create-svc 0.1.44 → 0.1.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/package.json +1 -1
  2. package/src/post-scaffold.test.ts +2 -2
  3. package/src/post-scaffold.ts +35 -0
  4. package/src/scaffold.test.ts +3 -0
  5. package/templates/targets/workers/src/auth.ts +6 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "create-svc",
3
- "version": "0.1.44",
3
+ "version": "0.1.47",
4
4
  "description": "Local microservice bootstrap CLI for Cloud Run and Workers services with Neon-backed data.",
5
5
  "module": "index.ts",
6
6
  "type": "module",
package/src/post-scaffold.test.ts CHANGED
@@ -115,7 +115,7 @@ describe("buildDeploymentVerificationCommands", () => {
115
115
  });
116
116
  });
117
117
 
118
- test("uses the workers service CLI for protected workers verification", () => {
118
+ test("uses public DNS resolution for Workers production verification", () => {
119
119
  expect(
120
120
  buildDeploymentVerificationCommands({
121
121
  target: "workers",
@@ -127,7 +127,7 @@ describe("buildDeploymentVerificationCommands", () => {
127
127
  command: "sh",
128
128
  args: [
129
129
  "-c",
130
- 'TOKEN="$(service auth token)" && curl --fail --show-error --silent -H "Authorization: Bearer $TOKEN" "https://api.launch.anmho.com/v1/admin/waitlist?limit=1"',
130
+ 'TOKEN="$(service auth token)" && (curl --fail --show-error --silent -H "Authorization: Bearer $TOKEN" "https://api.launch.anmho.com/v1/admin/waitlist?limit=1") || for IP in $(dig @1.1.1.1 +short api.launch.anmho.com); do curl --fail --show-error --silent --resolve "api.launch.anmho.com:443:$IP" -H "Authorization: Bearer $TOKEN" "https://api.launch.anmho.com/v1/admin/waitlist?limit=1" && exit 0; done; exit 1',
131
131
  ],
132
132
  });
133
133
  });
package/src/post-scaffold.ts CHANGED
@@ -98,6 +98,16 @@ export function buildDeploymentVerificationCommands(
98
98
  config: Pick<ScaffoldConfig, "apiHostname" | "framework" | "runtime"> &
99
99
  Partial<Pick<ScaffoldConfig, "target" | "serviceName" | "gcpProject" | "region">>
100
100
  ): PostScaffoldCommand[] {
101
+ if (config.target === "workers") {
102
+ const host = config.apiHostname;
103
+ const tokenCommand = 'TOKEN="$(service auth token)"';
104
+ return [
105
+ workersCurlCommand(host, "/"),
106
+ workersCurlCommand(host, "/readyz"),
107
+ workersProtectedVerificationCommand(host, tokenCommand),
108
+ ];
109
+ }
110
+
101
111
  const origin = verificationOrigin(config);
102
112
  const tokenCommand = 'TOKEN="$(service auth token)"';
103
113
  return [
@@ -107,6 +117,31 @@ export function buildDeploymentVerificationCommands(
107
117
  ];
108
118
  }
109
119
 
120
+ function workersCurlCommand(host: string, path: string): PostScaffoldCommand {
121
+ return shellVerificationCommand(workersCurlScript(host, path));
122
+ }
123
+
124
+ function workersProtectedVerificationCommand(host: string, tokenCommand: string): PostScaffoldCommand {
125
+ return shellVerificationCommand(
126
+ `${tokenCommand} && ${workersCurlScript(host, "/v1/admin/waitlist?limit=1", ['-H "Authorization: Bearer $TOKEN"'])}`
127
+ );
128
+ }
129
+
130
+ function workersCurlScript(host: string, path: string, flags: string[] = []) {
131
+ const url = `https://${host}${path}`;
132
+ const curl = ["curl --fail --show-error --silent", ...flags, `"${url}"`].join(" ");
133
+ const resolvedCurl = ["curl --fail --show-error --silent", `--resolve "${host}:443:$IP"`, ...flags, `"${url}"`].join(" ");
134
+ return [
135
+ `(${curl})`,
136
+ "||",
137
+ `for IP in $(dig @1.1.1.1 +short ${host}); do`,
138
+ `${resolvedCurl}`,
139
+ "&& exit 0;",
140
+ "done;",
141
+ "exit 1",
142
+ ].join(" ");
143
+ }
144
+
110
145
  export function buildLocalVerificationCommands(
111
146
  config: Pick<ScaffoldConfig, "apiHostname" | "framework" | "runtime"> & Partial<Pick<ScaffoldConfig, "target">>
112
147
  ): PostScaffoldCommand[] {
package/src/scaffold.test.ts CHANGED
@@ -320,6 +320,9 @@ test("scaffolds the workers target with wrangler lifecycle commands", async () =
320
320
  expect(wranglerConfig).toContain('binding = "HYPERDRIVE"');
321
321
  expect(wranglerConfig).toContain('AUTH_ENABLED = "true"');
322
322
  expect(wranglerConfig).toContain('AUTH_AUDIENCE = "api://dns-api"');
323
+ const authSource = await Bun.file(join(generatedRoot, "src", "auth.ts")).text();
324
+ expect(authSource).toContain('alg === "EdDSA"');
325
+ expect(authSource).toContain('name: "Ed25519"');
323
326
 
324
327
  const entrypoint = await Bun.file(join(generatedRoot, "src", "index.ts")).text();
325
328
  expect(entrypoint).toContain("/v1/waitlist");
package/templates/targets/workers/src/auth.ts CHANGED
@@ -132,6 +132,12 @@ function importAlgorithm(alg: string, key: JsonWebKey) {
132
132
  verify: { name: "ECDSA", hash: "SHA-256" },
133
133
  } as const;
134
134
  }
135
+ if (alg === "EdDSA" && key.crv === "Ed25519") {
136
+ return {
137
+ import: { name: "Ed25519" },
138
+ verify: { name: "Ed25519" },
139
+ } as const;
140
+ }
135
141
  throw new Error(`unsupported jwt alg: ${alg}`);
136
142
  }
137
143