create-svc 0.1.84 → 0.1.86

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-svc",
-  "version": "0.1.84",
+  "version": "0.1.86",
   "description": "Local microservice bootstrap CLI for Cloud Run and Workers services with Neon-backed data.",
   "module": "index.ts",
   "type": "module",

package/src/scaffold.test.ts

@@ -71,6 +71,7 @@ test("scaffolds all runtime/framework variants with shared cloudrun config", asy
     expect(serviceConfig).toContain('"project_mode": "create_new"');
     expect(serviceConfig).toContain('"quota_project_id": "anmho-infra-prod"');
     expect(serviceConfig).toContain('"artifact_repository": "cloud-run"');
+    expect(serviceConfig).toContain('"worker_min_instances": 0');
     expect(serviceConfig).not.toContain("cloudbuild.googleapis.com");
     expect(serviceConfig).toContain('"jwks_url": "https://auth.anmho.com/api/auth/jwks"');
     expect(serviceConfig).toContain('"git": {');
@@ -97,6 +98,7 @@ test("scaffolds all runtime/framework variants with shared cloudrun config", asy
     expect(manifest).toContain("${AUTH_AUDIENCE}");
     expect(manifest).toContain("managed_by: create-service");
     expect(manifest).toContain("service_id: ${SERVICE_ID}");
+    expect(manifest).toContain('autoscaling.knative.dev/minScale: "${SERVICE_MIN_SCALE}"');
     expect(manifest).not.toContain("CLERK_SECRET_KEY");
     expect(manifest).not.toContain("STRIPE_SECRET_KEY");
     expect(manifest).not.toContain("REVENUECAT_API_KEY");
@@ -111,6 +113,8 @@ test("scaffolds all runtime/framework variants with shared cloudrun config", asy
 
     const dockerCompose = await Bun.file(join(generatedRoot, "docker-compose.yml")).text();
     expect(dockerCompose).toContain('image: postgres:16-alpine');
+    expect(dockerCompose).toContain("image: temporalio/auto-setup:");
+    expect(dockerCompose).toContain("127.0.0.1:7233:7233");
     expect(dockerCompose).toContain(`127.0.0.1:${localPort}:5432`);
 
     const envExample = await Bun.file(join(generatedRoot, ".env.example")).text();
@@ -335,7 +339,7 @@ test("scaffolds a backend package cleanly into a nested monorepo-style directory
   expect(readme).toContain("`microservice` profile");
   expect(readme).toContain("api.dns-api.anmho.com");
   expect(readme).toContain("open Docker Desktop if needed");
-  expect(readme).toContain("local Postgres service in `docker-compose.yml`");
+  expect(readme).toContain("local Postgres and Temporal services in `docker-compose.yml`");
   expect(readme).toContain("gcloud auth login");
   expect(readme).toContain("known-good CLIs");
   expect(readme).toContain("service create");

package/src/service-runtime/authctl-command.ts

@@ -0,0 +1,12 @@
+export type AuthctlCommand = {
+  path: string;
+  runWithBun: boolean;
+};
+
+export function authctlSpawnArgs(command: AuthctlCommand, args: string[]) {
+  return command.runWithBun ? [bunExecutable(), command.path, ...args] : [command.path, ...args];
+}
+
+function bunExecutable() {
+  return Bun.which("bun") ?? process.execPath;
+}

package/src/service-runtime/authctl.test.ts

@@ -0,0 +1,16 @@
+import { expect, test } from "bun:test";
+import { authctlSpawnArgs } from "./authctl-command";
+
+test("authctlSpawnArgs runs repo-local authctl through bun", () => {
+  const args = authctlSpawnArgs({ path: "./node_modules/.bin/authctl", runWithBun: true }, ["doctor", "--json"]);
+
+  expect(args[0]).toEndWith("bun");
+  expect(args.slice(1)).toEqual(["./node_modules/.bin/authctl", "doctor", "--json"]);
+});
+
+test("authctlSpawnArgs runs global authctl directly", () => {
+  expect(authctlSpawnArgs({ path: "/usr/local/bin/authctl", runWithBun: false }, ["version"])).toEqual([
+    "/usr/local/bin/authctl",
+    "version",
+  ]);
+});

package/src/service-runtime/authctl.ts

@@ -1,4 +1,5 @@
 import { existsSync } from "node:fs";
+import { authctlSpawnArgs, type AuthctlCommand } from "./authctl-command";
 import { serviceConfig } from "./runtime";
 
 type CommandResult = {
@@ -9,6 +10,7 @@ type CommandResult = {
 };
 
 const decoder = new TextDecoder();
+const localAuthctlPath = "./node_modules/.bin/authctl";
 
 export type AuthDoctorResult = {
   hasAuthctl: boolean;
@@ -418,12 +420,12 @@ function resolveResourceServerCommand(): ResourceServerCommand | undefined {
 }
 
 function authctl(args: string[], options: { allowFailure?: boolean; quiet?: boolean } = {}): CommandResult {
-  const command = authctlPath();
+  const command = authctlCommand();
   if (!command) {
     throw new Error("authctl is not installed; run bun install in this generated service or link @anmho/authctl");
   }
 
-  const result = Bun.spawnSync([command, ...args], {
+  const result = Bun.spawnSync(authctlSpawnArgs(command, args), {
     cwd: process.cwd(),
     env: authctlEnvironment(),
     stdin: "inherit",
@@ -464,8 +466,24 @@ function formatAuthctlFailure(args: string[], output: CommandResult) {
   return `authctl ${args.join(" ")} failed with exit code ${output.exitCode}\n${detail}`;
 }
 
+function authctlCommand(): AuthctlCommand | undefined {
+  if (existsSync(localAuthctlPath)) {
+    return {
+      path: localAuthctlPath,
+      runWithBun: true,
+    };
+  }
+  const global = Bun.which("authctl");
+  return global
+    ? {
+        path: global,
+        runWithBun: false,
+      }
+    : undefined;
+}
+
 function authctlPath() {
-  return existsSync("./node_modules/.bin/authctl") ? "./node_modules/.bin/authctl" : Bun.which("authctl");
+  return authctlCommand()?.path;
 }
 
 function authctlEnvironment() {

package/src/service-runtime/cloudrun/config.ts

@@ -14,6 +14,7 @@ export const config = {
   region: cloudrun.region,
   artifactRepository: cloudrun.artifact_repository,
   runtimeServiceAccount: cloudrun.service_account,
+  workerMinInstances: Number(cloudrun.worker_min_instances ?? 0),
   project: {
     mode: cloudrun.project_mode,
     id: cloudrun.project_id,

package/src/service-runtime/cloudrun/lib.ts

@@ -518,6 +518,7 @@ export async function renderManifest(image: string, target: DeploymentTarget, pr
     SERVICE_ID: config.serviceName,
     SERVICE_ROLE: process,
     SERVICE_INGRESS: process === "worker" ? "internal" : "all",
+    SERVICE_MIN_SCALE: process === "worker" ? String(config.workerMinInstances) : "0",
     CONTAINER_COMMAND: renderContainerCommand(process),
     RUNTIME_SERVICE_ACCOUNT: config.runtimeServiceAccount,
     IMAGE_URL: image,

package/templates/shared/README.md

@@ -43,7 +43,7 @@ console to create and deploy.
 
 ## Local development
 
-The scaffold writes a ready-to-use `.env.local` and includes a local Postgres service in `docker-compose.yml`.
+The scaffold writes a ready-to-use `.env.local` and includes local Postgres and Temporal services in `docker-compose.yml`.
 
 First local run:
 
@@ -55,8 +55,8 @@ First local run:
 Local runtime uses:
 
 - `DATABASE_URL` from `.env.local`, pointed at Docker Compose Postgres
-- `{{COMMAND_MIGRATE}}` and `{{COMMAND_DEV}}`, which open Docker Desktop if needed, wait for Docker readiness, and start Docker Compose Postgres
-- `TEMPORAL_ENABLED=true` by default with `localhost:7233` and `default`; set `TEMPORAL_ENABLED=false` when you are not running a local Temporal server
+- `{{COMMAND_MIGRATE}}` and `{{COMMAND_DEV}}`, which open Docker Desktop if needed, wait for Docker readiness, and start Docker Compose Postgres and Temporal
+- `TEMPORAL_ENABLED=true` by default with `localhost:7233` and `default`; `{{COMMAND_DEV}}` waits for the local Temporal container before starting the API and worker
 
 No cloud credentials are required for local HTTP development after Docker and Postgres are running.
 
@@ -78,7 +78,7 @@ creates a trigger, the API service starts `waitlistFollowUpWorkflow` /
 `WaitlistFollowUpWorkflow` asynchronously on the service task queue. The API
 request only waits for the trigger record; workflow completion happens through
 Temporal and is polled by the worker service.
-Local `{{COMMAND_DEV}}` starts the API process and the worker process together.
+Local `{{COMMAND_DEV}}` starts the API process and the worker process together after Docker Compose starts the local Temporal server.
 
 Production and preview deploys render `TEMPORAL_ENABLED=true` into the Cloud Run
 manifest unless you override it. For Temporal Cloud, replace the local defaults
@@ -88,6 +88,11 @@ with real connection settings before the worker can run:
 - `TEMPORAL_NAMESPACE`
 - any TLS certificate/key or API-key settings used by your worker code
 
+Cloud Run worker min instances are controlled by
+`cloudrun.worker_min_instances` in `service.jsonc`. The generated default is
+`0`; set it to `1` for production services that must keep a Temporal poller
+warm for scheduled workflows.
+
 If a service does not need Temporal, opt out with:
 
 ```bash

package/templates/shared/docker-compose.yml

@@ -15,5 +15,21 @@ services:
       timeout: 5s
       retries: 10
 
+  temporal:
+    image: temporalio/auto-setup:1.28.1
+    depends_on:
+      postgres:
+        condition: service_healthy
+    environment:
+      DB: postgres12
+      DB_PORT: 5432
+      POSTGRES_USER: {{LOCAL_DATABASE_USER}}
+      POSTGRES_PWD: {{LOCAL_DATABASE_PASSWORD}}
+      POSTGRES_SEEDS: postgres
+      DBNAME: temporal
+      VISIBILITY_DBNAME: temporal_visibility
+    ports:
+      - "127.0.0.1:7233:7233"
+
 volumes:
   postgres-data:

package/templates/shared/scripts/dev.ts

@@ -16,6 +16,9 @@ const env = {
 if (env.DATABASE_URL && !env.CLOUDFLARE_HYPERDRIVE_LOCAL_CONNECTION_STRING_HYPERDRIVE) {
   env.CLOUDFLARE_HYPERDRIVE_LOCAL_CONNECTION_STRING_HYPERDRIVE = env.DATABASE_URL;
 }
+if (temporalEnabled(env)) {
+  await waitForTemporal(env.TEMPORAL_ADDRESS || "localhost:7233");
+}
 
 const api = Bun.spawn(apiCommand, {
   stdin: "inherit",
@@ -57,3 +60,36 @@ function parseCommands(argv: string[]) {
   const workerCommand = argv.slice(separator + 1);
   return { apiCommand, workerCommand: workerCommand.length > 0 ? workerCommand : undefined };
 }
+
+function temporalEnabled(env: Record<string, string | undefined>) {
+  return (env.TEMPORAL_ENABLED ?? "true").trim().toLowerCase() !== "false";
+}
+
+async function waitForTemporal(address: string) {
+  const { host, port } = parseTemporalAddress(address);
+  const deadline = Date.now() + 120_000;
+
+  while (Date.now() < deadline) {
+    const exitCode = await Bun.spawn(["nc", "-z", host, String(port)], {
+      stdin: "ignore",
+      stdout: "ignore",
+      stderr: "ignore",
+    }).exited;
+    if (exitCode === 0) {
+      return;
+    }
+    await Bun.sleep(2_000);
+  }
+
+  throw new Error(`Temporal did not become ready at ${host}:${port} within 120 seconds`);
+}
+
+function parseTemporalAddress(address: string) {
+  const trimmed = address.trim();
+  const withoutScheme = trimmed.includes("://") ? new URL(trimmed).host : trimmed;
+  const [host = "localhost", port = "7233"] = withoutScheme.split(":");
+  return {
+    host: host || "localhost",
+    port: Number(port || "7233"),
+  };
+}

package/templates/shared/scripts/local-docker.ts

@@ -1,6 +1,6 @@
 export async function ensureLocalPostgres() {
   await ensureDockerRunning();
-  await run(["docker", "compose", "up", "-d"], { label: "start local postgres" });
+  await run(["docker", "compose", "up", "-d"], { label: "start local services" });
 }
 
 async function ensureDockerRunning() {

package/templates/shared/service.jsonc

@@ -107,6 +107,7 @@
     "region": "{{REGION}}",
     "artifact_repository": "cloud-run",
     "service_account": "{{RUNTIME_SERVICE_ACCOUNT}}",
+    "worker_min_instances": 0,
     "required_apis": [
       "run.googleapis.com",
       "artifactregistry.googleapis.com",

package/templates/shared/service.yaml

@@ -15,6 +15,8 @@ spec:
         managed_by: create-service
         service_id: ${SERVICE_ID}
         service_role: ${SERVICE_ROLE}
+      annotations:
+        autoscaling.knative.dev/minScale: "${SERVICE_MIN_SCALE}"
     spec:
       serviceAccountName: ${RUNTIME_SERVICE_ACCOUNT}
       containers: