lakebed 0.0.1 → 0.0.3-alpha.0

package/README.md

@@ -61,7 +61,7 @@ export default capsule({
 lakebed new <name> [--template todo]
 lakebed dev <capsule-dir> [--port 3000]
 lakebed build <capsule-dir> --target anonymous [--out .lakebed/artifacts/app.json] [--json]
-lakebed deploy <capsule-dir> [--ttl 7d] [--api <url>] [--json]
+lakebed deploy [capsule-dir] [--ttl 7d] [--api <url>] [--json]
 lakebed anonymous-server [--port 8787] [--public-root-url <url>]
 lakebed inspect <deploy-id-or-url> [--api <url>] [--json]
 lakebed db list [deploy-id-or-url] [--port 3000]
@@ -83,12 +83,14 @@ lakebed logs [deploy-id-or-url] [--port 3000]
 Once a Lakebed deploy runner is available, deploy a capsule with:
 
 ```sh
-lakebed deploy my-app --api https://api.lakebed.app
+cd my-app
+lakebed deploy
 ```
 
 For local deploy-runner testing:
 
 ```sh
 lakebed anonymous-server --port 8787
-lakebed deploy my-app --api http://localhost:8787
+cd my-app
+lakebed deploy --api http://localhost:8787
 ```

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "lakebed",
-  "version": "0.0.1",
+  "version": "0.0.3-alpha.0",
   "description": "Agent-native CLI and runtime for building and deploying Lakebed capsules.",
   "license": "UNLICENSED",
   "type": "module",

package/src/anonymous-server.js

@@ -108,6 +108,20 @@ async function readJsonBody(req, maxBytes = 2 * 1024 * 1024) {
   return JSON.parse(Buffer.concat(chunks).toString("utf8"));
 }
 
+function bearerToken(req) {
+  const header = req.headers.authorization;
+  if (!header) {
+    return "";
+  }
+
+  const match = String(header).match(/^Bearer\s+(.+)$/i);
+  return match?.[1]?.trim() ?? "";
+}
+
+function isDeployTokenValid(deploy, token) {
+  return Boolean(token && deploy?.claimTokenHash && hashClaimToken(token) === deploy.claimTokenHash);
+}
+
 function normalizePublicRootUrl(value, port) {
   const fallback = `http://localhost:${port}`;
   return String(value || fallback).replace(/\/+$/g, "");
@@ -220,6 +234,19 @@ export class MemoryAnonymousStore {
 
   async initialize() {}
 
+  storeArtifact({ artifact, artifactHash, clientBundleBase64, clientBundleHash, createdAt }) {
+    const currentArtifact = this.artifacts.get(artifactHash);
+    this.artifacts.set(artifactHash, {
+      artifact,
+      bytes: Buffer.byteLength(clientBundleBase64, "base64"),
+      clientBundleBase64,
+      clientBundleHash,
+      createdAt,
+      hash: artifactHash,
+      refCount: (currentArtifact?.refCount ?? 0) + 1
+    });
+  }
+
   async createDeploy({ appBaseDomain, artifact, artifactHash, clientBundleBase64, clientBundleHash, publicRootUrl, requestedTtlSeconds }) {
     const deployId = createDeployId();
     let slug = createSlug();
@@ -233,15 +260,12 @@ export class MemoryAnonymousStore {
     const expiresAt = new Date(Date.now() + ttlSeconds * 1000).toISOString();
     const url = appUrlForSlug({ appBaseDomain, publicRootUrl, slug });
 
-    const currentArtifact = this.artifacts.get(artifactHash);
-    this.artifacts.set(artifactHash, {
+    this.storeArtifact({
       artifact,
-      bytes: Buffer.byteLength(clientBundleBase64, "base64"),
       clientBundleBase64,
       clientBundleHash,
       createdAt,
-      hash: artifactHash,
-      refCount: (currentArtifact?.refCount ?? 0) + 1
+      artifactHash
     });
 
     const deploy = {
@@ -263,6 +287,33 @@ export class MemoryAnonymousStore {
     return { deploy, token };
   }
 
+  async updateDeploy({ artifact, artifactHash, clientBundleBase64, clientBundleHash, deployId, requestedTtlSeconds }) {
+    const currentDeploy = await this.getDeployById(deployId);
+    if (!currentDeploy) {
+      return null;
+    }
+
+    const createdAt = now();
+    const ttlSeconds = parseTtlSeconds(requestedTtlSeconds);
+    const deploy = {
+      ...currentDeploy,
+      artifactHash,
+      clientBundleHash,
+      expiresAt: new Date(Date.now() + ttlSeconds * 1000).toISOString(),
+      status: "active"
+    };
+
+    this.storeArtifact({
+      artifact,
+      artifactHash,
+      clientBundleBase64,
+      clientBundleHash,
+      createdAt
+    });
+    this.deploys.set(deployId, deploy);
+    return deploy;
+  }
+
   async getDeployById(id) {
     return this.deploys.get(id) ?? null;
   }
@@ -467,13 +518,7 @@ export class PostgresAnonymousStore {
     return this.pool.query(sql, params);
   }
 
-  async createDeploy({ appBaseDomain, artifact, artifactHash, clientBundleBase64, clientBundleHash, publicRootUrl, requestedTtlSeconds }) {
-    const createdAt = now();
-    const ttlSeconds = parseTtlSeconds(requestedTtlSeconds);
-    const expiresAt = new Date(Date.now() + ttlSeconds * 1000).toISOString();
-    const token = createClaimToken();
-    const deployId = createDeployId();
-
+  async storeArtifact({ artifact, artifactHash, clientBundleBase64, clientBundleHash, createdAt }) {
     await this.query(
       `
       insert into artifacts(hash, artifact_json, client_bundle_base64, client_bundle_hash, bytes, created_at, ref_count)
@@ -482,6 +527,16 @@ export class PostgresAnonymousStore {
       `,
       [artifactHash, JSON.stringify(artifact), clientBundleBase64, clientBundleHash, Buffer.byteLength(clientBundleBase64, "base64"), createdAt]
     );
+  }
+
+  async createDeploy({ appBaseDomain, artifact, artifactHash, clientBundleBase64, clientBundleHash, publicRootUrl, requestedTtlSeconds }) {
+    const createdAt = now();
+    const ttlSeconds = parseTtlSeconds(requestedTtlSeconds);
+    const expiresAt = new Date(Date.now() + ttlSeconds * 1000).toISOString();
+    const token = createClaimToken();
+    const deployId = createDeployId();
+
+    await this.storeArtifact({ artifact, artifactHash, clientBundleBase64, clientBundleHash, createdAt });
 
     for (let attempt = 0; attempt < 8; attempt += 1) {
       const slug = createSlug();
@@ -536,6 +591,29 @@ export class PostgresAnonymousStore {
     throw new Error("Unable to allocate anonymous deploy slug.");
   }
 
+  async updateDeploy({ artifact, artifactHash, clientBundleBase64, clientBundleHash, deployId, requestedTtlSeconds }) {
+    const currentDeploy = await this.getDeployById(deployId);
+    if (!currentDeploy) {
+      return null;
+    }
+
+    const createdAt = now();
+    const ttlSeconds = parseTtlSeconds(requestedTtlSeconds);
+    const expiresAt = new Date(Date.now() + ttlSeconds * 1000).toISOString();
+    await this.storeArtifact({ artifact, artifactHash, clientBundleBase64, clientBundleHash, createdAt });
+
+    const result = await this.query(
+      `
+      update deploys
+      set status = 'active', artifact_hash = $2, client_bundle_hash = $3, expires_at = $4
+      where id = $1
+      returning *
+      `,
+      [deployId, artifactHash, clientBundleHash, expiresAt]
+    );
+    return this.rowToDeploy(result.rows[0]);
+  }
+
   rowToDeploy(row) {
     if (!row) {
       return null;
@@ -834,6 +912,20 @@ export async function startAnonymousServer({
   await resolvedStore.initialize();
   const subscriptions = new Map();
 
+  async function refreshDeploySubscriptions(deploy) {
+    const storedArtifact = await resolvedStore.getArtifact(deploy.artifactHash);
+    if (!storedArtifact) {
+      return;
+    }
+
+    for (const subscription of subscriptions.values()) {
+      if (subscription.deploy.id === deploy.id) {
+        subscription.artifact = storedArtifact.artifact;
+        subscription.deploy = deploy;
+      }
+    }
+  }
+
   async function publishDeploy(deployId) {
     for (const [ws, subscription] of subscriptions) {
       if (subscription.deploy.id !== deployId) {
@@ -884,6 +976,41 @@ export async function startAnonymousServer({
         return;
       }
 
+      if ((req.method === "PUT" || req.method === "PATCH") && requestUrl.pathname.startsWith("/v1/deploys/")) {
+        const deployId = requestUrl.pathname.slice("/v1/deploys/".length);
+        const currentDeploy = await resolvedStore.getDeployById(deployId);
+        if (!currentDeploy) {
+          sendJson(res, 404, { error: "Unknown deploy." });
+          return;
+        }
+
+        if (!isDeployTokenValid(currentDeploy, bearerToken(req))) {
+          sendJson(res, 401, { error: "Invalid deploy token." });
+          return;
+        }
+
+        const body = await readJsonBody(req);
+        const payload = validateAnonymousDeployPayload(body);
+        const deploy = await resolvedStore.updateDeploy({
+          artifact: payload.artifact,
+          artifactHash: payload.artifactHash,
+          clientBundleBase64: payload.clientBundleBase64,
+          clientBundleHash: payload.clientBundleHash,
+          deployId,
+          requestedTtlSeconds: body.requestedTtlSeconds ?? requestUrl.searchParams.get("ttl") ?? undefined
+        });
+        if (!deploy) {
+          sendJson(res, 404, { error: "Unknown deploy." });
+          return;
+        }
+
+        await resolvedStore.appendLog(deploy.id, "info", "anonymous deploy updated", { artifactHash: deploy.artifactHash });
+        await refreshDeploySubscriptions(deploy);
+        await publishDeploy(deploy.id);
+        sendJson(res, 200, responseForDeploy({ deploy }));
+        return;
+      }
+
       if (req.method === "GET" && requestUrl.pathname.startsWith("/v1/deploys/")) {
         const id = requestUrl.pathname.slice("/v1/deploys/".length);
         const deploy = (await resolvedStore.getDeployById(id)) ?? (await resolvedStore.getDeployBySlug(id));

package/src/anonymous.js

@@ -484,7 +484,7 @@ function compileServerToIr(app, schema) {
   return { diagnostics, mutations, queries };
 }
 
-export async function createAnonymousArtifact({ app, clientOut, sourceStore, version = "0.0.1" }) {
+export async function createAnonymousArtifact({ app, clientOut, sourceStore, version = "0.0.3-alpha.0" }) {
   const sourceFiles = await readSourceFiles(sourceStore);
   const diagnostics = forbiddenSourceDiagnostics(sourceFiles);
   const { diagnostics: schemaDiagnostics, schema } = serializeSchema(app.schema);

package/src/cli.js

@@ -21,6 +21,7 @@ const root = process.cwd();
 const packageDir = resolve(dirname(fileURLToPath(import.meta.url)), "..");
 const packageNodeModules = resolve(packageDir, "node_modules");
 const sourceNamespace = "lakebed-source";
+const defaultDeployApiUrl = "https://api.lakebed.app";
 
 function usage() {
   console.log(`lakebed
@@ -29,7 +30,7 @@ Usage:
   lakebed new <name> [--template todo]
   lakebed dev <capsule-dir> [--port 3000]
   lakebed build <capsule-dir> --target anonymous [--out .lakebed/artifacts/app.json] [--json]
-  lakebed deploy <capsule-dir> [--ttl 7d] [--api <url>] [--json]
+  lakebed deploy [capsule-dir] [--ttl 7d] [--api <url>] [--json]
   lakebed anonymous-server [--port 8787] [--public-root-url <url>]
   lakebed inspect <deploy-id-or-url> [--api <url>] [--json]
   lakebed run-many <capsule-dir> [--count 20] [--base-port 4000]
@@ -614,6 +615,55 @@ function defaultArtifactPath(capsuleDir) {
   return resolve(root, ".lakebed/artifacts", `${basename(capsuleDir)}.anonymous.json`);
 }
 
+function deployMetadataPath(capsuleDir) {
+  return resolve(capsuleDir, ".lakebed/deploy.json");
+}
+
+async function readDeployMetadata(capsuleDir) {
+  try {
+    return JSON.parse(await readFile(deployMetadataPath(capsuleDir), "utf8"));
+  } catch (error) {
+    if (error?.code === "ENOENT") {
+      return null;
+    }
+
+    throw new Error(`Unable to read Lakebed deploy metadata: ${error instanceof Error ? error.message : String(error)}`);
+  }
+}
+
+async function writeDeployMetadata(capsuleDir, metadata) {
+  const path = deployMetadataPath(capsuleDir);
+  await mkdir(dirname(path), { recursive: true });
+  await writeFile(path, `${JSON.stringify(metadata, null, 2)}\n`);
+}
+
+function claimTokenFromDeployResponse(deployed) {
+  if (!deployed?.claimUrl || !deployed?.deployId) {
+    return null;
+  }
+
+  try {
+    const url = new URL(deployed.claimUrl);
+    const segments = url.pathname.split("/").filter(Boolean);
+    if (segments[0] === "claim" && segments[1] === deployed.deployId) {
+      return segments[2] ?? null;
+    }
+  } catch {
+    return null;
+  }
+
+  return null;
+}
+
+function deployRequestBody(envelope, ttl) {
+  return JSON.stringify({
+    artifact: envelope.artifact,
+    clientBundle: envelope.clientBundle,
+    clientVersion: "0.0.3-alpha.0",
+    requestedTtlSeconds: ttl
+  });
+}
+
 async function buildCommand(args) {
   const [capsuleArg] = positionals(args);
   const target = readArg(args, "--target", "anonymous");
@@ -649,10 +699,7 @@ async function buildCommand(args) {
 }
 
 function deployApiUrl(args) {
-  return String(readArg(args, "--api", process.env.LAKEBED_DEPLOY_API ?? process.env.SPAN_DEPLOY_API ?? "http://localhost:8787")).replace(
-    /\/+$/g,
-    ""
-  );
+  return String(readArg(args, "--api", process.env.LAKEBED_DEPLOY_API ?? process.env.SPAN_DEPLOY_API ?? defaultDeployApiUrl)).replace(/\/+$/g, "");
 }
 
 async function readResponseJson(response) {
@@ -665,32 +712,65 @@ async function readResponseJson(response) {
 
 async function deployCommand(args) {
   const [capsuleArg] = positionals(args);
-  const envelope = await buildAnonymousEnvelope(capsuleArg);
+  const capsuleDir = capsuleArg ? resolveCapsuleDir(capsuleArg) : root;
+  const envelope = await buildAnonymousEnvelope(capsuleDir);
   const ttl = parseTtlSeconds(readArg(args, "--ttl", "7d"));
   const api = deployApiUrl(args);
-  const response = await fetch(`${api}/v1/anonymous-deploys`, {
-    body: JSON.stringify({
-      artifact: envelope.artifact,
-      clientBundle: envelope.clientBundle,
-      clientVersion: "0.0.1",
-      requestedTtlSeconds: ttl
-    }),
+  const body = deployRequestBody(envelope, ttl);
+  const metadata = await readDeployMetadata(capsuleDir);
+  const canUpdate =
+    metadata?.api === api && typeof metadata?.deployId === "string" && typeof metadata?.claimToken === "string";
+  let mode = "created";
+  let response;
+
+  if (canUpdate) {
+    response = await fetch(`${api}/v1/deploys/${encodeURIComponent(metadata.deployId)}`, {
+      body,
+      headers: {
+        "Authorization": `Bearer ${metadata.claimToken}`,
+        "Content-Type": "application/json"
+      },
+      method: "PUT"
+    });
+
+    if (response.status === 404 || response.status === 410) {
+      mode = "created";
+      response = null;
+    } else {
+      mode = "updated";
+    }
+  }
+
+  response ??= await fetch(`${api}/v1/anonymous-deploys`, {
+    body,
     headers: {
       "Content-Type": "application/json"
     },
     method: "POST"
   });
   const deployed = await readResponseJson(response);
+  const claimToken = claimTokenFromDeployResponse(deployed) ?? metadata?.claimToken;
+  if (claimToken) {
+    await writeDeployMetadata(capsuleDir, {
+      api,
+      claimToken,
+      deployId: deployed.deployId,
+      updatedAt: new Date().toISOString(),
+      url: deployed.url
+    });
+  }
 
   if (hasFlag(args, "--json")) {
     console.log(JSON.stringify(deployed, null, 2));
     return;
   }
 
-  console.log("Deploying anonymous preview...\n");
+  console.log(`${mode === "updated" ? "Updated" : "Created"} anonymous preview.\n`);
   console.log(`App:        ${deployed.url}`);
   console.log(`Expires:    ${deployed.expiresAt}`);
-  console.log(`Claim:      ${deployed.claimUrl}`);
+  if (deployed.claimUrl) {
+    console.log(`Claim:      ${deployed.claimUrl}`);
+  }
   console.log(`Inspect:    lakebed inspect ${deployed.deployId}`);
   console.log("\nLimits:");
   console.log(`  source/artifact: ${deployed.limits.artifactBytes} bytes`);
@@ -813,9 +893,67 @@ async function dbCommand(args) {
   usage();
 }
 
+function agentInstructionsTemplate() {
+  return `# Lakebed App Instructions
+
+This is a Lakebed capsule. Build the app inside this directory using the Lakebed v0 contract.
+
+## File Layout
+
+- \`server/index.ts\`: schema, queries, and mutations.
+- \`client/index.tsx\`: Preact UI entrypoint.
+- \`shared/\`: pure TypeScript shared by client and server.
+
+## Commands
+
+Run locally:
+
+\`\`\`sh
+lakebed dev .
+\`\`\`
+
+Deploy:
+
+\`\`\`sh
+lakebed deploy
+\`\`\`
+
+Inspect local state while \`lakebed dev\` is running:
+
+\`\`\`sh
+lakebed db list --port 3000
+lakebed db dump --port 3000
+lakebed logs --port 3000
+\`\`\`
+
+## Rules
+
+- Use \`lakebed/server\` only from \`server/index.ts\`.
+- Use \`lakebed/client\` only from \`client/index.tsx\`.
+- Do not import npm packages from app code.
+- Do not use Node built-ins in app code.
+- Use Tailwind classes directly in JSX.
+- Do not add a CSS, PostCSS, or Tailwind build pipeline.
+- Use guest auth through \`ctx.auth\` on the server and \`useAuth()\` on the client.
+- Keep \`shared/\` free of DOM, Node, env, and Lakebed runtime imports.
+
+## Current Limits
+
+- One server entry.
+- One client entry.
+- Guest auth only.
+- No file storage.
+- No outbound fetch in anonymous deploys.
+- Local state resets when \`lakebed dev\` restarts.
+`;
+}
+
 function todoTemplate(name) {
   const title = basename(name);
+  const agentInstructions = agentInstructionsTemplate();
   return {
+    "AGENTS.md": agentInstructions,
+    "CLAUDE.md": agentInstructions,
     "server/index.ts": `import { boolean, capsule, mutation, query, string, table } from "lakebed/server";
 import { cleanTodoText } from "../shared/todo";
 
@@ -901,6 +1039,8 @@ export function App() {
 export function cleanTodoText(value: string): string {
   return value.trim().slice(0, 160);
 }
+`,
+    ".gitignore": `.lakebed/
 `,
     "README.md": `# ${title}