create-svc 0.1.32 → 0.1.33

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-svc",
-  "version": "0.1.32",
+  "version": "0.1.33",
   "description": "Local microservice bootstrap CLI for Cloud Run and Workers services with Neon-backed data.",
   "module": "index.ts",
   "type": "module",

package/src/cli.ts

@@ -8,6 +8,7 @@ import {
   bootstrapGitHubRepository,
   buildGitBootstrapConfig,
   commitAndPushGeneratedArtifacts,
+  markGitHubRepositoryDeleteOnDestroy,
   type GitBootstrapResult,
 } from "./git-bootstrap";
 import { listOpenBillingAccounts, listAccessibleProjects, type BillingAccount, type GcpProject } from "./gcp";
@@ -111,6 +112,7 @@ export async function run(argv: string[]) {
     gitSpinner.start("Preparing git repository");
     const gitResult = await bootstrapGitHubRepository(targetDir, config.git);
     if (gitResult.status === "created") {
+      await markGitHubRepositoryDeleteOnDestroy(targetDir);
       gitSpinner.stop(`GitHub repository created: ${gitResult.url}`);
     } else if (gitResult.status === "skipped-existing-worktree") {
       gitSpinner.stop(`Existing git worktree detected: ${gitResult.root}`);
@@ -136,6 +138,11 @@ export async function run(argv: string[]) {
         const result = commitAndPushGeneratedArtifacts(targetDir, "Record generated deployment artifacts");
         publishSpinner.stop(result.committed ? "Generated artifacts committed and pushed" : "Generated artifacts already committed");
       }
+    } else if (gitResult.status === "created") {
+      const publishSpinner = spinner();
+      publishSpinner.start("Publishing generated git ownership");
+      const result = commitAndPushGeneratedArtifacts(targetDir, "Record generated GitHub ownership");
+      publishSpinner.stop(result.committed ? "GitHub ownership committed and pushed" : "GitHub ownership already committed");
     }
 
     outro(config.autoDeploy ? "Created and deployed" : "Created");

package/src/git-bootstrap.test.ts

@@ -1,8 +1,8 @@
 import { expect, test } from "bun:test";
-import { mkdir, mkdtemp, realpath } from "node:fs/promises";
+import { mkdir, mkdtemp, realpath, writeFile } from "node:fs/promises";
 import { join } from "node:path";
 import { tmpdir } from "node:os";
-import { buildGitBootstrapConfig, findExistingGitWorktree } from "./git-bootstrap";
+import { buildGitBootstrapConfig, findExistingGitWorktree, markGitHubRepositoryDeleteOnDestroy } from "./git-bootstrap";
 
 test("buildGitBootstrapConfig defaults to anmho private repo creation", () => {
   expect(buildGitBootstrapConfig("launch-api", undefined)).toEqual({
@@ -28,6 +28,15 @@ test("findExistingGitWorktree detects parent repositories", async () => {
   expect(findExistingGitWorktree(join(root, "apps", "launch-api"))).toBe(await realpath(root));
 });
 
+test("markGitHubRepositoryDeleteOnDestroy records generated repo ownership", async () => {
+  const root = await mkdtemp(join(tmpdir(), "create-svc-git-"));
+  await writeFile(join(root, "service.jsonc"), '{\n  "git": { "delete_on_destroy": false }\n}\n');
+
+  await markGitHubRepositoryDeleteOnDestroy(root);
+
+  expect(await Bun.file(join(root, "service.jsonc")).text()).toContain('"delete_on_destroy": true');
+});
+
 function run(command: string[], cwd: string) {
   const result = Bun.spawnSync(command, {
     cwd,

package/src/git-bootstrap.ts

@@ -1,4 +1,5 @@
 import { existsSync } from "node:fs";
+import { readFile, writeFile } from "node:fs/promises";
 import { dirname } from "node:path";
 
 export type GitBootstrapConfig = {
@@ -62,6 +63,16 @@ export function commitAndPushGeneratedArtifacts(targetDir: string, message: stri
   return { committed: true };
 }
 
+export async function markGitHubRepositoryDeleteOnDestroy(targetDir: string) {
+  const path = `${targetDir}/service.jsonc`;
+  const text = await readFile(path, "utf8");
+  const updated = text.replace('"delete_on_destroy": false', '"delete_on_destroy": true');
+  if (updated === text) {
+    throw new Error("service.jsonc does not contain a delete_on_destroy marker");
+  }
+  await writeFile(path, updated);
+}
+
 export function findExistingGitWorktree(targetDir: string) {
   const cwd = existingPath(targetDir);
   const result = Bun.spawnSync(["git", "-C", cwd, "rev-parse", "--show-toplevel"], {

package/src/scaffold.test.ts

@@ -71,6 +71,9 @@ test("scaffolds all runtime/framework variants with shared cloudrun config", asy
     expect(serviceConfig).toContain('"project_mode": "create_new"');
     expect(serviceConfig).toContain('"quota_project_id": "anmho-infra-prod"');
     expect(serviceConfig).toContain('"jwks_url": "https://auth.anmho.com/api/auth/jwks"');
+    expect(serviceConfig).toContain('"git": {');
+    expect(serviceConfig).toContain('"repository": "dns-api"');
+    expect(serviceConfig).toContain('"delete_on_destroy": false');
     expect(serviceConfig).toContain('"project_id": ""');
     expect(serviceConfig).toContain('"base_branch_id": ""');
     expect(serviceConfig).toContain('"base_branch_name": "main"');

package/src/scaffold.ts

@@ -209,6 +209,9 @@ function buildReplacements(config: ScaffoldConfig) {
     RUNTIME_SERVICE_ACCOUNT: runtimeServiceAccount,
     API_HOSTNAME: config.apiHostname,
     API_BASE_DOMAIN: "anmho.com",
+    GIT_ENABLED: String(config.git.enabled),
+    GIT_OWNER: config.git.owner,
+    GIT_REPOSITORY: config.git.repository,
     AUTH_ISSUER: authIssuer,
     AUTH_AUDIENCE: authAudience,
     AUTH_JWKS_URL: authJwksUrl,

package/src/service-runtime/cloudrun/cleanup.ts

@@ -45,6 +45,7 @@ type DestroyPlan = {
   resources: PlannedResource[];
   skipped: PlannedResource[];
   blockers: string[];
+  githubRepository?: string;
   hasProductionDomainMapping: boolean;
   serviceNames: string[];
   secretNames: string[];
@@ -69,6 +70,10 @@ export async function cleanup(args = Bun.argv.slice(2)) {
 
   await requireDestroyConfirmation(options.force);
 
+  if (plan.githubRepository) {
+    await runStep(`Deleting GitHub repository ${plan.githubRepository}`, () => deleteGitHubRepository(plan.githubRepository!));
+  }
+
   await runStep(`Deleting auth resource server ${config.serviceName}`, () => deleteAuthResourceServer());
 
   if (plan.hasProductionDomainMapping) {
@@ -125,11 +130,13 @@ async function buildDestroyPlan(destroyProject: boolean): Promise<DestroyPlan> {
     ],
     skipped: [],
     blockers: [],
+    githubRepository: undefined,
     hasProductionDomainMapping: false,
     serviceNames: [],
     secretNames: [],
   };
 
+  planGitHubRepository(plan);
   planProductionDomainMapping(plan);
   planCloudRunServices(plan);
   planSecrets(plan);
@@ -143,6 +150,41 @@ async function buildDestroyPlan(destroyProject: boolean): Promise<DestroyPlan> {
   return plan;
 }
 
+function planGitHubRepository(plan: DestroyPlan) {
+  const repository = `${config.git.owner}/${config.git.repository}`;
+  if (!config.git.deleteOnDestroy) {
+    plan.skipped.push({
+      label: `GitHub repository ${repository}`,
+      detail: config.git.enabled ? "not created by this service CLI run" : "git disabled",
+    });
+    return;
+  }
+
+  if (!Bun.which("gh")) {
+    plan.blockers.push(`GitHub repository ${repository}: missing required command gh`);
+    return;
+  }
+
+  const auth = run("gh", ["auth", "status"], { allowFailure: true });
+  if (!auth.success) {
+    plan.blockers.push(`GitHub repository ${repository}: authenticate GitHub CLI with gh auth login`);
+    return;
+  }
+
+  const view = run("gh", ["repo", "view", repository, "--json", "name"], { allowFailure: true });
+  if (!view.success) {
+    plan.skipped.push({ label: `GitHub repository ${repository}`, detail: "not found" });
+    return;
+  }
+
+  plan.githubRepository = repository;
+  plan.resources.push({ label: `GitHub repository ${repository}`, detail: "private generated repo" });
+}
+
+function deleteGitHubRepository(repository: string) {
+  run("gh", ["repo", "delete", repository, "--yes"], { allowFailure: true });
+}
+
 function planProductionDomainMapping(plan: DestroyPlan) {
   try {
     const mapping = describeProductionDomainMapping();

package/src/service-runtime/cloudrun/config.ts

@@ -49,6 +49,12 @@ export const config = {
     previewBranchPrefix: neon.preview_branch_prefix,
     personalBranchPrefix: neon.personal_branch_prefix,
   },
+  git: {
+    enabled: Boolean(serviceConfig.git?.enabled),
+    owner: serviceConfig.git?.owner || "anmho",
+    repository: serviceConfig.git?.repository || serviceConfig.service_id,
+    deleteOnDestroy: Boolean(serviceConfig.git?.delete_on_destroy),
+  },
   requiredApis: cloudrun.required_apis,
 } as const;
 

package/src/service-runtime/workers/cli.ts

@@ -11,6 +11,12 @@ const config = {
   hostname: serviceConfig.dns.hostname,
   neonDatabaseName: serviceConfig.neon.database_name,
   neonRoleName: serviceConfig.neon.role_name,
+  git: {
+    enabled: Boolean(serviceConfig.git?.enabled),
+    owner: serviceConfig.git?.owner || "anmho",
+    repository: serviceConfig.git?.repository || serviceConfig.service_id,
+    deleteOnDestroy: Boolean(serviceConfig.git?.delete_on_destroy),
+  },
 };
 
 type DoctorStatus = "pass" | "warn" | "fail";
@@ -81,6 +87,7 @@ export async function main(argv = Bun.argv.slice(2)) {
     return runMain("Destroy", async () => {
       await requireDestroyConfirmation(rest.includes("--force"));
       const wranglerArgs = rest.filter((arg) => arg !== "--force");
+      deleteGitHubRepositoryIfOwned();
       await deleteHyperdrive();
       run("wrangler", ["delete", "--name", config.serviceName, "--force", ...wranglerArgs]);
       await deleteNeonDatabase();
@@ -115,6 +122,21 @@ function formatHelp() {
   ].join("\n");
 }
 
+function deleteGitHubRepositoryIfOwned() {
+  const repository = `${config.git.owner}/${config.git.repository}`;
+  if (!config.git.deleteOnDestroy) {
+    log.step(`Skipping GitHub repository ${repository}: ${config.git.enabled ? "not created by this service CLI run" : "git disabled"}`);
+    return;
+  }
+  run("gh", ["auth", "status"], { capture: true });
+  const view = run("gh", ["repo", "view", repository, "--json", "name"], { allowFailure: true, capture: true });
+  if (!view.success) {
+    log.step(`Skipping GitHub repository ${repository}: not found`);
+    return;
+  }
+  run("gh", ["repo", "delete", repository, "--yes"]);
+}
+
 function run(command: string, args: string[], options: { allowFailure?: boolean; capture?: boolean } = {}) {
   if (!Bun.which(command)) {
     throw new Error(`missing required command: ${command}`);

package/templates/shared/service.jsonc

@@ -27,6 +27,15 @@
     "service_id": "{{SERVICE_ID}}"
   },
 
+  "git": {
+    "enabled": {{GIT_ENABLED}},
+    "owner": "{{GIT_OWNER}}",
+    "repository": "{{GIT_REPOSITORY}}",
+    // This flips to true only after `service create` actually creates the
+    // GitHub repository. Existing worktrees and --no-git stay false.
+    "delete_on_destroy": false
+  },
+
   "auth": {
     "issuer": "{{AUTH_ISSUER}}",
     "token_endpoint": "https://auth.anmho.com/api/auth/oauth2/token",