berget 0.0.3 → 0.1.0

package/src/client.ts

@@ -0,0 +1,133 @@
+import createClient from 'openapi-fetch'
+import type { paths } from './types/api'
+import * as fs from 'fs'
+import * as path from 'path'
+import * as os from 'os'
+import chalk from 'chalk'
+
+// Configuration directory
+const CONFIG_DIR = path.join(os.homedir(), '.berget')
+const TOKEN_FILE = path.join(CONFIG_DIR, 'token.json')
+
+// API Base URL
+// Use --local flag to test against local API
+const isLocalMode = process.argv.includes('--local')
+const API_BASE_URL =
+  process.env.BERGET_API_URL ||
+  (isLocalMode ? 'http://localhost:3000' : 'https://api.berget.ai')
+
+if (isLocalMode && !process.env.BERGET_API_URL) {
+  console.log(chalk.yellow('Using local API endpoint: http://localhost:3000'))
+}
+
+// Create a typed client for the Berget API
+export const apiClient = createClient<paths>({
+  baseUrl: API_BASE_URL,
+  headers: {
+    'Content-Type': 'application/json',
+    Accept: 'application/json',
+  },
+})
+
+// Authentication functions
+export const getAuthToken = (): string | null => {
+  try {
+    if (fs.existsSync(TOKEN_FILE)) {
+      const tokenData = JSON.parse(fs.readFileSync(TOKEN_FILE, 'utf8'))
+      return tokenData.accessToken
+    }
+  } catch (error) {
+    console.error('Error reading auth token:', error)
+  }
+  return null
+}
+
+// Check if token is expired (JWT tokens have an exp claim)
+export const isTokenExpired = (token: string): boolean => {
+  try {
+    const base64Url = token.split('.')[1]
+    const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/')
+    const jsonPayload = decodeURIComponent(
+      atob(base64)
+        .split('')
+        .map((c) => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2))
+        .join('')
+    )
+    const payload = JSON.parse(jsonPayload)
+
+    // Check if token has expired
+    if (payload.exp) {
+      return payload.exp * 1000 < Date.now()
+    }
+  } catch (error) {
+    // If we can't decode the token, assume it's expired
+    return true
+  }
+
+  // If there's no exp claim, assume it's valid
+  return false
+}
+
+export const saveAuthToken = (token: string): void => {
+  try {
+    if (!fs.existsSync(CONFIG_DIR)) {
+      fs.mkdirSync(CONFIG_DIR, { recursive: true })
+    }
+    fs.writeFileSync(TOKEN_FILE, JSON.stringify({ accessToken: token }), 'utf8')
+    // Set file permissions to be readable only by the owner
+    fs.chmodSync(TOKEN_FILE, 0o600)
+  } catch (error) {
+    console.error('Error saving auth token:', error)
+  }
+}
+
+export const clearAuthToken = (): void => {
+  try {
+    if (fs.existsSync(TOKEN_FILE)) {
+      fs.unlinkSync(TOKEN_FILE)
+    }
+  } catch (error) {
+    console.error('Error clearing auth token:', error)
+  }
+}
+
+// Create an authenticated client
+export const createAuthenticatedClient = () => {
+  const token = getAuthToken()
+  if (!token) {
+    console.warn(
+      chalk.yellow(
+        'No authentication token found. Please run `berget login` first.'
+      )
+    )
+  } else if (isTokenExpired(token)) {
+    console.warn(
+      chalk.yellow(
+        'Your authentication token has expired. Please run `berget login` to get a new token.'
+      )
+    )
+    // Optionally clear the expired token
+    clearAuthToken()
+    return createClient<paths>({
+      baseUrl: API_BASE_URL,
+      headers: {
+        'Content-Type': 'application/json',
+        Accept: 'application/json',
+      },
+    })
+  }
+
+  return createClient<paths>({
+    baseUrl: API_BASE_URL,
+    headers: token
+      ? {
+          Authorization: `Bearer ${token}`,
+          'Content-Type': 'application/json',
+          Accept: 'application/json',
+        }
+      : {
+          'Content-Type': 'application/json',
+          Accept: 'application/json',
+        },
+  })
+}

package/src/services/api-key-service.ts

@@ -0,0 +1,114 @@
+import { createAuthenticatedClient } from '../client'
+import { handleError } from '../utils/error-handler'
+
+export interface ApiKey {
+  id: number
+  name: string
+  description: string | null
+  created: string
+  lastUsed: string | null
+  prefix: string
+  active: boolean
+  modified: string
+}
+
+export interface CreateApiKeyOptions {
+  name: string
+  description?: string
+}
+
+export interface ApiKeyResponse {
+  id: number
+  name: string
+  description: string | null
+  key: string
+  created: string
+}
+
+export class ApiKeyService {
+  private static instance: ApiKeyService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): ApiKeyService {
+    if (!ApiKeyService.instance) {
+      ApiKeyService.instance = new ApiKeyService()
+    }
+    return ApiKeyService.instance
+  }
+
+  public async listApiKeys(): Promise<ApiKey[]> {
+    try {
+      const { data, error } = await this.client.GET('/v1/api-keys')
+      if (error) {
+        // Check if this is an authentication error
+        const errorObj = typeof error === 'string' ? JSON.parse(error) : error;
+        if (errorObj.status === 401) {
+          throw new Error(JSON.stringify({
+            error: "Authentication failed. Your session may have expired.",
+            code: "AUTH_FAILED",
+            details: "Please run 'berget login' to authenticate again."
+          }))
+        }
+        throw new Error(JSON.stringify(error))
+      }
+      return data || []
+    } catch (error) {
+      handleError('Failed to list API keys', error)
+      throw error
+    }
+  }
+
+  public async createApiKey(options: CreateApiKeyOptions): Promise<ApiKeyResponse> {
+    try {
+      const { data, error } = await this.client.POST('/v1/api-keys', {
+        body: options
+      })
+      if (error) throw new Error(JSON.stringify(error))
+      return data!
+    } catch (error) {
+      console.error('Failed to create API key:', error)
+      throw error
+    }
+  }
+
+  public async deleteApiKey(id: string): Promise<boolean> {
+    try {
+      const { error } = await this.client.DELETE('/v1/api-keys/{id}', {
+        params: { path: { id } }
+      })
+      if (error) throw new Error(JSON.stringify(error))
+      return true
+    } catch (error) {
+      console.error('Failed to delete API key:', error)
+      throw error
+    }
+  }
+
+  public async rotateApiKey(id: string): Promise<ApiKeyResponse> {
+    try {
+      const { data, error } = await this.client.PUT('/v1/api-keys/{id}/rotate', {
+        params: { path: { id } }
+      })
+      if (error) throw new Error(JSON.stringify(error))
+      return data!
+    } catch (error) {
+      console.error('Failed to rotate API key:', error)
+      throw error
+    }
+  }
+
+  public async getApiKeyUsage(id: string): Promise<any> {
+    try {
+      const { data, error } = await this.client.GET('/v1/api-keys/{id}/usage', {
+        params: { path: { id } }
+      })
+      if (error) throw new Error(JSON.stringify(error))
+      return data
+    } catch (error) {
+      console.error('Failed to get API key usage:', error)
+      throw error
+    }
+  }
+}

package/src/services/auth-service.ts

@@ -0,0 +1,206 @@
+import {
+  createAuthenticatedClient,
+  saveAuthToken,
+  clearAuthToken,
+  apiClient,
+} from '../client'
+import open from 'open'
+import chalk from 'chalk'
+import { handleError } from '../utils/error-handler'
+
+export class AuthService {
+  private static instance: AuthService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): AuthService {
+    if (!AuthService.instance) {
+      AuthService.instance = new AuthService()
+    }
+    return AuthService.instance
+  }
+
+  public async login(): Promise<boolean> {
+    try {
+      // Clear any existing token to ensure a fresh login
+      clearAuthToken()
+
+      console.log(chalk.blue('Initiating login process...'))
+
+      // Step 1: Initiate device authorization
+      const { data: deviceData, error: deviceError } = await apiClient.POST(
+        '/v1/auth/device',
+        {}
+      )
+
+      if (deviceError || !deviceData) {
+        throw new Error(
+          deviceError
+            ? JSON.stringify(deviceError)
+            : 'Failed to get device authorization data'
+        )
+      }
+
+      // Display information to user
+      console.log(chalk.cyan('\nTo complete login:'))
+      console.log(
+        chalk.cyan(
+          `1. Open this URL: ${chalk.bold(
+            deviceData.verification_url || 'https://auth.berget.ai/device'
+          )}`
+        )
+      )
+      console.log(
+        chalk.cyan(
+          `2. Enter this code: ${chalk.bold(deviceData.user_code || '')}\n`
+        )
+      )
+
+      // Try to open browser automatically
+      try {
+        if (deviceData.verification_url) {
+          await open(deviceData.verification_url)
+          console.log(
+            chalk.dim(
+              "Browser opened automatically. If it didn't open, please use the URL above."
+            )
+          )
+        }
+      } catch (error) {
+        console.log(
+          chalk.yellow(
+            'Could not open browser automatically. Please open the URL manually.'
+          )
+        )
+      }
+
+      console.log(chalk.dim('\nWaiting for authentication to complete...'))
+
+      // Step 2: Poll for completion
+      const startTime = Date.now()
+      const expiresIn =
+        deviceData.expires_in !== undefined ? deviceData.expires_in : 900
+      const expiresAt = startTime + expiresIn * 1000
+      let pollInterval = (deviceData.interval || 5) * 1000
+
+      const spinner = ['⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏']
+      let spinnerIdx = 0
+
+      while (Date.now() < expiresAt) {
+        // Wait for the polling interval
+        await new Promise((resolve) => setTimeout(resolve, pollInterval))
+
+        // Update spinner
+        process.stdout.write(
+          `\r${chalk.blue(spinner[spinnerIdx])} Waiting for authentication...`
+        )
+        spinnerIdx = (spinnerIdx + 1) % spinner.length
+
+        // Check if authentication is complete
+        const deviceCode = deviceData.device_code || ''
+        const { data: tokenData, error: tokenError } = await apiClient.POST(
+          '/v1/auth/device/token',
+          {
+            body: {
+              device_code: deviceCode,
+            },
+          }
+        )
+
+        if (tokenError) {
+          // Parse the error to get status and other details
+          const errorObj =
+            typeof tokenError === 'string' ? JSON.parse(tokenError) : tokenError
+
+          const status = errorObj.status || 0
+          const errorCode = errorObj.code || ''
+
+          if (status === 401 || errorCode === 'AUTHORIZATION_PENDING') {
+            // Still waiting for user to complete authorization
+            continue
+          } else if (status === 429) {
+            // Slow down
+            pollInterval *= 2
+            continue
+          } else if (status === 400) {
+            // Error or expired
+            if (errorCode === 'EXPIRED_TOKEN') {
+              console.log(
+                chalk.red('\n\nAuthentication timed out. Please try again.')
+              )
+            } else if (errorCode !== 'AUTHORIZATION_PENDING') {
+              // Only show error if it's not the expected "still waiting" error
+              const errorMessage = errorObj.message || JSON.stringify(errorObj)
+              console.log(chalk.red(`\n\nError: ${errorMessage}`))
+              return false
+            } else {
+              // If it's AUTHORIZATION_PENDING, continue polling
+              continue
+            }
+            return false
+          } else {
+            // For any other error, log it but continue polling
+            // This makes the flow more resilient to temporary issues
+            if (process.env.DEBUG) {
+              console.log(
+                chalk.yellow(`\n\nReceived error: ${JSON.stringify(errorObj)}`)
+              )
+              console.log(
+                chalk.yellow('Continuing to wait for authentication...')
+              )
+              process.stdout.write(
+                `\r${chalk.blue(
+                  spinner[spinnerIdx]
+                )} Waiting for authentication...`
+              )
+            }
+            continue
+          }
+        } else if (tokenData && tokenData.token) {
+          // Success!
+          saveAuthToken(tokenData.token)
+
+          process.stdout.write('\r' + ' '.repeat(50) + '\r') // Clear the spinner line
+          console.log(chalk.green('✓ Successfully logged in to Berget'))
+
+          if (tokenData.user) {
+            const user = tokenData.user as any
+            console.log(
+              chalk.green(`Logged in as ${user.name || user.email || 'User'}`)
+            )
+          }
+
+          return true
+        }
+      }
+
+      console.log(chalk.red('\n\nAuthentication timed out. Please try again.'))
+      return false
+    } catch (error) {
+      handleError('Login failed', error)
+      return false
+    }
+  }
+
+  public async isAuthenticated(): Promise<boolean> {
+    try {
+      // Call an API endpoint that requires authentication
+      const { data, error } = await this.client.GET('/v1/users/me')
+      return !!data && !error
+    } catch {
+      return false
+    }
+  }
+
+  public async getUserProfile() {
+    try {
+      const { data, error } = await this.client.GET('/v1/users/me')
+      if (error) throw new Error(JSON.stringify(error))
+      return data
+    } catch (error) {
+      handleError('Failed to get user profile', error)
+      throw error
+    }
+  }
+}

package/src/services/cluster-service.ts

@@ -0,0 +1,50 @@
+import { createAuthenticatedClient } from '../client'
+
+export interface Cluster {
+  id: string
+  name: string
+  status: string
+  nodes: number
+  created: string
+}
+
+export class ClusterService {
+  private static instance: ClusterService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): ClusterService {
+    if (!ClusterService.instance) {
+      ClusterService.instance = new ClusterService()
+    }
+    return ClusterService.instance
+  }
+
+  public async getClusterUsage(clusterId: string): Promise<any> {
+    try {
+      const { data, error } = await this.client.GET(
+        '/v1/clusters/{clusterId}/usage',
+        {
+          params: { path: { clusterId } },
+        }
+      )
+      if (error) throw new Error(JSON.stringify(error))
+      return data
+    } catch (error) {
+      console.error('Failed to get cluster usage:', error)
+      throw error
+    }
+  }
+
+  public async listClusters(): Promise<Cluster[]> {
+    try {
+      const { data, error } = await this.client.GET('/v1/clusters')
+      if (error) throw new Error(JSON.stringify(error))
+      return data?.data || []
+    } catch (error) {
+      console.error('Failed to list clusters:', error)
+      throw error
+    }
+  }
+}

package/src/services/collaborator-service.ts

@@ -0,0 +1,34 @@
+import { createAuthenticatedClient } from '../client'
+
+export interface Collaborator {
+  username: string
+  role: string
+  status: string
+}
+
+export class CollaboratorService {
+  private static instance: CollaboratorService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): CollaboratorService {
+    if (!CollaboratorService.instance) {
+      CollaboratorService.instance = new CollaboratorService()
+    }
+    return CollaboratorService.instance
+  }
+
+  // This endpoint is not available in the API
+  public async addCollaborator(
+    clusterId: string,
+    githubUsername: string
+  ): Promise<Collaborator[]> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async listCollaborators(clusterId: string): Promise<Collaborator[]> {
+    throw new Error('This functionality is not available in the API')
+  }
+}

package/src/services/flux-service.ts

@@ -0,0 +1,37 @@
+import { createAuthenticatedClient } from '../client'
+
+export interface FluxInstallOptions {
+  cluster: string
+}
+
+export interface FluxBootstrapOptions {
+  provider: string
+  owner?: string
+  repository?: string
+  path?: string
+  personal?: boolean
+}
+
+export class FluxService {
+  private static instance: FluxService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): FluxService {
+    if (!FluxService.instance) {
+      FluxService.instance = new FluxService()
+    }
+    return FluxService.instance
+  }
+
+  // This endpoint is not available in the API
+  public async installFlux(options: FluxInstallOptions): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async bootstrapFlux(options: FluxBootstrapOptions): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+}

package/src/services/helm-service.ts

@@ -0,0 +1,37 @@
+import { createAuthenticatedClient } from '../client'
+
+export interface HelmRepoAddOptions {
+  name: string
+  url: string
+}
+
+export interface HelmInstallOptions {
+  name: string
+  chart: string
+  namespace?: string
+  values?: Record<string, string>
+}
+
+export class HelmService {
+  private static instance: HelmService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): HelmService {
+    if (!HelmService.instance) {
+      HelmService.instance = new HelmService()
+    }
+    return HelmService.instance
+  }
+
+  // This endpoint is not available in the API
+  public async addRepo(options: HelmRepoAddOptions): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async installChart(options: HelmInstallOptions): Promise<any> {
+    throw new Error('This functionality is not available in the API')
+  }
+}

package/src/services/kubectl-service.ts

@@ -0,0 +1,33 @@
+import { createAuthenticatedClient } from '../client'
+
+export class KubectlService {
+  private static instance: KubectlService
+  private client = createAuthenticatedClient()
+
+  private constructor() {}
+
+  public static getInstance(): KubectlService {
+    if (!KubectlService.instance) {
+      KubectlService.instance = new KubectlService()
+    }
+    return KubectlService.instance
+  }
+
+  // This endpoint is not available in the API
+  public async createNamespace(name: string): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async applyConfiguration(filename: string): Promise<boolean> {
+    throw new Error('This functionality is not available in the API')
+  }
+
+  // This endpoint is not available in the API
+  public async getResources(
+    resource: string,
+    namespace?: string
+  ): Promise<any[]> {
+    throw new Error('This functionality is not available in the API')
+  }
+}