berget 0.0.2 → 0.0.4

package/src/client.ts

@@ -0,0 +1,123 @@
+import createClient from 'openapi-fetch';
+import type { paths } from './types/api';
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+import chalk from 'chalk';
+
+// Configuration directory
+const CONFIG_DIR = path.join(os.homedir(), '.berget');
+const TOKEN_FILE = path.join(CONFIG_DIR, 'token.json');
+
+// API Base URL
+// Use --local flag to test against local API
+const isLocalMode = process.argv.includes('--local');
+const API_BASE_URL = process.env.BERGET_API_URL || 
+                    (isLocalMode ? 'http://localhost:3000' : 'https://api.berget.ai');
+
+if (isLocalMode && !process.env.BERGET_API_URL) {
+  console.log(chalk.yellow('Using local API endpoint: http://localhost:3000'));
+}
+
+// Create a typed client for the Berget API
+export const apiClient = createClient<paths>({
+  baseUrl: API_BASE_URL,
+  headers: {
+    'Content-Type': 'application/json',
+    'Accept': 'application/json'
+  }
+});
+
+// Authentication functions
+export const getAuthToken = (): string | null => {
+  try {
+    if (fs.existsSync(TOKEN_FILE)) {
+      const tokenData = JSON.parse(fs.readFileSync(TOKEN_FILE, 'utf8'));
+      return tokenData.accessToken;
+    }
+  } catch (error) {
+    console.error('Error reading auth token:', error);
+  }
+  return null;
+};
+
+// Check if token is expired (JWT tokens have an exp claim)
+export const isTokenExpired = (token: string): boolean => {
+  try {
+    const base64Url = token.split('.')[1];
+    const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
+    const jsonPayload = decodeURIComponent(
+      atob(base64)
+        .split('')
+        .map(c => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2))
+        .join('')
+    );
+    const payload = JSON.parse(jsonPayload);
+    
+    // Check if token has expired
+    if (payload.exp) {
+      return payload.exp * 1000 < Date.now();
+    }
+  } catch (error) {
+    // If we can't decode the token, assume it's expired
+    return true;
+  }
+  
+  // If there's no exp claim, assume it's valid
+  return false;
+};
+
+export const saveAuthToken = (token: string): void => {
+  try {
+    if (!fs.existsSync(CONFIG_DIR)) {
+      fs.mkdirSync(CONFIG_DIR, { recursive: true });
+    }
+    fs.writeFileSync(TOKEN_FILE, JSON.stringify({ accessToken: token }), 'utf8');
+    // Set file permissions to be readable only by the owner
+    fs.chmodSync(TOKEN_FILE, 0o600);
+  } catch (error) {
+    console.error('Error saving auth token:', error);
+  }
+};
+
+export const clearAuthToken = (): void => {
+  try {
+    if (fs.existsSync(TOKEN_FILE)) {
+      fs.unlinkSync(TOKEN_FILE);
+    }
+  } catch (error) {
+    console.error('Error clearing auth token:', error);
+  }
+};
+
+// Create an authenticated client
+export const createAuthenticatedClient = () => {
+  const token = getAuthToken();
+  
+  if (!token) {
+    console.warn(chalk.yellow('No authentication token found. Please run `berget login` first.'));
+  } else if (isTokenExpired(token)) {
+    console.warn(chalk.yellow('Your authentication token has expired. Please run `berget login` to get a new token.'));
+    // Optionally clear the expired token
+    clearAuthToken();
+    return createClient<paths>({
+      baseUrl: API_BASE_URL,
+      headers: {
+        'Content-Type': 'application/json',
+        'Accept': 'application/json'
+      }
+    });
+  }
+  
+  return createClient<paths>({
+    baseUrl: API_BASE_URL,
+    headers: token ? { 
+      'Authorization': `Bearer ${token}`,
+      'Content-Type': 'application/json',
+      'Accept': 'application/json'
+    } : {
+      'Content-Type': 'application/json',
+      'Accept': 'application/json'
+    },
+  });
+};

package/src/services/api-key-service.ts

@@ -0,0 +1,114 @@
+import { createAuthenticatedClient } from '../client'
+import { handleError } from '../utils/error-handler'
+
+export interface ApiKey {
+  id: number
+  name: string
+  description: string | null
+  created: string
+  lastUsed: string | null
+  prefix: string
+  active: boolean
+  modified: string
+}
+
+export interface CreateApiKeyOptions {
+  name: string
+  description?: string
+}
+
+export interface ApiKeyResponse {
+  id: number
+  name: string
+  description: string | null
+  key: string
+  created: string
+}
+
+export class ApiKeyService {
+  private static instance: ApiKeyService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): ApiKeyService {
+    if (!ApiKeyService.instance) {
+      ApiKeyService.instance = new ApiKeyService()
+    }
+    return ApiKeyService.instance
+  }
+
+  public async listApiKeys(): Promise<ApiKey[]> {
+    try {
+      const { data, error } = await this.client.GET('/v1/api-keys')
+      if (error) {
+        // Check if this is an authentication error
+        const errorObj = typeof error === 'string' ? JSON.parse(error) : error;
+        if (errorObj.status === 401) {
+          throw new Error(JSON.stringify({
+            error: "Authentication failed. Your session may have expired.",
+            code: "AUTH_FAILED",
+            details: "Please run 'berget login' to authenticate again."
+          }))
+        }
+        throw new Error(JSON.stringify(error))
+      }
+      return data || []
+    } catch (error) {
+      handleError('Failed to list API keys', error)
+      throw error
+    }
+  }
+
+  public async createApiKey(options: CreateApiKeyOptions): Promise<ApiKeyResponse> {
+    try {
+      const { data, error } = await this.client.POST('/v1/api-keys', {
+        body: options
+      })
+      if (error) throw new Error(JSON.stringify(error))
+      return data!
+    } catch (error) {
+      console.error('Failed to create API key:', error)
+      throw error
+    }
+  }
+
+  public async deleteApiKey(id: string): Promise<boolean> {
+    try {
+      const { error } = await this.client.DELETE('/v1/api-keys/{id}', {
+        params: { path: { id } }
+      })
+      if (error) throw new Error(JSON.stringify(error))
+      return true
+    } catch (error) {
+      console.error('Failed to delete API key:', error)
+      throw error
+    }
+  }
+
+  public async rotateApiKey(id: string): Promise<ApiKeyResponse> {
+    try {
+      const { data, error } = await this.client.PUT('/v1/api-keys/{id}/rotate', {
+        params: { path: { id } }
+      })
+      if (error) throw new Error(JSON.stringify(error))
+      return data!
+    } catch (error) {
+      console.error('Failed to rotate API key:', error)
+      throw error
+    }
+  }
+
+  public async getApiKeyUsage(id: string): Promise<any> {
+    try {
+      const { data, error } = await this.client.GET('/v1/api-keys/{id}/usage', {
+        params: { path: { id } }
+      })
+      if (error) throw new Error(JSON.stringify(error))
+      return data
+    } catch (error) {
+      console.error('Failed to get API key usage:', error)
+      throw error
+    }
+  }
+}

package/src/services/auth-service.ts

@@ -0,0 +1,159 @@
+import { createAuthenticatedClient, saveAuthToken, clearAuthToken, apiClient } from '../client'
+import open from 'open'
+import chalk from 'chalk'
+import { handleError } from '../utils/error-handler'
+
+export class AuthService {
+  private static instance: AuthService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): AuthService {
+    if (!AuthService.instance) {
+      AuthService.instance = new AuthService()
+    }
+    return AuthService.instance
+  }
+
+  public async login(): Promise<boolean> {
+    try {
+      // Clear any existing token to ensure a fresh login
+      clearAuthToken()
+      
+      console.log(chalk.blue('Initiating login process...'))
+
+      // Step 1: Initiate device authorization
+      const { data: deviceData, error: deviceError } = await apiClient.POST('/v1/auth/device', {})
+      
+      if (deviceError || !deviceData) {
+        throw new Error(deviceError ? JSON.stringify(deviceError) : 'Failed to get device authorization data')
+      }
+      
+      // Display information to user
+      console.log(chalk.cyan('\nTo complete login:'))
+      console.log(chalk.cyan(`1. Open this URL: ${chalk.bold(deviceData.verification_url || 'https://auth.berget.ai/device')}`))
+      console.log(chalk.cyan(`2. Enter this code: ${chalk.bold(deviceData.user_code || '')}\n`))
+      
+      // Try to open browser automatically
+      try {
+        if (deviceData.verification_url) {
+          await open(deviceData.verification_url)
+          console.log(chalk.dim('Browser opened automatically. If it didn\'t open, please use the URL above.'))
+        }
+      } catch (error) {
+        console.log(chalk.yellow('Could not open browser automatically. Please open the URL manually.'))
+      }
+      
+      console.log(chalk.dim('\nWaiting for authentication to complete...'))
+      
+      // Step 2: Poll for completion
+      const startTime = Date.now()
+      const expiresIn = deviceData.expires_in !== undefined ? deviceData.expires_in : 900
+      const expiresAt = startTime + (expiresIn * 1000)
+      let pollInterval = (deviceData.interval || 5) * 1000
+      
+      const spinner = ['⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏']
+      let spinnerIdx = 0
+      
+      while (Date.now() < expiresAt) {
+        // Wait for the polling interval
+        await new Promise(resolve => setTimeout(resolve, pollInterval))
+        
+        // Update spinner
+        process.stdout.write(`\r${chalk.blue(spinner[spinnerIdx])} Waiting for authentication...`)
+        spinnerIdx = (spinnerIdx + 1) % spinner.length
+        
+        // Check if authentication is complete
+        const deviceCode = deviceData.device_code || ''
+        const { data: tokenData, error: tokenError } = await apiClient.POST('/v1/auth/device/token', {
+          body: {
+            device_code: deviceCode
+          }
+        })
+        
+        if (tokenError) {
+          // Parse the error to get status and other details
+          const errorObj = typeof tokenError === 'string' 
+            ? JSON.parse(tokenError) 
+            : tokenError;
+          
+          const status = errorObj.status || 0;
+          const errorCode = errorObj.code || '';
+          
+          if (status === 401 || errorCode === 'AUTHORIZATION_PENDING') {
+            // Still waiting for user to complete authorization
+            continue
+          } else if (status === 429) {
+            // Slow down
+            pollInterval *= 2
+            continue
+          } else if (status === 400) {
+            // Error or expired
+            if (errorCode === 'EXPIRED_TOKEN') {
+              console.log(chalk.red('\n\nAuthentication timed out. Please try again.'))
+            } else if (errorCode !== 'AUTHORIZATION_PENDING') {
+              // Only show error if it's not the expected "still waiting" error
+              const errorMessage = errorObj.message || JSON.stringify(errorObj);
+              console.log(chalk.red(`\n\nError: ${errorMessage}`))
+              return false
+            } else {
+              // If it's AUTHORIZATION_PENDING, continue polling
+              continue
+            }
+            return false
+          } else {
+            // For any other error, log it but continue polling
+            // This makes the flow more resilient to temporary issues
+            if (process.env.DEBUG) {
+              console.log(chalk.yellow(`\n\nReceived error: ${JSON.stringify(errorObj)}`))
+              console.log(chalk.yellow('Continuing to wait for authentication...'))
+              process.stdout.write(`\r${chalk.blue(spinner[spinnerIdx])} Waiting for authentication...`)
+            }
+            continue
+          }
+        } else if (tokenData && tokenData.token) {
+          // Success!
+          saveAuthToken(tokenData.token)
+          
+          process.stdout.write('\r' + ' '.repeat(50) + '\r') // Clear the spinner line
+          console.log(chalk.green('✓ Successfully logged in to Berget'))
+          
+          if (tokenData.user) {
+            const user = tokenData.user as any
+            console.log(chalk.green(`Logged in as ${user.name || user.email || 'User'}`))
+          }
+          
+          return true
+        }
+      }
+      
+      console.log(chalk.red('\n\nAuthentication timed out. Please try again.'))
+      return false
+    } catch (error) {
+      handleError('Login failed', error)
+      return false
+    }
+  }
+
+  public async isAuthenticated(): Promise<boolean> {
+    try {
+      // Call an API endpoint that requires authentication
+      const { data, error } = await this.client.GET('/v1/users/me')
+      return !!data && !error
+    } catch {
+      return false
+    }
+  }
+  
+  public async getUserProfile() {
+    try {
+      const { data, error } = await this.client.GET('/v1/users/me')
+      if (error) throw new Error(JSON.stringify(error))
+      return data
+    } catch (error) {
+      handleError('Failed to get user profile', error)
+      throw error
+    }
+  }
+}

package/src/services/cluster-service.ts

@@ -0,0 +1,50 @@
+import { createAuthenticatedClient } from '../client'
+
+export interface Cluster {
+  id: string
+  name: string
+  status: string
+  nodes: number
+  created: string
+}
+
+export class ClusterService {
+  private static instance: ClusterService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): ClusterService {
+    if (!ClusterService.instance) {
+      ClusterService.instance = new ClusterService()
+    }
+    return ClusterService.instance
+  }
+
+  public async getClusterUsage(clusterId: string): Promise<any> {
+    try {
+      const { data, error } = await this.client.GET(
+        '/v1/clusters/{clusterId}/usage',
+        {
+          params: { path: { clusterId } },
+        }
+      )
+      if (error) throw new Error(JSON.stringify(error))
+      return data
+    } catch (error) {
+      console.error('Failed to get cluster usage:', error)
+      throw error
+    }
+  }
+
+  public async listClusters(): Promise<Cluster[]> {
+    try {
+      const { data, error } = await this.client.GET('/v1/clusters')
+      if (error) throw new Error(JSON.stringify(error))
+      return data?.data || []
+    } catch (error) {
+      console.error('Failed to list clusters:', error)
+      throw error
+    }
+  }
+}

package/src/services/collaborator-service.ts

@@ -0,0 +1,34 @@
+import { createAuthenticatedClient } from '../client'
+
+export interface Collaborator {
+  username: string
+  role: string
+  status: string
+}
+
+export class CollaboratorService {
+  private static instance: CollaboratorService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): CollaboratorService {
+    if (!CollaboratorService.instance) {
+      CollaboratorService.instance = new CollaboratorService()
+    }
+    return CollaboratorService.instance
+  }
+
+  // This endpoint is not available in the API
+  public async addCollaborator(
+    clusterId: string,
+    githubUsername: string
+  ): Promise<Collaborator[]> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async listCollaborators(clusterId: string): Promise<Collaborator[]> {
+    throw new Error('This functionality is not available in the API')
+  }
+}

package/src/services/flux-service.ts

@@ -0,0 +1,37 @@
+import { createAuthenticatedClient } from '../client'
+
+export interface FluxInstallOptions {
+  cluster: string
+}
+
+export interface FluxBootstrapOptions {
+  provider: string
+  owner?: string
+  repository?: string
+  path?: string
+  personal?: boolean
+}
+
+export class FluxService {
+  private static instance: FluxService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): FluxService {
+    if (!FluxService.instance) {
+      FluxService.instance = new FluxService()
+    }
+    return FluxService.instance
+  }
+
+  // This endpoint is not available in the API
+  public async installFlux(options: FluxInstallOptions): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async bootstrapFlux(options: FluxBootstrapOptions): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+}

package/src/services/helm-service.ts

@@ -0,0 +1,37 @@
+import { createAuthenticatedClient } from '../client'
+
+export interface HelmRepoAddOptions {
+  name: string
+  url: string
+}
+
+export interface HelmInstallOptions {
+  name: string
+  chart: string
+  namespace?: string
+  values?: Record<string, string>
+}
+
+export class HelmService {
+  private static instance: HelmService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): HelmService {
+    if (!HelmService.instance) {
+      HelmService.instance = new HelmService()
+    }
+    return HelmService.instance
+  }
+
+  // This endpoint is not available in the API
+  public async addRepo(options: HelmRepoAddOptions): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async installChart(options: HelmInstallOptions): Promise<any> {
+    throw new Error('This functionality is not available in the API')
+  }
+}

package/src/services/kubectl-service.ts

@@ -0,0 +1,33 @@
+import { createAuthenticatedClient } from '../client'
+
+export class KubectlService {
+  private static instance: KubectlService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): KubectlService {
+    if (!KubectlService.instance) {
+      KubectlService.instance = new KubectlService()
+    }
+    return KubectlService.instance
+  }
+
+  // This endpoint is not available in the API
+  public async createNamespace(name: string): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async applyConfiguration(filename: string): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async getResources(
+    resource: string,
+    namespace?: string
+  ): Promise<any[]> {
+    throw new Error('This functionality is not available in the API')
+  }
+}