neonctl 1.29.4 → 1.30.0

package/analytics.js

@@ -9,11 +9,13 @@ import pkg from './pkg.js';
 import { getApiClient } from './api.js';
 const WRITE_KEY = '3SQXn5ejjXWLEJ8xU2PRYhAotLtTaeeV';
 let client;
+let clientInitialized = false;
 let userId = '';
 export const analyticsMiddleware = async (args) => {
-    if (!args.analytics) {
+    if (!args.analytics || clientInitialized) {
         return;
     }
+    clientInitialized = true;
     try {
         const credentialsPath = join(args.configDir, CREDENTIALS_FILE);
         const credentials = readFileSync(credentialsPath, { encoding: 'utf-8' });
@@ -39,6 +41,7 @@ export const analyticsMiddleware = async (args) => {
         writeKey: WRITE_KEY,
         host: 'https://track.neon.tech',
     });
+    log.debug('Initialized CLI analytics');
     client.identify({
         userId: userId?.toString() ?? 'anonymous',
     });
@@ -54,9 +57,13 @@ export const analyticsMiddleware = async (args) => {
             ci: isCi(),
         },
     });
-    log.debug('Flushing CLI started event with userId: %s', userId);
-    await client.closeAndFlush();
-    log.debug('Flushed CLI started event with userId: %s', userId);
+};
+export const closeAnalytics = async () => {
+    if (client) {
+        log.debug('Flushing CLI analytics');
+        await client.closeAndFlush();
+        log.debug('Flushed CLI analytics');
+    }
 };
 export const sendError = (err, errCode) => {
     if (!client) {
@@ -73,6 +80,5 @@ export const sendError = (err, errCode) => {
             statusCode: axiosError?.response?.status,
         },
     });
-    client.closeAndFlush();
     log.debug('Sent CLI error event: %s', errCode);
 };

package/auth.js

@@ -5,6 +5,8 @@ import { join } from 'node:path';
 import open from 'open';
 import { log } from './log.js';
 import { fileURLToPath } from 'node:url';
+import { sendError } from './analytics.js';
+import { matchErrorCode } from './errors.js';
 // oauth server timeouts
 const SERVER_TIMEOUT = 10000;
 // where to wait for incoming redirect request from oauth server to arrive
@@ -18,6 +20,7 @@ const NEONCTL_SCOPES = [
     'urn:neoncloud:projects:update',
     'urn:neoncloud:projects:delete',
 ];
+const AUTH_TIMEOUT_SECONDS = 60;
 export const defaultClientID = 'neonctl';
 custom.setHttpOptionsDefaults({
     timeout: SERVER_TIMEOUT,
@@ -38,6 +41,7 @@ export const auth = async ({ oauthHost, clientId }) => {
     //
     // Start HTTP server and wait till /callback is hit
     //
+    log.debug('Starting HTTP Server for callback');
     const server = createServer();
     server.listen(0, '127.0.0.1', function () {
         log.debug(`Listening on port ${this.address().port}`);
@@ -55,7 +59,10 @@ export const auth = async ({ oauthHost, clientId }) => {
     // we store the code_verifier in memory
     const codeVerifier = generators.codeVerifier();
     const codeChallenge = generators.codeChallenge(codeVerifier);
-    return new Promise((resolve) => {
+    return new Promise((resolve, reject) => {
+        const timer = setTimeout(() => {
+            reject(new Error(`Authentication timed out after ${AUTH_TIMEOUT_SECONDS} seconds`));
+        }, AUTH_TIMEOUT_SECONDS * 1000);
         server.on('request', async (request, response) => {
             //
             // Wait for callback and follow oauth flow.
@@ -83,6 +90,7 @@ export const auth = async ({ oauthHost, clientId }) => {
             });
             response.writeHead(200, { 'Content-Type': 'text/html' });
             createReadStream(join(fileURLToPath(new URL('.', import.meta.url)), './callback.html')).pipe(response);
+            clearTimeout(timer);
             resolve(tokenSet);
             server.close();
         });
@@ -96,6 +104,12 @@ export const auth = async ({ oauthHost, clientId }) => {
             code_challenge: codeChallenge,
             code_challenge_method: 'S256',
         });
-        open(authUrl);
+        log.info('Awaiting authentication in web browser.');
+        log.info(`Auth Url: ${authUrl}`);
+        open(authUrl).catch((err) => {
+            const msg = `Failed to open web browser. Please copy & paste auth url to authenticate in browser.`;
+            sendError(err || new Error(msg), matchErrorCode(msg || err?.message));
+            log.error(msg || err?.message);
+        });
     });
 };

package/commands/auth.test.js

@@ -6,7 +6,7 @@ import { runMockServer } from '../test_utils/mock_server';
 jest.unstable_mockModule('open', () => ({
     __esModule: true,
     default: jest.fn((url) => {
-        axios.get(url);
+        return axios.get(url);
     }),
 }));
 // "open" module should be imported after mocking

package/commands/branches.js

@@ -7,6 +7,7 @@ import { looksLikeBranchId, looksLikeLSN, looksLikeTimestamp, } from '../utils/f
 import { psql } from '../utils/psql.js';
 import { parsePointInTime } from '../utils/point_in_time.js';
 import { log } from '../log.js';
+import { parseSchemaDiffParams, schemaDiff } from './schema_diff.js';
 const BRANCH_FIELDS = [
     'id',
     'name',
@@ -117,7 +118,47 @@ export const builder = (argv) => argv
     },
 }), async (args) => await addCompute(args))
     .command('delete <id|name>', 'Delete a branch', (yargs) => yargs, async (args) => await deleteBranch(args))
-    .command('get <id|name>', 'Get a branch', (yargs) => yargs, async (args) => await get(args));
+    .command('get <id|name>', 'Get a branch', (yargs) => yargs, async (args) => await get(args))
+    .command({
+    command: 'schema-diff [base-branch] [compare-source[@(timestamp|lsn)]]',
+    aliases: ['sd'],
+    describe: "Compare the latest schemas of any two branches, or compare a branch to its own or another branch's history.",
+    builder: (yargs) => {
+        return yargs
+            .middleware((args) => (args.compareSource = args['compare-source@(timestamp']))
+            .middleware(parseSchemaDiffParams)
+            .options({
+            database: {
+                alias: 'db',
+                type: 'string',
+                description: 'Name of the database for which the schema comparison is performed',
+            },
+        })
+            .example([
+            [
+                '$0 branches schema-diff main br-compare-branch-123456',
+                'Compares the main branch to the head of the branch with ID br-compare-branch-123456',
+            ],
+            [
+                '$0 branches schema-diff main compare@2024-06-01T00:00:00Z',
+                'Compares the main branch to the state of the compare branch at timestamp 2024-06-01T00:00:00.000Z',
+            ],
+            [
+                '$0 branches schema-diff my-branch ^self@0/123456',
+                'Compares my-branch to LSN 0/123456 from its own history',
+            ],
+            [
+                '$0 branches schema-diff my-branch ^parent',
+                'Compares my-branch to the head of its parent branch',
+            ],
+            [
+                '$0 branches schema-diff',
+                "If a branch is specified in 'set-context', compares this branch to its parent. Otherwise, compares the primary branch to its parent.",
+            ],
+        ]);
+    },
+    handler: async (args) => schemaDiff(args),
+});
 export const handler = (args) => {
     return args;
 };

package/commands/schema_diff.js

@@ -0,0 +1,150 @@
+import { createPatch } from 'diff';
+import chalk from 'chalk';
+import { writer } from '../writer.js';
+import { branchIdFromProps } from '../utils/enrichers.js';
+import { parsePointInTime, } from '../utils/point_in_time.js';
+import { isAxiosError } from 'axios';
+import { sendError } from '../analytics.js';
+import { log } from '../log.js';
+const COLORS = {
+    added: chalk.green,
+    removed: chalk.red,
+    header: chalk.yellow,
+    section: chalk.magenta,
+};
+export const schemaDiff = async (props) => {
+    props.branch = props.baseBranch || props.branch;
+    const baseBranch = await branchIdFromProps(props);
+    let pointInTime = await parsePointInTime({
+        pointInTime: props.compareSource,
+        targetBranchId: baseBranch,
+        projectId: props.projectId,
+        api: props.apiClient,
+    });
+    // Swap base and compare points if comparing with parent branch
+    const comparingWithParent = props.compareSource.startsWith('^parent');
+    let baseBranchPoint = {
+        branchId: baseBranch,
+        tag: 'head',
+    };
+    [baseBranchPoint, pointInTime] = comparingWithParent
+        ? [pointInTime, baseBranchPoint]
+        : [baseBranchPoint, pointInTime];
+    const baseDatabases = await fetchDatabases(baseBranch, props);
+    if (props.database) {
+        const database = baseDatabases.find((db) => db.name === props.database);
+        if (!database) {
+            throw new Error(`Database ${props.database} does not exist in base branch ${baseBranch}`);
+        }
+        const patch = await createSchemaDiff(baseBranchPoint, pointInTime, database, props);
+        writer(props).text(colorize(patch));
+        return;
+    }
+    await Promise.all(baseDatabases.map(async (database) => {
+        const patch = await createSchemaDiff(baseBranchPoint, pointInTime, database, props);
+        writer(props).text(colorize(patch));
+    }));
+};
+const fetchDatabases = async (branch, props) => {
+    return props.apiClient
+        .listProjectBranchDatabases(props.projectId, branch)
+        .then((response) => response.data.databases);
+};
+const createSchemaDiff = async (baseBranch, pointInTime, database, props) => {
+    const [baseSchema, compareSchema] = await Promise.all([
+        fetchSchema(baseBranch, database, props),
+        fetchSchema(pointInTime, database, props),
+    ]);
+    return createPatch(`Database: ${database.name}`, baseSchema, compareSchema, generateHeader(baseBranch), generateHeader(pointInTime));
+};
+const fetchSchema = async (pointInTime, database, props) => {
+    try {
+        return props.apiClient
+            .getProjectBranchSchema({
+            projectId: props.projectId,
+            branchId: pointInTime.branchId,
+            db_name: database.name,
+            role: database.owner_name,
+            ...pointInTimeParams(pointInTime),
+        })
+            .then((response) => response.data.sql ?? '');
+    }
+    catch (error) {
+        if (isAxiosError(error)) {
+            const data = error.response?.data;
+            sendError(error, 'API_ERROR');
+            throw new Error(data.message ??
+                `Error while fetching schema for branch ${pointInTime.branchId}`);
+        }
+        throw error;
+    }
+};
+const colorize = (patch) => {
+    return patch
+        .replace(/^([^\n]+)\n([^\n]+)\n/m, '') // Remove first two lines
+        .replace(/^-.*/gm, colorizer('removed'))
+        .replace(/^\+.*/gm, colorizer('added'))
+        .replace(/^@@.+@@.*/gm, colorizer('section'));
+};
+const colorizer = (colorId) => {
+    const color = COLORS[colorId];
+    return (line) => color(line);
+};
+const pointInTimeParams = (pointInTime) => {
+    switch (pointInTime.tag) {
+        case 'timestamp':
+            return {
+                timestamp: pointInTime.timestamp,
+            };
+        case 'lsn':
+            return {
+                lsn: pointInTime.lsn ?? undefined,
+            };
+        default:
+            return {};
+    }
+};
+const generateHeader = (pointInTime) => {
+    const header = `(Branch: ${pointInTime.branchId}`;
+    switch (pointInTime.tag) {
+        case 'timestamp':
+            return `${header} at ${pointInTime.timestamp})`;
+        case 'lsn':
+            return `${header} at ${pointInTime.lsn})`;
+        default:
+            return `${header})`;
+    }
+};
+/*
+  The command has two positional optional arguments - [base-branch] and [compare-source]
+  If only one argument is specified, we should consider it as `compare-source`
+    and `base-branch` will be either read from context or the primary branch of project.
+  If no branches are specified, compare the context branch with its parent
+*/
+export const parseSchemaDiffParams = async (props) => {
+    if (!props.compareSource) {
+        if (props.baseBranch) {
+            props.compareSource = props.baseBranch;
+            props.baseBranch = props.branch;
+        }
+        else if (props.branch) {
+            const { data } = await props.apiClient.listProjectBranches(props.projectId);
+            const contextBranch = data.branches.find((b) => b.id === props.branch || b.name === props.branch);
+            if (contextBranch?.parent_id == undefined) {
+                throw new Error(`No branch specified. Your context branch (${props.branch}) has no parent, so no comparison is possible.`);
+            }
+            log.info(`No branches specified. Comparing your context branch '${props.branch}' with its parent`);
+            props.compareSource = '^parent';
+        }
+        else {
+            const { data } = await props.apiClient.listProjectBranches(props.projectId);
+            const primaryBranch = data.branches.find((b) => b.primary);
+            if (primaryBranch?.parent_id == undefined) {
+                throw new Error('No branch specified. Include a base branch or add a set-context branch to continue. Your primary branch has no parent, so no comparison is possible.');
+            }
+            log.info(`No branches specified. Comparing primary branch with its parent`);
+            props.compareSource = '^parent';
+        }
+    }
+    return props;
+};

package/errors.js

@@ -1,6 +1,7 @@
 const ERROR_MATCHERS = [
     [/^Unknown command: (.*)$/, 'UNKNOWN_COMMAND'],
     [/^Missing required argument: (.*)$/, 'MISSING_ARGUMENT'],
+    [/^Failed to open web browser. (.*)$/, 'AUTH_BROWSER_FAILED'],
 ];
 export const matchErrorCode = (message) => {
     if (!message) {

package/index.js

@@ -20,7 +20,7 @@ import { defaultClientID } from './auth.js';
 import { fillInArgs } from './utils/middlewares.js';
 import pkg from './pkg.js';
 import commands from './commands/index.js';
-import { analyticsMiddleware, sendError } from './analytics.js';
+import { analyticsMiddleware, closeAnalytics, sendError } from './analytics.js';
 import { isAxiosError } from 'axios';
 import { matchErrorCode } from './errors.js';
 import { showHelp } from './help.js';
@@ -96,6 +96,12 @@ builder = builder
         type: 'string',
         default: currentContextFile,
     },
+    color: {
+        group: 'Global options:',
+        describe: 'Colorize the output. Example: --no-color, --color false',
+        type: 'boolean',
+        default: true,
+    },
 })
     .middleware((args) => fillInArgs(args), true)
     .help(false)
@@ -156,13 +162,20 @@ builder = builder
         sendError(err || new Error(msg), matchErrorCode(msg || err?.message));
         log.error(msg || err?.message);
     }
+    await closeAnalytics();
     err?.stack && log.debug('Stack: %s', err.stack);
     process.exit(1);
 });
 (async () => {
-    const args = await builder.argv;
-    if (args._.length === 0 || args.help) {
-        await showHelp(builder);
-        process.exit(0);
+    try {
+        const args = await builder.argv;
+        if (args._.length === 0 || args.help) {
+            await showHelp(builder);
+            process.exit(0);
+        }
+        await closeAnalytics();
+    }
+    catch {
+        // noop
     }
 })();

package/package.json

@@ -5,7 +5,7 @@
     "url": "git+ssh://git@github.com/neondatabase/neonctl.git"
   },
   "type": "module",
-  "version": "1.29.4",
+  "version": "1.30.0",
   "description": "CLI tool for NeonDB Cloud management",
   "main": "index.js",
   "author": "NeonDB",
@@ -29,6 +29,7 @@
     "@semantic-release/exec": "^6.0.3",
     "@semantic-release/git": "^10.0.1",
     "@types/cli-table": "^0.3.0",
+    "@types/diff": "^5.2.1",
     "@types/express": "^4.17.17",
     "@types/inquirer": "^9.0.3",
     "@types/node": "^18.7.13",
@@ -53,15 +54,16 @@
     "typescript": "^4.7.4"
   },
   "dependencies": {
-    "@neondatabase/api-client": "1.5.0",
+    "@neondatabase/api-client": "1.7.0",
     "@segment/analytics-node": "^1.0.0-beta.26",
     "axios": "^1.4.0",
     "axios-debug-log": "^1.0.0",
     "chalk": "^5.2.0",
     "cli-table": "^0.3.11",
+    "diff": "^5.2.0",
     "inquirer": "^9.2.6",
-    "open": "^8.4.0",
-    "openid-client": "^5.1.9",
+    "open": "^10.1.0",
+    "openid-client": "^5.6.5",
     "which": "^3.0.1",
     "yaml": "^2.1.1",
     "yargs": "^17.7.2"

package/parameters.gen.js

@@ -30,10 +30,15 @@ export const projectCreateRequest = {
         description: "A list of IP addresses that are allowed to connect to the endpoint.",
         demandOption: false,
     },
+    'project.settings.allowed_ips.protected_branches_only': {
+        type: "boolean",
+        description: "If true, the list will be applied only to protected branches.",
+        demandOption: false,
+    },
     'project.settings.allowed_ips.primary_branch_only': {
         type: "boolean",
         description: "If true, the list will be applied only to the primary branch.",
-        demandOption: true,
+        demandOption: false,
     },
     'project.settings.enable_logical_replication': {
         type: "boolean",
@@ -91,6 +96,11 @@ export const projectCreateRequest = {
         description: "The number of seconds to retain the point-in-time restore (PITR) backup history for this project.\nThe default is 604800 seconds (7 days).\n",
         demandOption: false,
     },
+    'project.org_id': {
+        type: "string",
+        description: "Organization id in case the project created belongs to an organization.\nIf not present, project is owned by a user and not by org.\n",
+        demandOption: false,
+    },
 };
 export const projectUpdateRequest = {
     'project.settings.quota.active_time_seconds': {
@@ -123,10 +133,15 @@ export const projectUpdateRequest = {
         description: "A list of IP addresses that are allowed to connect to the endpoint.",
         demandOption: false,
     },
+    'project.settings.allowed_ips.protected_branches_only': {
+        type: "boolean",
+        description: "If true, the list will be applied only to protected branches.",
+        demandOption: false,
+    },
     'project.settings.allowed_ips.primary_branch_only': {
         type: "boolean",
         description: "If true, the list will be applied only to the primary branch.",
-        demandOption: true,
+        demandOption: false,
     },
     'project.settings.enable_logical_replication': {
         type: "boolean",

package/utils/point_in_time.js

@@ -18,8 +18,14 @@ export const parsePITBranch = (input) => {
                 ? { tag: 'lsn', lsn: exactPIT }
                 : { tag: 'timestamp', timestamp: exactPIT }),
     };
-    if (result.tag === 'timestamp' && !looksLikeTimestamp(result.timestamp)) {
-        throw new PointInTimeParseError('Invalid source branch format');
+    if (result.tag === 'timestamp') {
+        const timestamp = result.timestamp;
+        if (!looksLikeTimestamp(timestamp)) {
+            throw new PointInTimeParseError(`Invalid source branch format - ${input}`);
+        }
+        if (Date.parse(timestamp) > Date.now()) {
+            throw new PointInTimeParseError(`Timestamp can not be in future - ${input}`);
+        }
     }
     return result;
 };

package/writer.js

@@ -71,6 +71,9 @@ export const writer = (props) => {
             chunks.push({ data, config });
             return this;
         },
+        text(data) {
+            return out.write(data);
+        },
         end: (...args) => {
             if (args.length === 2) {
                 chunks.push({ data: args[0], config: args[1] });