komplian 0.5.0 → 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -12,7 +12,7 @@ KOMPLIAN_DATABASE_URL_ADMIN_STAGING=
|
|
|
12
12
|
KOMPLIAN_DATABASE_URL_ADMIN_PRODUCTION=
|
|
13
13
|
|
|
14
14
|
# --- Web / pilot DB ---
|
|
15
|
-
KOMPLIAN_DATABASE_URL_WEB_DEVELOPMENT=
|
|
15
|
+
KOMPLIAN_DATABASE_URL_WEB_DEVELOPMENT=postgresql://neondb_owner:npg_1crYb3PaCjlf@ep-frosty-bird-agql4oq5-pooler.c-2.eu-central-1.aws.neon.tech/neondb?sslmode=require&channel_binding=require
|
|
16
16
|
KOMPLIAN_DATABASE_URL_WEB_STAGING=
|
|
17
17
|
KOMPLIAN_DATABASE_URL_WEB_PRODUCTION=
|
|
18
18
|
|
|
@@ -22,5 +22,7 @@ KOMPLIAN_DATABASE_URL_WEB_PRODUCTION=
|
|
|
22
22
|
# Operador para comprobar acceso a producción (alternativa: git config user.email).
|
|
23
23
|
# KOMPLIAN_DATABASE_OPERATOR_EMAIL=josue.santana@komplian.com
|
|
24
24
|
|
|
25
|
-
#
|
|
25
|
+
# Staging/producción: host debe ser Neon (*.neon.tech), salvo:
|
|
26
26
|
# KOMPLIAN_DATABASE_ALLOW_NON_NEON=1
|
|
27
|
+
# Development: Postgres local está permitido (mensaje informativo). Para exigir Neon también en dev:
|
|
28
|
+
# KOMPLIAN_DATABASE_REQUIRE_NEON_DEVELOPMENT=1
|
package/komplian-db.mjs
CHANGED
|
@@ -16,7 +16,8 @@
|
|
|
16
16
|
* Producción: solo emails @komplian.com en KOMPLIAN_DATABASE_PRODUCTION_ALLOWLIST
|
|
17
17
|
* (por defecto josue.santana@komplian.com). Operador: KOMPLIAN_DATABASE_OPERATOR_EMAIL o git config user.email.
|
|
18
18
|
*
|
|
19
|
-
* Neon:
|
|
19
|
+
* Neon: staging/producción exigen *.neon.tech (salvo KOMPLIAN_DATABASE_ALLOW_NON_NEON=1).
|
|
20
|
+
* Development: permite host no Neon (Postgres local); aviso en consola. Forzar Neon en dev: KOMPLIAN_DATABASE_REQUIRE_NEON_DEVELOPMENT=1
|
|
20
21
|
*/
|
|
21
22
|
|
|
22
23
|
import { spawn, spawnSync } from "node:child_process";
|
|
@@ -52,6 +53,29 @@ const ENVIRONMENTS = new Set(["development", "staging", "production"]);
|
|
|
52
53
|
/** Lista por defecto si no configuras KOMPLIAN_DATABASE_PRODUCTION_ALLOWLIST */
|
|
53
54
|
const DEFAULT_PRODUCTION_ALLOWLIST = ["josue.santana@komplian.com"];
|
|
54
55
|
|
|
56
|
+
/** Misma cadena que `komplian-localhost.mjs` cuando no hay URL real. */
|
|
57
|
+
const LOCALHOST_DB_PLACEHOLDER = "komplian_localhost_placeholder";
|
|
58
|
+
|
|
59
|
+
function assertNotPlaceholderDbUrl(url, platform, environment) {
|
|
60
|
+
if (!url.includes(LOCALHOST_DB_PLACEHOLDER)) return;
|
|
61
|
+
const key = platformToDbKey(platform);
|
|
62
|
+
log(
|
|
63
|
+
`${c.red}✗${c.reset} La URL es el ${c.bold}placeholder${c.reset} de \`komplian localhost\` (no apunta a una base de datos real).`
|
|
64
|
+
);
|
|
65
|
+
log(``);
|
|
66
|
+
log(` Pon una URL real en la raíz del monorepo, por ejemplo:`);
|
|
67
|
+
log(
|
|
68
|
+
` ${c.dim}KOMPLIAN_LOCALHOST_${key}_DATABASE_URL=postgresql://…${c.reset}`
|
|
69
|
+
);
|
|
70
|
+
log(
|
|
71
|
+
` o ${c.dim}KOMPLIAN_DATABASE_URL_${key}_${environment.toUpperCase()}=…${c.reset} en ${c.dim}KOMPLIAN_DATABASE_URLS.env${c.reset}`
|
|
72
|
+
);
|
|
73
|
+
log(
|
|
74
|
+
` (${c.dim}KOMPLIAN_LOCALHOST_SECRETS.env${c.reset} / ${c.dim}.komplian/${c.reset}…). Luego vuelve a ejecutar el comando.`
|
|
75
|
+
);
|
|
76
|
+
process.exit(1);
|
|
77
|
+
}
|
|
78
|
+
|
|
55
79
|
function parseEnvFile(content) {
|
|
56
80
|
const out = {};
|
|
57
81
|
for (const line of content.split(/\r?\n/)) {
|
|
@@ -170,17 +194,31 @@ function loadProductionAllowlist(workspaceRoot) {
|
|
|
170
194
|
return DEFAULT_PRODUCTION_ALLOWLIST.map((e) => e.toLowerCase());
|
|
171
195
|
}
|
|
172
196
|
|
|
173
|
-
function assertNeonHost(url) {
|
|
197
|
+
function assertNeonHost(url, environment) {
|
|
174
198
|
if (process.env.KOMPLIAN_DATABASE_ALLOW_NON_NEON === "1") return;
|
|
175
199
|
try {
|
|
176
200
|
const u = new URL(url);
|
|
177
201
|
const h = u.hostname.toLowerCase();
|
|
178
|
-
|
|
202
|
+
const isNeon = h.includes("neon.tech");
|
|
203
|
+
if (isNeon) return;
|
|
204
|
+
|
|
205
|
+
if (environment === "development") {
|
|
206
|
+
if (process.env.KOMPLIAN_DATABASE_REQUIRE_NEON_DEVELOPMENT === "1") {
|
|
207
|
+
log(
|
|
208
|
+
`${c.red}✗${c.reset} Development: host no Neon (${u.hostname}). Quita ${c.dim}KOMPLIAN_DATABASE_REQUIRE_NEON_DEVELOPMENT${c.reset} o usa URL *.neon.tech.`
|
|
209
|
+
);
|
|
210
|
+
process.exit(1);
|
|
211
|
+
}
|
|
179
212
|
log(
|
|
180
|
-
`${c.
|
|
213
|
+
`${c.dim}○${c.reset} Development: conexión no Neon (${u.hostname}). Staging/producción siguen exigiendo *.neon.tech.`
|
|
181
214
|
);
|
|
182
|
-
|
|
215
|
+
return;
|
|
183
216
|
}
|
|
217
|
+
|
|
218
|
+
log(
|
|
219
|
+
`${c.red}✗${c.reset} Solo hosts Neon (postgresql://*.neon.tech). Para excepciones: ${c.dim}KOMPLIAN_DATABASE_ALLOW_NON_NEON=1${c.reset}`
|
|
220
|
+
);
|
|
221
|
+
process.exit(1);
|
|
184
222
|
} catch {
|
|
185
223
|
log(`${c.red}✗${c.reset} URL de base de datos inválida.`);
|
|
186
224
|
process.exit(1);
|
|
@@ -342,6 +380,7 @@ function usageDb() {
|
|
|
342
380
|
log(` ${c.dim}KOMPLIAN_DATABASE_URL_APP_DEVELOPMENT${c.reset}`);
|
|
343
381
|
log(` ${c.dim}KOMPLIAN_DATABASE_URL_APP_STAGING / _PRODUCTION${c.reset} (idem ADMIN, WEB)`);
|
|
344
382
|
log(` Archivo opcional: ${c.dim}KOMPLIAN_DATABASE_URLS.env${c.reset} (gitignored)`);
|
|
383
|
+
log(` Neon: ${c.dim}staging/producción${c.reset} exigen host *.neon.tech; ${c.dim}development${c.reset} permite Postgres local (aviso).`);
|
|
345
384
|
log(``);
|
|
346
385
|
log(` Producción:`);
|
|
347
386
|
log(` ${c.dim}KOMPLIAN_DATABASE_OPERATOR_EMAIL${c.reset} o git user.email`);
|
|
@@ -410,7 +449,9 @@ export async function runDb(argv) {
|
|
|
410
449
|
process.exit(1);
|
|
411
450
|
}
|
|
412
451
|
|
|
413
|
-
|
|
452
|
+
assertNotPlaceholderDbUrl(url, opts.platform, opts.environment);
|
|
453
|
+
|
|
454
|
+
assertNeonHost(url, opts.environment);
|
|
414
455
|
|
|
415
456
|
const psql = findPsqlBinary();
|
|
416
457
|
if (!psql) {
|