:/, 'wss:')
|
|
202
|
+
.replace(/\/$/, '') + '/v1/ws/agent-updates';
|
|
203
|
+
this.log(`Connecting to ${wsUrl}...`);
|
|
204
|
+
// Get auth headers if available
|
|
205
|
+
let headers = {};
|
|
206
|
+
try {
|
|
207
|
+
headers = await mode.getAuthHeaders();
|
|
208
|
+
}
|
|
209
|
+
catch {
|
|
210
|
+
// No auth available
|
|
211
|
+
}
|
|
212
|
+
this.ws = new WebSocket(wsUrl, {
|
|
213
|
+
headers,
|
|
214
|
+
rejectUnauthorized: false, // Allow self-signed certs
|
|
215
|
+
});
|
|
216
|
+
this.ws.on('open', () => {
|
|
217
|
+
this.log('Connected to vault WebSocket');
|
|
218
|
+
});
|
|
219
|
+
this.ws.on('message', async (data) => {
|
|
220
|
+
try {
|
|
221
|
+
const msg = JSON.parse(data.toString());
|
|
222
|
+
if (msg.type === 'event' && msg.data?.event === 'agent.update.available') {
|
|
223
|
+
this.log(`Received update notification: ${msg.data.version}`);
|
|
224
|
+
// Trigger immediate check
|
|
225
|
+
await this.checkForUpdates();
|
|
226
|
+
}
|
|
227
|
+
else if (msg.type === 'pong') {
|
|
228
|
+
// Heartbeat response
|
|
229
|
+
}
|
|
230
|
+
}
|
|
231
|
+
catch (err) {
|
|
232
|
+
this.logError(`Failed to parse message: ${err}`);
|
|
233
|
+
}
|
|
234
|
+
});
|
|
235
|
+
this.ws.on('close', () => {
|
|
236
|
+
this.log('WebSocket disconnected');
|
|
237
|
+
this.ws = null;
|
|
238
|
+
this.scheduleReconnect();
|
|
239
|
+
});
|
|
240
|
+
this.ws.on('error', (err) => {
|
|
241
|
+
this.logError(`WebSocket error: ${err.message}`);
|
|
242
|
+
});
|
|
243
|
+
}
|
|
244
|
+
catch (err) {
|
|
245
|
+
this.logError(`Failed to connect: ${err instanceof Error ? err.message : String(err)}`);
|
|
246
|
+
this.scheduleReconnect();
|
|
247
|
+
}
|
|
248
|
+
}
|
|
249
|
+
/**
|
|
250
|
+
* Schedule WebSocket reconnection
|
|
251
|
+
*/
|
|
252
|
+
scheduleReconnect() {
|
|
253
|
+
if (this.isShuttingDown || !this.config.vaultUrl) {
|
|
254
|
+
return;
|
|
255
|
+
}
|
|
256
|
+
if (this.reconnectTimer) {
|
|
257
|
+
return; // Already scheduled
|
|
258
|
+
}
|
|
259
|
+
this.log('Reconnecting in 30 seconds...');
|
|
260
|
+
this.reconnectTimer = setTimeout(() => {
|
|
261
|
+
this.reconnectTimer = null;
|
|
262
|
+
this.connectWebSocket();
|
|
263
|
+
}, 30000);
|
|
264
|
+
}
|
|
265
|
+
/**
|
|
266
|
+
* Shutdown the daemon
|
|
267
|
+
*/
|
|
268
|
+
shutdown() {
|
|
269
|
+
if (this.isShuttingDown) {
|
|
270
|
+
return;
|
|
271
|
+
}
|
|
272
|
+
this.isShuttingDown = true;
|
|
273
|
+
this.log('Shutting down...');
|
|
274
|
+
// Clear timers
|
|
275
|
+
if (this.checkTimer) {
|
|
276
|
+
clearInterval(this.checkTimer);
|
|
277
|
+
this.checkTimer = null;
|
|
278
|
+
}
|
|
279
|
+
if (this.reconnectTimer) {
|
|
280
|
+
clearTimeout(this.reconnectTimer);
|
|
281
|
+
this.reconnectTimer = null;
|
|
282
|
+
}
|
|
283
|
+
// Close WebSocket
|
|
284
|
+
if (this.ws) {
|
|
285
|
+
try {
|
|
286
|
+
this.ws.close(1000, 'Daemon shutdown');
|
|
287
|
+
}
|
|
288
|
+
catch {
|
|
289
|
+
// Ignore
|
|
290
|
+
}
|
|
291
|
+
this.ws = null;
|
|
292
|
+
}
|
|
293
|
+
process.exit(0);
|
|
294
|
+
}
|
|
295
|
+
}
|
|
296
|
+
//# sourceMappingURL=auto-update-daemon.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auto-update-daemon.js","sourceRoot":"","sources":["../../src/services/auto-update-daemon.ts"],"names":[],"mappings":"AAAA,uDAAuD;AAEvD;;;;;;GAMG;AAEH,OAAO,SAAS,MAAM,IAAI,CAAC;AAC3B,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAE9D,OAAO,KAAK,IAAI,MAAM,gBAAgB,CAAC;AAEvC;;GAEG;AACH,SAAS,iBAAiB;IACxB,oDAAoD;IACpD,8CAA8C;IAC9C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;QAC1C,OAAO,GAAG,CAAC,OAAO,IAAI,SAAS,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAAC,MAAyB;IAC1D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IAEvB,qBAAqB;IACrB,MAAM,CAAC,SAAS,EAAE,QAAQ,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAClE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAE5D,6CAA6C;IAC7C,IAAI,WAAmB,CAAC;IACxB,IAAI,UAAkB,CAAC;IAEvB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE;YACjD,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,IAAI,EAAE,SAAS;YACf,MAAM,EAAE,SAAS;YACjB,MAAM,EAAE,KAAK;SACd,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,SAAS,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;QAC3C,WAAW,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,EAAE,KAAK,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;QAC7E,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,EAAE,KAAK,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;IAChF,CAAC;IAAC,MAAM,CAAC;QACP,yBAAyB;QACzB,WAAW,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC7B,UAAU,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC;IAChC,CAAC;IAED,MAAM,WAAW,GAAG,WAAW,GAAG,EAAE,GAAG,UAAU,CAAC;IAClD,MAAM,SAAS,GAAG,SAAS,GAAG,EAAE,GAAG,QAAQ,CAAC;IAC5C,MAAM,OAAO,GAAG,OAAO,GAAG,EAAE,GAAG,MAAM,CAAC;IAEtC,oCAAoC;IACpC,IAAI,OAAO,GAAG,SAAS,EAAE,CAAC;QACxB,OAAO,WAAW,IAAI,SAAS,IAAI,WAAW,GAAG,OAAO,CAAC;IAC3D,CAAC;IAED,OAAO,WAAW,IAAI,SAAS,IAAI,WAAW,GAAG,OAAO,CAAC;AAC3D,CAAC;AAED,MAAM,OAAO,gBAAgB;IACnB,MAAM,CAAe;IACrB,OAAO,CAAyC;IAChD,EAAE,GAAqB,IAAI,CAAC;IAC5B,UAAU,GAA0C,IAAI,CAAC;IACzD,cAAc,GAAyC,IAAI,CAAC;IAC5D,cAAc,GAAG,KAAK,CAAC;IACvB,aAAa,GAA8C,IAAI,CAAC;IAExE,YAAY,MAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,OAAO,GAAG,mBAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACK,GAAG,CAAC,OAAe;QACzB,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,kBAAkB,OAAO,EAAE,CAAC,CAAC;IACvE,CAAC;IAED;;OAEG;IACK,QAAQ,CAAC,OAAe;QAC9B,OAAO,CAAC,KAAK,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,yBAAyB,OAAO,EAAE,CAAC,CAAC;IAChF,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;QAC3C,IAAI,CAAC,GAAG,CAAC,YAAY,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;QAC5C,IAAI,CAAC,GAAG,CAAC,mBAAmB,IAAI,CAAC,MAAM,CAAC,aAAa,GAAG,KAAK,UAAU,CAAC,CAAC;QAEzE,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAClC,IAAI,CAAC,GAAG,CAAC,uBAAuB,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxJ,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;QACzE,CAAC;QAED,gBAAgB;QAChB,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE7B,wBAAwB;QACxB,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE;YACjC,IAAI,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;gBACjC,IAAI,CAAC,QAAQ,CAAC,iBAAiB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YAChD,CAAC,CAAC,CAAC;QACL,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAE9B,+CAA+C;QAC/C,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACzB,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAChC,CAAC;QAED,0BAA0B;QAC1B,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,eAAe;QAC3B,IAAI,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QAEpC,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,iBAAiB,EAAE,CAAC;YAC3C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;YAElE,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;gBACjB,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC5B,OAAO;YACT,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;gBAC5B,IAAI,CAAC,GAAG,CAAC,eAAe,cAAc,GAAG,CAAC,CAAC;gBAC3C,OAAO;YACT,CAAC;YAED,IAAI,CAAC,GAAG,CAAC,qBAAqB,cAAc,OAAO,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC;YAE3E,uBAAuB;YACvB,IAAI,CAAC,aAAa,GAAG;gBACnB,OAAO,EAAE,MAAM,CAAC,aAAa;gBAC7B,QAAQ,EAAE,MAAM,CAAC,QAAQ;aAC1B,CAAC;YAEF,8BAA8B;YAC9B,MAAM,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,QAAQ,CAAC,iBAAiB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,uBAAuB;QACnC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,OAAO;QACT,CAAC;QAED,2BAA2B;QAC3B,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAClC,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBAC9D,IAAI,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;gBACzD,OAAO;YACT,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;IAC7B,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,aAAa;QACzB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,OAAO;QACT,CAAC;QAED,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC;QACjD,IAAI,CAAC,GAAG,CAAC,gCAAgC,OAAO,KAAK,CAAC,CAAC;QAEvD,MAAM,eAAe,GAAG,CAAC,QAAwB,EAAE,EAAE;YACnD,IAAI,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;QACrD,CAAC,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC;YAElF,oBAAoB;YACpB,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC,UAAU,EAAE,CAAC;YACtD,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,IAAI,CAAC,QAAQ,CAAC,mBAAmB,MAAM,EAAE,CAAC,CAAC;gBAC3C,OAAO;YACT,CAAC;YAED,MAAM,SAAS,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAE3C,IAAI,CAAC,GAAG,CAAC,mCAAmC,OAAO,EAAE,CAAC,CAAC;YACvD,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAE1B,0BAA0B;YAC1B,IAAI,CAAC,OAAO,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,QAAQ,CAAC,wBAAwB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC5F,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,gBAAgB;QAC5B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACjD,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;iBAC/B,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC;iBAC3B,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,sBAAsB,CAAC;YAE/C,IAAI,CAAC,GAAG,CAAC,iBAAiB,KAAK,KAAK,CAAC,CAAC;YAEtC,gCAAgC;YAChC,IAAI,OAAO,GAA2B,EAAE,CAAC;YACzC,IAAI,CAAC;gBACH,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YACxC,CAAC;YAAC,MAAM,CAAC;gBACP,oBAAoB;YACtB,CAAC;YAED,IAAI,CAAC,EAAE,GAAG,IAAI,SAAS,CAAC,KAAK,EAAE;gBAC7B,OAAO;gBACP,kBAAkB,EAAE,KAAK,EAAE,0BAA0B;aACtD,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE;gBACtB,IAAI,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAC3C,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBACnC,IAAI,CAAC;oBACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;oBAExC,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,IAAI,GAAG,CAAC,IAAI,EAAE,KAAK,KAAK,wBAAwB,EAAE,CAAC;wBACzE,IAAI,CAAC,GAAG,CAAC,iCAAiC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;wBAC9D,0BAA0B;wBAC1B,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;oBAC/B,CAAC;yBAAM,IAAI,GAAG,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;wBAC/B,qBAAqB;oBACvB,CAAC;gBACH,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,IAAI,CAAC,QAAQ,CAAC,4BAA4B,GAAG,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBACvB,IAAI,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;gBACnC,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC;gBACf,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC1B,IAAI,CAAC,QAAQ,CAAC,oBAAoB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YACnD,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,QAAQ,CAAC,sBAAsB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACxF,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC3B,CAAC;IACH,CAAC;IAED;;OAEG;IACK,iBAAiB;QACvB,IAAI,IAAI,CAAC,cAAc,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACjD,OAAO;QACT,CAAC;QAED,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,OAAO,CAAC,oBAAoB;QAC9B,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;QAC1C,IAAI,CAAC,cAAc,GAAG,UAAU,CAAC,GAAG,EAAE;YACpC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;YAC3B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC1B,CAAC,EAAE,KAAK,CAAC,CAAC;IACZ,CAAC;IAED;;OAEG;IACK,QAAQ;QACd,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,OAAO;QACT,CAAC;QAED,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC3B,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAE7B,eAAe;QACf,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACzB,CAAC;QAED,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAClC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,kBAAkB;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;YACzC,CAAC;YAAC,MAAM,CAAC;gBACP,SAAS;YACX,CAAC;YACD,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC;QACjB,CAAC;QAED,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;CACF"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
export declare class SignatureVerifier {
|
|
2
|
+
private publicKeyArmored;
|
|
3
|
+
private publicKeyFetched;
|
|
4
|
+
/**
|
|
5
|
+
* Verify SHA256 checksum of a file
|
|
6
|
+
*/
|
|
7
|
+
verifyChecksum(filePath: string, expectedSha256: string): boolean;
|
|
8
|
+
/**
|
|
9
|
+
* Calculate SHA256 checksum of a file
|
|
10
|
+
*/
|
|
11
|
+
calculateChecksum(filePath: string): string;
|
|
12
|
+
/**
|
|
13
|
+
* Fetch the public key from S3
|
|
14
|
+
*/
|
|
15
|
+
private fetchPublicKey;
|
|
16
|
+
/**
|
|
17
|
+
* Get the public key for verification
|
|
18
|
+
* Tries to fetch from S3, falls back to embedded key
|
|
19
|
+
*/
|
|
20
|
+
private getPublicKey;
|
|
21
|
+
/**
|
|
22
|
+
* Verify GPG signature of a file
|
|
23
|
+
*
|
|
24
|
+
* @param filePath - Path to the file to verify
|
|
25
|
+
* @param signatureBase64 - Base64-encoded detached signature
|
|
26
|
+
* @returns true if signature is valid
|
|
27
|
+
*/
|
|
28
|
+
verifySignature(filePath: string, signatureBase64: string): Promise<boolean>;
|
|
29
|
+
/**
|
|
30
|
+
* Verify both checksum and signature
|
|
31
|
+
*/
|
|
32
|
+
verifyArtifact(filePath: string, expectedSha256: string, signatureBase64: string): Promise<{
|
|
33
|
+
valid: boolean;
|
|
34
|
+
error?: string;
|
|
35
|
+
}>;
|
|
36
|
+
}
|
|
37
|
+
export declare function getSignatureVerifier(): SignatureVerifier;
|
|
38
|
+
//# sourceMappingURL=signature-verifier.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"signature-verifier.d.ts","sourceRoot":"","sources":["../../src/services/signature-verifier.ts"],"names":[],"mappings":"AAwFA,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,gBAAgB,CAAuB;IAC/C,OAAO,CAAC,gBAAgB,CAAS;IAEjC;;OAEG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO;IAMjE;;OAEG;IACH,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAK3C;;OAEG;YACW,cAAc;IAyB5B;;;OAGG;YACW,YAAY;IAc1B;;;;;;OAMG;IACG,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA2ClF;;OAEG;IACG,cAAc,CAClB,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,MAAM,EACtB,eAAe,EAAE,MAAM,GACtB,OAAO,CAAC;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAc/C;AAKD,wBAAgB,oBAAoB,IAAI,iBAAiB,CAKxD"}
|