genbox 1.0.2 → 1.0.4

package/dist/scanner/env-analyzer.js

@@ -0,0 +1,503 @@
+"use strict";
+/**
+ * Environment Variable Analyzer
+ *
+ * Analyzes environment variables from multiple sources:
+ * - .env files
+ * - docker-compose files
+ * - Source code references
+ * - Framework configs
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EnvAnalyzer = void 0;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+// Patterns for detecting variable types
+const ENV_TYPE_PATTERNS = [
+    // Database URIs
+    [/^(DATABASE|MONGO|POSTGRES|MYSQL|REDIS|RABBIT).*_URI$/i, 'database_uri'],
+    [/^(DATABASE|MONGO|POSTGRES|MYSQL|REDIS|RABBIT).*_URL$/i, 'database_uri'],
+    [/^(MONGODB|POSTGRESQL|MYSQL)_/i, 'database_uri'],
+    // Secrets/Keys
+    [/_SECRET$/i, 'secret'],
+    [/_KEY$/i, 'secret'],
+    [/_TOKEN$/i, 'secret'],
+    [/_PASSWORD$/i, 'secret'],
+    [/_PRIVATE/i, 'secret'],
+    [/^SECRET_/i, 'secret'],
+    [/^API_KEY$/i, 'api_key'],
+    [/_API_KEY$/i, 'api_key'],
+    // URLs
+    [/_URL$/i, 'url'],
+    [/_URI$/i, 'url'],
+    [/_ENDPOINT$/i, 'url'],
+    [/^(HTTPS?|WS):\/\//i, 'url'],
+    // Booleans
+    [/^(ENABLE|DISABLE|DEBUG|VERBOSE|IS_|HAS_|USE_|ALLOW_)/i, 'boolean'],
+    // Numbers
+    [/_PORT$/i, 'number'],
+    [/_COUNT$/i, 'number'],
+    [/_SIZE$/i, 'number'],
+    [/_TIMEOUT$/i, 'number'],
+    [/_LIMIT$/i, 'number'],
+    [/_MAX$/i, 'number'],
+    [/_MIN$/i, 'number'],
+    // Paths
+    [/_PATH$/i, 'path'],
+    [/_DIR$/i, 'path'],
+    [/_FILE$/i, 'path'],
+];
+// Known secret variable names
+const SECRET_PATTERNS = [
+    /PASSWORD/i,
+    /SECRET/i,
+    /TOKEN/i,
+    /API_KEY/i,
+    /PRIVATE/i,
+    /CREDENTIAL/i,
+    /^AWS_/i,
+    /^GIT_TOKEN$/i,
+    /^GITHUB_TOKEN$/i,
+    /^NPM_TOKEN$/i,
+];
+// Variables that are typically required
+const REQUIRED_PATTERNS = [
+    /^DATABASE/i,
+    /^MONGO/i,
+    /^POSTGRES/i,
+    /^MYSQL/i,
+    /^REDIS/i,
+    /^JWT_SECRET$/i,
+    /^NODE_ENV$/i,
+    /^PORT$/i,
+];
+class EnvAnalyzer {
+    /**
+     * Analyze environment variables from all sources
+     */
+    async analyze(root, apps, compose) {
+        const allVariables = [];
+        const sources = [];
+        const references = [];
+        // 1. Extract from .env files
+        const envFiles = [
+            '.env.example',
+            '.env.sample',
+            '.env.template',
+            '.env.local',
+            '.env.development',
+            '.env',
+        ];
+        for (const envFile of envFiles) {
+            const filePath = path.join(root, envFile);
+            if (fs.existsSync(filePath)) {
+                const vars = this.parseEnvFile(filePath, envFile);
+                allVariables.push(...vars);
+                sources.push(envFile);
+            }
+        }
+        // 2. Extract from docker-compose
+        if (compose) {
+            for (const service of [...compose.applications, ...compose.databases, ...compose.caches, ...compose.queues]) {
+                // From environment section
+                for (const [name, value] of Object.entries(service.environment)) {
+                    allVariables.push({
+                        name,
+                        value: value || undefined,
+                        type: this.inferType(name, value),
+                        source: `docker-compose (${service.name})`,
+                        usedBy: [service.name],
+                    });
+                }
+                // From env_file references
+                if (service.envFile) {
+                    for (const envFile of service.envFile) {
+                        const filePath = path.join(root, envFile);
+                        if (fs.existsSync(filePath)) {
+                            const vars = this.parseEnvFile(filePath, envFile);
+                            for (const v of vars) {
+                                v.usedBy = [service.name];
+                            }
+                            allVariables.push(...vars);
+                            if (!sources.includes(envFile)) {
+                                sources.push(envFile);
+                            }
+                        }
+                    }
+                }
+            }
+        }
+        // 3. Extract from source code references
+        const codeRefs = await this.extractFromCode(root, apps);
+        references.push(...codeRefs);
+        // Add referenced variables that weren't found in env files
+        for (const ref of codeRefs) {
+            const exists = allVariables.some(v => v.name === ref.variable);
+            if (!exists) {
+                allVariables.push({
+                    name: ref.variable,
+                    type: this.inferType(ref.variable),
+                    source: 'code reference',
+                    usedBy: ref.service ? [ref.service] : [],
+                });
+            }
+        }
+        // 4. Deduplicate and merge
+        const merged = this.mergeVariables(allVariables);
+        // 5. Categorize
+        const required = merged.filter(v => this.isRequired(v) && !this.isSecret(v.name));
+        const secrets = merged.filter(v => this.isSecret(v.name));
+        const optional = merged.filter(v => !this.isRequired(v) && !this.isSecret(v.name));
+        return {
+            required,
+            optional,
+            secrets,
+            references,
+            sources,
+        };
+    }
+    parseEnvFile(filePath, source) {
+        const variables = [];
+        const content = fs.readFileSync(filePath, 'utf8');
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i].trim();
+            // Skip comments and empty lines
+            if (!line || line.startsWith('#'))
+                continue;
+            // Parse KEY=value
+            const match = line.match(/^([A-Za-z_][A-Za-z0-9_]*)\s*=\s*(.*)$/);
+            if (match) {
+                const [, name, rawValue] = match;
+                let value = rawValue;
+                // Remove quotes if present
+                if ((value.startsWith('"') && value.endsWith('"')) ||
+                    (value.startsWith("'") && value.endsWith("'"))) {
+                    value = value.slice(1, -1);
+                }
+                // Handle empty/placeholder values
+                const isPlaceholder = !value ||
+                    value.includes('your-') ||
+                    value.includes('change-me') ||
+                    value.includes('xxx') ||
+                    value === '""' ||
+                    value === "''";
+                variables.push({
+                    name,
+                    value: isPlaceholder ? undefined : value,
+                    type: this.inferType(name, value),
+                    source,
+                    usedBy: [],
+                });
+            }
+        }
+        return variables;
+    }
+    async extractFromCode(root, apps) {
+        const references = [];
+        // Patterns to search for env variable usage
+        const patterns = [
+            [/process\.env\.([A-Z_][A-Z0-9_]*)/g, 'node'],
+            [/process\.env\[['"]([A-Z_][A-Z0-9_]*)['"]\]/g, 'node'],
+            [/Bun\.env\.([A-Z_][A-Z0-9_]*)/g, 'node'],
+            [/import\.meta\.env\.([A-Z_][A-Z0-9_]*)/g, 'node'],
+            [/os\.environ\[['"]([A-Z_][A-Z0-9_]*)['"]\]/g, 'python'],
+            [/os\.getenv\(['"]([A-Z_][A-Z0-9_]*)['"]\)/g, 'python'],
+            [/os\.Getenv\(['"]([A-Z_][A-Z0-9_]*)['"]\)/g, 'go'],
+            [/ENV\[['"]([A-Z_][A-Z0-9_]*)['"]\]/g, 'ruby'],
+            [/std::env::var\(['"]([A-Z_][A-Z0-9_]*)['"]\)/g, 'rust'],
+        ];
+        // File extensions to search
+        const extensions = {
+            node: ['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs'],
+            python: ['.py'],
+            go: ['.go'],
+            ruby: ['.rb'],
+            rust: ['.rs'],
+        };
+        // Search in app directories
+        const searchDirs = apps.length > 0
+            ? apps.map(a => path.join(root, a.path))
+            : [root];
+        for (const dir of searchDirs) {
+            const appName = apps.find(a => path.join(root, a.path) === dir)?.name;
+            try {
+                await this.searchDirectory(dir, (filePath, content) => {
+                    for (const [pattern, lang] of patterns) {
+                        const fileExt = path.extname(filePath);
+                        if (!extensions[lang]?.includes(fileExt)) {
+                            continue;
+                        }
+                        let match;
+                        while ((match = pattern.exec(content)) !== null) {
+                            const varName = match[1];
+                            // Skip common non-env variables
+                            if (['NODE', 'VITE', 'NEXT', 'REACT'].includes(varName)) {
+                                continue;
+                            }
+                            references.push({
+                                variable: varName,
+                                file: path.relative(root, filePath),
+                                service: appName,
+                            });
+                        }
+                    }
+                });
+            }
+            catch {
+                // Directory doesn't exist or can't be read
+            }
+        }
+        // Deduplicate references
+        const seen = new Set();
+        return references.filter(ref => {
+            const key = `${ref.variable}:${ref.service || ''}`;
+            if (seen.has(key))
+                return false;
+            seen.add(key);
+            return true;
+        });
+    }
+    async searchDirectory(dir, callback) {
+        const ignoreDirs = ['node_modules', '.git', 'dist', 'build', '.next', '.venv', 'vendor', '__pycache__'];
+        const entries = fs.readdirSync(dir, { withFileTypes: true });
+        for (const entry of entries) {
+            const fullPath = path.join(dir, entry.name);
+            if (entry.isDirectory()) {
+                if (!ignoreDirs.includes(entry.name)) {
+                    await this.searchDirectory(fullPath, callback);
+                }
+            }
+            else if (entry.isFile()) {
+                // Skip large files
+                try {
+                    const stats = fs.statSync(fullPath);
+                    if (stats.size > 1024 * 1024)
+                        continue; // Skip files > 1MB
+                    const content = fs.readFileSync(fullPath, 'utf8');
+                    callback(fullPath, content);
+                }
+                catch {
+                    // Can't read file
+                }
+            }
+        }
+    }
+    inferType(name, value) {
+        // Check patterns based on name
+        for (const [pattern, type] of ENV_TYPE_PATTERNS) {
+            if (pattern.test(name)) {
+                return type;
+            }
+        }
+        // Check value format
+        if (value) {
+            if (/^(true|false)$/i.test(value))
+                return 'boolean';
+            if (/^\d+$/.test(value))
+                return 'number';
+            if (/^https?:\/\//.test(value))
+                return 'url';
+            if (/^mongodb(\+srv)?:\/\//.test(value))
+                return 'database_uri';
+            if (/^postgres(ql)?:\/\//.test(value))
+                return 'database_uri';
+            if (/^mysql:\/\//.test(value))
+                return 'database_uri';
+            if (/^redis:\/\//.test(value))
+                return 'database_uri';
+            if (/^amqp:\/\//.test(value))
+                return 'database_uri';
+            if (value.startsWith('/') || value.startsWith('./'))
+                return 'path';
+        }
+        return 'string';
+    }
+    isSecret(name) {
+        return SECRET_PATTERNS.some(p => p.test(name));
+    }
+    isRequired(variable) {
+        // Check if it matches required patterns
+        if (REQUIRED_PATTERNS.some(p => p.test(variable.name))) {
+            return true;
+        }
+        // If it's used by multiple services, it's likely required
+        if (variable.usedBy.length > 1) {
+            return true;
+        }
+        // If it's a database URI or similar, it's required
+        if (variable.type === 'database_uri') {
+            return true;
+        }
+        return false;
+    }
+    mergeVariables(variables) {
+        const merged = new Map();
+        for (const variable of variables) {
+            const existing = merged.get(variable.name);
+            if (existing) {
+                // Merge usedBy
+                for (const service of variable.usedBy) {
+                    if (!existing.usedBy.includes(service)) {
+                        existing.usedBy.push(service);
+                    }
+                }
+                // Keep value if we found one
+                if (!existing.value && variable.value) {
+                    existing.value = variable.value;
+                }
+                // Keep more specific type
+                if (existing.type === 'string' && variable.type !== 'string') {
+                    existing.type = variable.type;
+                }
+            }
+            else {
+                merged.set(variable.name, { ...variable });
+            }
+        }
+        return Array.from(merged.values());
+    }
+    /**
+     * Generate an environment template from analysis
+     */
+    generateTemplate(analysis) {
+        const lines = [
+            '# Genbox Environment Configuration',
+            '# Generated by genbox init',
+            '#',
+            '# IMPORTANT: Update values before deploying',
+            '',
+        ];
+        // Group by service
+        const serviceGroups = new Map();
+        const globalVars = [];
+        for (const variable of [...analysis.required, ...analysis.optional, ...analysis.secrets]) {
+            if (variable.usedBy.length === 0 || variable.usedBy.length > 1) {
+                globalVars.push(variable);
+            }
+            else {
+                const service = variable.usedBy[0];
+                const group = serviceGroups.get(service) || [];
+                group.push(variable);
+                serviceGroups.set(service, group);
+            }
+        }
+        // Global section
+        if (globalVars.length > 0) {
+            lines.push('# === Global Configuration ===');
+            lines.push('');
+            for (const v of globalVars) {
+                lines.push(this.formatEnvLine(v));
+            }
+            lines.push('');
+        }
+        // Service sections
+        for (const [service, vars] of serviceGroups) {
+            lines.push(`# === ${service.toUpperCase()} ===`);
+            lines.push('');
+            for (const v of vars) {
+                lines.push(this.formatEnvLine(v));
+            }
+            lines.push('');
+        }
+        // Secrets section
+        const secretVars = analysis.secrets.filter(v => !globalVars.includes(v) && !Array.from(serviceGroups.values()).flat().includes(v));
+        if (secretVars.length > 0) {
+            lines.push('# === SECRETS (DO NOT COMMIT) ===');
+            lines.push('');
+            for (const v of secretVars) {
+                lines.push(this.formatEnvLine(v));
+            }
+            lines.push('');
+        }
+        return lines.join('\n');
+    }
+    formatEnvLine(variable) {
+        let value = variable.value || this.generateDefaultValue(variable);
+        // Add comment for required/sensitive
+        let comment = '';
+        if (this.isSecret(variable.name)) {
+            comment = ' # SENSITIVE';
+        }
+        else if (this.isRequired(variable)) {
+            comment = ' # Required';
+        }
+        // Quote if necessary
+        if (value.includes(' ') || value.includes('#')) {
+            value = `"${value}"`;
+        }
+        return `${variable.name}=${value}${comment}`;
+    }
+    generateDefaultValue(variable) {
+        switch (variable.type) {
+            case 'database_uri':
+                if (variable.name.includes('MONGO')) {
+                    return 'mongodb://localhost:27017/myapp';
+                }
+                if (variable.name.includes('POSTGRES')) {
+                    return 'postgresql://localhost:5432/myapp';
+                }
+                if (variable.name.includes('MYSQL')) {
+                    return 'mysql://localhost:3306/myapp';
+                }
+                if (variable.name.includes('REDIS')) {
+                    return 'redis://localhost:6379';
+                }
+                if (variable.name.includes('RABBIT')) {
+                    return 'amqp://localhost:5672';
+                }
+                return 'your-database-uri-here';
+            case 'url':
+                return 'http://localhost:3000';
+            case 'secret':
+            case 'api_key':
+                return 'your-secret-key-here';
+            case 'boolean':
+                return 'false';
+            case 'number':
+                if (variable.name.includes('PORT'))
+                    return '3000';
+                if (variable.name.includes('TIMEOUT'))
+                    return '30000';
+                return '0';
+            case 'path':
+                return './';
+            default:
+                return '';
+        }
+    }
+}
+exports.EnvAnalyzer = EnvAnalyzer;