hostfn 0.1.0

package/packages/cli/src/__tests__/core/lock.test.ts

@@ -0,0 +1,173 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { LockManager } from '../../core/lock.js';
+
+// Mock SSH connection
+const mockSSH = {
+  exec: vi.fn(),
+  exists: vi.fn(),
+  mkdir: vi.fn(),
+  upload: vi.fn(),
+  download: vi.fn(),
+  disconnect: vi.fn(),
+};
+
+// Mock Logger to prevent console output
+vi.mock('../../utils/logger.js', () => ({
+  Logger: {
+    error: vi.fn(),
+    warn: vi.fn(),
+    info: vi.fn(),
+    log: vi.fn(),
+    br: vi.fn(),
+  },
+}));
+
+describe('LockManager', () => {
+  let lockManager: LockManager;
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+    lockManager = new LockManager(mockSSH as any, '/var/www/myapp');
+  });
+
+  describe('acquire', () => {
+    it('should acquire lock when no lock exists', async () => {
+      mockSSH.exists.mockResolvedValue(false);
+      mockSSH.exec.mockResolvedValue({ stdout: '', stderr: '', exitCode: 0 });
+      
+      const acquired = await lockManager.acquire();
+      
+      expect(acquired).toBe(true);
+      expect(mockSSH.exec).toHaveBeenCalledWith(
+        expect.stringContaining('.hostfn-deploy.lock')
+      );
+    });
+
+    it('should fail when valid lock exists', async () => {
+      const recentLock = {
+        pid: 12345,
+        user: 'developer',
+        timestamp: Date.now() - 60000, // 1 minute ago
+        hostname: 'laptop',
+      };
+
+      mockSSH.exists.mockResolvedValue(true);
+      mockSSH.exec.mockResolvedValue({ 
+        stdout: JSON.stringify(recentLock), 
+        stderr: '', 
+        exitCode: 0 
+      });
+      
+      const acquired = await lockManager.acquire();
+      
+      expect(acquired).toBe(false);
+    });
+
+    it('should acquire lock when stale lock exists', async () => {
+      const staleLock = {
+        pid: 12345,
+        user: 'developer',
+        timestamp: Date.now() - 400000, // 6+ minutes ago (stale)
+        hostname: 'laptop',
+      };
+
+      mockSSH.exists.mockResolvedValue(true);
+      mockSSH.exec
+        .mockResolvedValueOnce({ 
+          stdout: JSON.stringify(staleLock), 
+          stderr: '', 
+          exitCode: 0 
+        })
+        .mockResolvedValueOnce({ stdout: '', stderr: '', exitCode: 0 }) // release
+        .mockResolvedValueOnce({ stdout: '', stderr: '', exitCode: 0 }); // acquire
+      
+      const acquired = await lockManager.acquire();
+      
+      expect(acquired).toBe(true);
+    });
+
+    it('should acquire lock when invalid lock file exists', async () => {
+      mockSSH.exists.mockResolvedValue(true);
+      mockSSH.exec
+        .mockResolvedValueOnce({ 
+          stdout: 'invalid json', 
+          stderr: '', 
+          exitCode: 0 
+        })
+        .mockResolvedValueOnce({ stdout: '', stderr: '', exitCode: 0 }) // release
+        .mockResolvedValueOnce({ stdout: '', stderr: '', exitCode: 0 }); // acquire
+      
+      const acquired = await lockManager.acquire();
+      
+      expect(acquired).toBe(true);
+    });
+  });
+
+  describe('release', () => {
+    it('should remove lock file', async () => {
+      mockSSH.exec.mockResolvedValue({ stdout: '', stderr: '', exitCode: 0 });
+      
+      await lockManager.release();
+      
+      expect(mockSSH.exec).toHaveBeenCalledWith(
+        expect.stringContaining('rm -f')
+      );
+    });
+
+    it('should not throw on release error', async () => {
+      mockSSH.exec.mockRejectedValue(new Error('File not found'));
+      
+      await expect(lockManager.release()).resolves.not.toThrow();
+    });
+  });
+
+  describe('isLocked', () => {
+    it('should return false when no lock exists', async () => {
+      mockSSH.exists.mockResolvedValue(false);
+      
+      const locked = await lockManager.isLocked();
+      
+      expect(locked).toBe(false);
+    });
+
+    it('should return true when valid lock exists', async () => {
+      const recentLock = {
+        pid: 12345,
+        user: 'developer',
+        timestamp: Date.now() - 60000, // 1 minute ago
+        hostname: 'laptop',
+      };
+
+      mockSSH.exists.mockResolvedValue(true);
+      mockSSH.exec.mockResolvedValue({ 
+        stdout: JSON.stringify(recentLock), 
+        stderr: '', 
+        exitCode: 0 
+      });
+      
+      const locked = await lockManager.isLocked();
+      
+      expect(locked).toBe(true);
+    });
+
+    it('should return false when stale lock exists', async () => {
+      const staleLock = {
+        pid: 12345,
+        user: 'developer',
+        timestamp: Date.now() - 400000, // 6+ minutes ago (stale)
+        hostname: 'laptop',
+      };
+
+      mockSSH.exists.mockResolvedValue(true);
+      mockSSH.exec.mockResolvedValue({ 
+        stdout: JSON.stringify(staleLock), 
+        stderr: '', 
+        exitCode: 0 
+      });
+      
+      const locked = await lockManager.isLocked();
+      
+      expect(locked).toBe(false);
+    });
+  });
+});

package/packages/cli/src/__tests__/core/nginx-multi-domain.test.ts

@@ -0,0 +1,176 @@
+import { describe, it, expect } from 'vitest';
+import { NginxConfigGenerator } from '../../core/nginx.js';
+
+describe('NginxConfigGenerator - Multi-Domain Support', () => {
+  describe('generate with single domain (backward compatibility)', () => {
+    it('should generate config with single domain string', () => {
+      const config = NginxConfigGenerator.generate({
+        domain: 'example.com',
+        ssl: false,
+        services: [
+          {
+            name: 'test-app',
+            port: 3000,
+            isDefault: true,
+          },
+        ],
+        environment: 'production',
+      });
+
+      expect(config).toContain('server_name example.com;');
+      expect(config).toContain('proxy_pass http://localhost:3000;');
+    });
+
+    it('should generate SSL config with single domain', () => {
+      const config = NginxConfigGenerator.generate({
+        domain: 'example.com',
+        ssl: true,
+        services: [
+          {
+            name: 'test-app',
+            port: 3000,
+            isDefault: true,
+          },
+        ],
+        environment: 'production',
+      });
+
+      expect(config).toContain('server_name example.com;');
+      expect(config).toContain('listen 443 ssl http2;');
+      expect(config).toContain('ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;');
+      expect(config).toContain('ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;');
+    });
+  });
+
+  describe('generate with multiple domains', () => {
+    it('should generate config with multiple domains in server_name', () => {
+      const config = NginxConfigGenerator.generate({
+        domain: ['example.com', 'www.example.com', 'app.example.com'],
+        ssl: false,
+        services: [
+          {
+            name: 'test-app',
+            port: 3000,
+            isDefault: true,
+          },
+        ],
+        environment: 'production',
+      });
+
+      expect(config).toContain('server_name example.com www.example.com app.example.com;');
+      expect(config).toContain('proxy_pass http://localhost:3000;');
+    });
+
+    it('should use primary domain for SSL certificate paths', () => {
+      const config = NginxConfigGenerator.generate({
+        domain: ['example.com', 'www.example.com', 'api.example.com'],
+        ssl: true,
+        services: [
+          {
+            name: 'test-app',
+            port: 3000,
+            isDefault: true,
+          },
+        ],
+        environment: 'production',
+      });
+
+      // Should have all domains in server_name
+      expect(config).toContain('server_name example.com www.example.com api.example.com;');
+      
+      // Should use first domain (primary) for certificate paths
+      expect(config).toContain('ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;');
+      expect(config).toContain('ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;');
+      
+      // Should NOT use other domains for cert paths
+      expect(config).not.toContain('ssl_certificate /etc/letsencrypt/live/www.example.com/');
+      expect(config).not.toContain('ssl_certificate /etc/letsencrypt/live/api.example.com/');
+    });
+
+    it('should generate HTTP redirect block for all domains', () => {
+      const config = NginxConfigGenerator.generate({
+        domain: ['example.com', 'www.example.com'],
+        ssl: true,
+        services: [
+          {
+            name: 'test-app',
+            port: 3000,
+            isDefault: true,
+          },
+        ],
+        environment: 'production',
+      });
+
+      // Should have redirect block
+      expect(config).toContain('return 301 https://$host$request_uri;');
+      
+      // Should have two server blocks (HTTPS + redirect)
+      const serverBlocks = config.match(/server \{/g);
+      expect(serverBlocks).toHaveLength(2);
+    });
+  });
+
+  describe('generate without domain', () => {
+    it('should use catch-all server_name when no domain provided', () => {
+      const config = NginxConfigGenerator.generate({
+        ssl: false,
+        services: [
+          {
+            name: 'test-app',
+            port: 3000,
+            isDefault: true,
+          },
+        ],
+        environment: 'production',
+      });
+
+      expect(config).toContain('server_name _;');
+    });
+
+    it('should use catch-all server_name with empty array', () => {
+      const config = NginxConfigGenerator.generate({
+        domain: [],
+        ssl: false,
+        services: [
+          {
+            name: 'test-app',
+            port: 3000,
+            isDefault: true,
+          },
+        ],
+        environment: 'production',
+      });
+
+      expect(config).toContain('server_name _;');
+    });
+  });
+
+  describe('generate with multiple services and multiple domains', () => {
+    it('should handle path-based routing with multiple domains', () => {
+      const config = NginxConfigGenerator.generate({
+        domain: ['example.com', 'www.example.com'],
+        ssl: false,
+        services: [
+          {
+            name: 'api-service',
+            port: 3001,
+            exposePath: '/api',
+            isDefault: false,
+          },
+          {
+            name: 'web-service',
+            port: 3000,
+            isDefault: true,
+          },
+        ],
+        environment: 'production',
+      });
+
+      expect(config).toContain('server_name example.com www.example.com;');
+      expect(config).toContain('location /api {');
+      expect(config).toContain('proxy_pass http://localhost:3001;');
+      expect(config).toContain('location / {');
+      expect(config).toContain('proxy_pass http://localhost:3000;');
+    });
+  });
+});

package/packages/cli/src/__tests__/runtimes/pm2.test.ts

@@ -0,0 +1,130 @@
+import { describe, it, expect } from 'vitest';
+import { PM2Manager } from '../../runtimes/nodejs/pm2.js';
+import { RuntimeConfig } from '../../runtimes/base.js';
+
+describe('PM2Manager', () => {
+  const pm2Manager = new PM2Manager();
+
+  describe('generateEcosystemConfig', () => {
+    it('should generate valid ecosystem config with env_file', () => {
+      const config: RuntimeConfig = {
+        name: 'test-app',
+        runtime: 'nodejs',
+        version: '18',
+        start: {
+          command: 'npm start',
+          entry: 'dist/index.js',
+        },
+        port: 3000,
+      };
+
+      const result = pm2Manager.generateEcosystemConfig(config, 'production');
+
+      expect(result).toContain("name: 'test-app-production'");
+      expect(result).toContain("script: 'dist/index.js'");
+      expect(result).toContain("env_file: '.env'");
+      expect(result).toContain("NODE_ENV: 'production'");
+      expect(result).toContain('PORT: 3000');
+      expect(result).toContain("instances: 'max'");
+      expect(result).toContain("exec_mode: 'cluster'");
+    });
+
+    it('should use default entry if not specified', () => {
+      const config: RuntimeConfig = {
+        name: 'test-app',
+        runtime: 'nodejs',
+        version: '18',
+        start: {
+          command: 'npm start',
+        },
+        port: 3000,
+      };
+
+      const result = pm2Manager.generateEcosystemConfig(config, 'staging');
+
+      expect(result).toContain("script: 'dist/index.js'");
+      expect(result).toContain("name: 'test-app-staging'");
+    });
+
+    it('should include error and output log paths', () => {
+      const config: RuntimeConfig = {
+        name: 'test-app',
+        runtime: 'nodejs',
+        version: '18',
+        start: {
+          command: 'npm start',
+          entry: 'dist/server.js',
+        },
+        port: 8080,
+      };
+
+      const result = pm2Manager.generateEcosystemConfig(config, 'dev');
+
+      expect(result).toContain("error_file: './logs/err.log'");
+      expect(result).toContain("out_file: './logs/out.log'");
+    });
+
+    it('should include auto-restart and memory limits', () => {
+      const config: RuntimeConfig = {
+        name: 'test-app',
+        runtime: 'nodejs',
+        version: '18',
+        start: {
+          command: 'npm start',
+        },
+        port: 3000,
+      };
+
+      const result = pm2Manager.generateEcosystemConfig(config, 'production');
+
+      expect(result).toContain('autorestart: true');
+      expect(result).toContain('max_restarts: 10');
+      expect(result).toContain("min_uptime: '10s'");
+      expect(result).toContain("max_memory_restart: '1G'");
+    });
+  });
+
+  describe('generateReloadCommand', () => {
+    it('should generate reload command with update-env flag', () => {
+      const result = pm2Manager.generateReloadCommand('my-app-production');
+      expect(result).toBe('pm2 reload my-app-production --update-env');
+    });
+  });
+
+  describe('generateStartCommand', () => {
+    it('should generate start command', () => {
+      const config: RuntimeConfig = {
+        name: 'test-app',
+        runtime: 'nodejs',
+        version: '18',
+        start: {
+          command: 'npm start',
+          entry: 'dist/index.js',
+        },
+        port: 3000,
+      };
+
+      const result = pm2Manager.generateStartCommand(config, 'production');
+      expect(result).toBe('pm2 start dist/index.js --name test-app-production -i max --env production');
+    });
+  });
+
+  describe('generateStopCommand', () => {
+    it('should generate stop command', () => {
+      const result = pm2Manager.generateStopCommand('my-app-production');
+      expect(result).toBe('pm2 stop my-app-production');
+    });
+  });
+
+  describe('generateLogsCommand', () => {
+    it('should generate logs command with default lines', () => {
+      const result = pm2Manager.generateLogsCommand('my-app-production');
+      expect(result).toBe('pm2 logs my-app-production --lines 100');
+    });
+
+    it('should generate logs command with custom lines', () => {
+      const result = pm2Manager.generateLogsCommand('my-app-production', 500);
+      expect(result).toBe('pm2 logs my-app-production --lines 500');
+    });
+  });
+});

package/packages/cli/src/__tests__/utils/validation.test.ts

@@ -0,0 +1,164 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import {
+  validateSSHConnection,
+  validateHttpUrl,
+  validateEnvironmentName,
+  validatePort,
+  validateNodeVersion,
+  validateAppName,
+  validateRemotePath,
+} from '../../utils/validation.js';
+
+// Mock Logger to prevent console output during tests
+vi.mock('../../utils/logger.js', () => ({
+  Logger: {
+    error: vi.fn(),
+    warn: vi.fn(),
+    info: vi.fn(),
+    log: vi.fn(),
+  },
+}));
+
+describe('Validation Utilities', () => {
+  describe('validateSSHConnection', () => {
+    it('should accept valid SSH connection strings', () => {
+      expect(validateSSHConnection('user@host')).toBe(true);
+      expect(validateSSHConnection('ubuntu@123.45.67.89')).toBe(true);
+      expect(validateSSHConnection('user@server.com')).toBe(true);
+      expect(validateSSHConnection('user@host:2222')).toBe(true);
+    });
+
+    it('should reject invalid SSH connection strings', () => {
+      expect(validateSSHConnection('invalid')).toBe(false);
+      expect(validateSSHConnection('user')).toBe(false);
+      expect(validateSSHConnection('@host')).toBe(false);
+      expect(validateSSHConnection('user@')).toBe(false);
+      expect(validateSSHConnection('user@host:abc')).toBe(false);
+    });
+  });
+
+  describe('validateHttpUrl', () => {
+    it('should accept valid HTTP/HTTPS URLs', () => {
+      expect(validateHttpUrl('http://localhost:3000')).toBe(true);
+      expect(validateHttpUrl('https://example.com')).toBe(true);
+      expect(validateHttpUrl('http://123.45.67.89:8080/health')).toBe(true);
+    });
+
+    it('should reject invalid URLs', () => {
+      expect(validateHttpUrl('ftp://example.com')).toBe(false);
+      expect(validateHttpUrl('not-a-url')).toBe(false);
+      expect(validateHttpUrl('example.com')).toBe(false);
+    });
+  });
+
+  describe('validateEnvironmentName', () => {
+    it('should accept valid environment names', () => {
+      expect(validateEnvironmentName('production')).toBe(true);
+      expect(validateEnvironmentName('staging')).toBe(true);
+      expect(validateEnvironmentName('dev')).toBe(true);
+      expect(validateEnvironmentName('prod-eu')).toBe(true);
+      expect(validateEnvironmentName('test_env')).toBe(true);
+      expect(validateEnvironmentName('env123')).toBe(true);
+    });
+
+    it('should reject invalid environment names', () => {
+      expect(validateEnvironmentName('prod space')).toBe(false);
+      expect(validateEnvironmentName('prod@env')).toBe(false);
+      expect(validateEnvironmentName('prod.env')).toBe(false);
+      expect(validateEnvironmentName('prod/env')).toBe(false);
+    });
+  });
+
+  describe('validatePort', () => {
+    it('should accept valid port numbers', () => {
+      expect(validatePort(3000)).toBe(true);
+      expect(validatePort(8080)).toBe(true);
+      expect(validatePort(65535)).toBe(true);
+    });
+
+    it('should warn about privileged ports', () => {
+      expect(validatePort(80)).toBe(true);
+      expect(validatePort(443)).toBe(true);
+      expect(validatePort(22)).toBe(true);
+    });
+
+    it('should reject invalid port numbers', () => {
+      expect(validatePort(0)).toBe(false);
+      expect(validatePort(-1)).toBe(false);
+      expect(validatePort(65536)).toBe(false);
+      expect(validatePort(99999)).toBe(false);
+    });
+  });
+
+  describe('validateNodeVersion', () => {
+    it('should accept valid Node.js versions', () => {
+      expect(validateNodeVersion('18')).toBe(true);
+      expect(validateNodeVersion('18.19')).toBe(true);
+      expect(validateNodeVersion('18.19.0')).toBe(true);
+      expect(validateNodeVersion('20')).toBe(true);
+    });
+
+    it('should warn about old versions', () => {
+      expect(validateNodeVersion('12')).toBe(true);
+      expect(validateNodeVersion('10.0.0')).toBe(true);
+    });
+
+    it('should reject invalid version formats', () => {
+      expect(validateNodeVersion('v18')).toBe(false);
+      expect(validateNodeVersion('18.x')).toBe(false);
+      expect(validateNodeVersion('latest')).toBe(false);
+      expect(validateNodeVersion('18.19.0.1')).toBe(false);
+    });
+  });
+
+  describe('validateAppName', () => {
+    it('should accept valid application names', () => {
+      expect(validateAppName('my-app')).toBe(true);
+      expect(validateAppName('api_server')).toBe(true);
+      expect(validateAppName('webapp123')).toBe(true);
+      expect(validateAppName('MyApp')).toBe(true);
+    });
+
+    it('should reject too short names', () => {
+      expect(validateAppName('a')).toBe(false);
+      expect(validateAppName('')).toBe(false);
+    });
+
+    it('should reject too long names', () => {
+      expect(validateAppName('a'.repeat(51))).toBe(false);
+    });
+
+    it('should reject invalid characters', () => {
+      expect(validateAppName('my app')).toBe(false);
+      expect(validateAppName('my@app')).toBe(false);
+      expect(validateAppName('my.app')).toBe(false);
+    });
+  });
+
+  describe('validateRemotePath', () => {
+    it('should accept valid remote paths', () => {
+      expect(validateRemotePath('/var/www/my-app')).toBe(true);
+      expect(validateRemotePath('/opt/apps/webapp')).toBe(true);
+      expect(validateRemotePath('/home/user/app')).toBe(true);
+    });
+
+    it('should reject relative paths', () => {
+      expect(validateRemotePath('var/www/app')).toBe(false);
+      expect(validateRemotePath('./app')).toBe(false);
+      expect(validateRemotePath('../app')).toBe(false);
+    });
+
+    it('should reject paths with .. traversal', () => {
+      expect(validateRemotePath('/var/www/../app')).toBe(false);
+    });
+
+    it('should reject dangerous system paths', () => {
+      expect(validateRemotePath('/')).toBe(false);
+      expect(validateRemotePath('/etc')).toBe(false);
+      expect(validateRemotePath('/bin')).toBe(false);
+      expect(validateRemotePath('/usr')).toBe(false);
+      expect(validateRemotePath('/root')).toBe(false);
+      expect(validateRemotePath('/home')).toBe(false);
+    });
+  });
+});