puls-dev 0.3.3 → 0.3.4

package/dist/providers/gcp/vm.js

@@ -1,6 +1,7 @@
 import fs from "node:fs";
 import { homedir } from "node:os";
 import { BaseBuilder } from "../../core/resource.js";
+import { Config } from "../../core/config.js";
 import { Output } from "../../core/output.js";
 import { gcpFetch, getProjectId } from "./api.js";
 import { checkPort, runProvisioner } from "../../core/provisioner.js";
@@ -17,6 +18,7 @@ export class GCPVMBuilder extends BaseBuilder {
     _zone = "us-central1-a";
     _network = "global/networks/default";
     _sshKeys = [];
+    _sshUser;
     _provision = [];
     _forceConfigCheck = false;
     resolvedInstanceId;
@@ -51,6 +53,16 @@ export class GCPVMBuilder extends BaseBuilder {
         this._sshKeys = keys;
         return this;
     }
+    sshUser(user) {
+        this._sshUser = user;
+        return this;
+    }
+    resolveUser() {
+        return (this._sshUser ??
+            process.env.GCP_SSH_USER ??
+            Config.get().providers.gcp?.sshUser ??
+            "root");
+    }
     provision(...playbookPaths) {
         this._provision.push(...playbookPaths.flat());
         return this;
@@ -68,7 +80,7 @@ export class GCPVMBuilder extends BaseBuilder {
         if (!keyPath) {
             throw new Error(`[GCP VM:${this.name}] No SSH private key path found. Pass a file path via .sshKey() to run provisioning.`);
         }
-        return runProvisioner(ip, "root", keyPath, script);
+        return runProvisioner(ip, this.resolveUser(), keyPath, script);
     }
     async discoverVM() {
         try {
@@ -298,7 +310,7 @@ export class GCPVMBuilder extends BaseBuilder {
                 context.hosts.push({
                     name: this.name,
                     ip: activeIp,
-                    user: "root",
+                    user: this.resolveUser(),
                     sshKey: keyPath,
                     provider: "gcp"
                 });

package/dist/providers/proxmox/api.d.ts

@@ -10,4 +10,5 @@ export declare class ProxmoxApiClient {
     put<T>(path: string, body?: unknown): Promise<T>;
     delete(path: string): Promise<void>;
 }
+export declare function withVmidAllocation<T>(fn: () => Promise<T>): Promise<T>;
 export declare function getPMClient(): ProxmoxApiClient;

package/dist/providers/proxmox/api.js

@@ -75,9 +75,10 @@ export class ProxmoxApiClient {
             return json.data ?? null;
         }, {
             retryable: (err) => {
-                const match = err.message.match(/: (\d+)/);
+                // Match the 3-digit HTTP status that appears after ": " at the end of the path segment
+                const match = err.message.match(/:\s(\d{3})(?:\s|$)/);
                 const status = match ? parseInt(match[1], 10) : null;
-                return status === 429 || (status && status >= 500) || err.message.includes("ETIMEDOUT");
+                return status === 429 || (status !== null && status >= 500) || err.message.includes("ETIMEDOUT");
             }
         });
     }
@@ -94,11 +95,25 @@ export class ProxmoxApiClient {
         await this.request("DELETE", path);
     }
 }
+let _vmidLock = Promise.resolve();
+export async function withVmidAllocation(fn) {
+    let release;
+    const acquired = new Promise(r => { release = r; });
+    const prev = _vmidLock;
+    _vmidLock = prev.then(() => acquired);
+    await prev;
+    try {
+        return await fn();
+    }
+    finally {
+        release();
+    }
+}
 export function getPMClient() {
     const cfg = Config.get().providers.proxmox;
     if (!cfg?.url || !cfg?.user || !cfg?.tokenName || !cfg?.tokenSecret) {
         if (Config.isOfflineMode() || Config.isGlobalDryRun()) {
-            return new ProxmoxApiClient("https://10.8.4.39:8006", "mock-user@pve", "mock-token-name", "mock-token-secret", false);
+            return new ProxmoxApiClient("https://proxmox.invalid:8006", "mock-user@pve", "mock-token-name", "mock-token-secret", false);
         }
         throw new Error("Proxmox not configured. Set proxmox: { url, user, tokenName, tokenSecret } in @Deploy");
     }

package/dist/providers/proxmox/base.d.ts

@@ -0,0 +1,16 @@
+import { BaseBuilder } from "../../core/resource.js";
+import type { ProxmoxApiClient } from "./api.js";
+export declare abstract class ProxmoxBaseBuilder extends BaseBuilder {
+    protected _sshKeys?: string | string[];
+    protected _sshUser?: string;
+    sshKey(keys: string | readonly string[]): this;
+    sshUser(user: string): this;
+    protected resolveUser(): string;
+    protected selectBestNode(pm: ProxmoxApiClient): Promise<string | undefined>;
+    protected waitForTask(node: string, upid: string, pm: ProxmoxApiClient): Promise<void>;
+    protected resolvePublicKeys(): string[];
+    protected sshKeyPath(): string;
+    protected checkCloudInit(ip: string): Promise<boolean>;
+    protected checkPort(ip: string, port: number): Promise<boolean>;
+    protected runProvisioner(ip: string, script: string): Promise<void>;
+}

package/dist/providers/proxmox/base.js

@@ -0,0 +1,121 @@
+import { readFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { spawn } from "node:child_process";
+import { BaseBuilder } from "../../core/resource.js";
+import { Config } from "../../core/config.js";
+import { checkPort, runProvisioner } from "../../core/provisioner.js";
+export class ProxmoxBaseBuilder extends BaseBuilder {
+    _sshKeys;
+    _sshUser;
+    sshKey(keys) {
+        this._sshKeys = Array.isArray(keys) ? [...keys] : keys;
+        return this;
+    }
+    sshUser(user) {
+        this._sshUser = user;
+        return this;
+    }
+    resolveUser() {
+        return (this._sshUser ??
+            process.env.PROXMOX_SSH_USER ??
+            Config.get().providers.proxmox?.sshUser ??
+            "root");
+    }
+    async selectBestNode(pm) {
+        try {
+            const nodesList = await pm.get("/nodes");
+            const configuredNodes = Config.get().providers.proxmox?.nodes;
+            const onlineNodes = (nodesList ?? []).filter((n) => {
+                if (n.status !== "online")
+                    return false;
+                if (configuredNodes && configuredNodes.length > 0) {
+                    return configuredNodes.includes(n.node);
+                }
+                return true;
+            });
+            if (onlineNodes.length > 0) {
+                onlineNodes.sort((a, b) => {
+                    const freeA = (a.maxmem ?? 0) - (a.mem ?? 0);
+                    const freeB = (b.maxmem ?? 0) - (b.mem ?? 0);
+                    return freeB - freeA;
+                });
+                const best = onlineNodes[0];
+                const freeGb = Math.round((((best.maxmem ?? 0) - (best.mem ?? 0)) / 1024 / 1024 / 1024) * 10) / 10;
+                console.log(`   🧠 Cluster-aware node selection: picked "${best.node}" with the most free RAM (${freeGb} GB free)`);
+                return best.node;
+            }
+        }
+        catch {
+            // Fallback to configured nodes or template node
+        }
+        return undefined;
+    }
+    async waitForTask(node, upid, pm) {
+        const encoded = encodeURIComponent(upid);
+        await this.waitFor(`clone task to complete`, async () => {
+            const status = await pm.get(`/nodes/${node}/tasks/${encoded}/status`);
+            if (status?.status !== "stopped")
+                return false;
+            if (status.exitstatus && status.exitstatus !== "OK") {
+                throw new Error(`Clone task failed: ${status.exitstatus}`);
+            }
+            return true;
+        }, { intervalMs: 5_000, timeoutMs: 300_000 });
+    }
+    resolvePublicKeys() {
+        const input = this._sshKeys;
+        if (!input) {
+            try {
+                return [readFileSync(`${homedir()}/.ssh/id_ed25519.pub`, "utf-8").trim()];
+            }
+            catch {
+                return [];
+            }
+        }
+        if (Array.isArray(input))
+            return input.map((k) => k.trim()).filter(Boolean);
+        if (input.startsWith("ssh-") ||
+            input.startsWith("ecdsa-") ||
+            input.startsWith("sk-")) {
+            return [input.trim()];
+        }
+        try {
+            return [readFileSync(input.replace(/^~/, homedir()), "utf-8").trim()];
+        }
+        catch {
+            return [];
+        }
+    }
+    sshKeyPath() {
+        const keyInput = Array.isArray(this._sshKeys) ? null : this._sshKeys;
+        return (keyInput &&
+            !keyInput.startsWith("ssh-") &&
+            !keyInput.startsWith("ecdsa-") &&
+            !keyInput.startsWith("sk-")
+            ? keyInput.replace(/\.pub$/, "")
+            : `${homedir()}/.ssh/id_ed25519`).replace(/^~/, homedir());
+    }
+    checkCloudInit(ip) {
+        const keyPath = this.sshKeyPath();
+        return new Promise((resolve) => {
+            const proc = spawn("ssh", [
+                "-i", keyPath,
+                "-o", "StrictHostKeyChecking=no",
+                "-o", "ConnectTimeout=10",
+                "-o", "BatchMode=yes",
+                `root@${ip}`,
+                "cloud-init status",
+            ], { stdio: ["ignore", "pipe", "ignore"] });
+            let out = "";
+            proc.stdout.on("data", (d) => (out += d.toString()));
+            proc.on("close", () => resolve(out.includes("done") || out.includes("error")));
+            proc.on("error", () => resolve(false));
+        });
+    }
+    async checkPort(ip, port) {
+        return checkPort(ip, port);
+    }
+    async runProvisioner(ip, script) {
+        return runProvisioner(ip, this.resolveUser(), this._sshKeys, script);
+    }
+}

package/dist/providers/proxmox/template.d.ts

@@ -1,7 +1,7 @@
-import { BaseBuilder } from "../../core/resource.js";
+import { ProxmoxBaseBuilder } from "./base.js";
 import { Output } from "../../core/output.js";
 import type { OSImage } from "../../types/proxmox.js";
-export declare class TemplateBuilder extends BaseBuilder {
+export declare class TemplateBuilder extends ProxmoxBaseBuilder {
     readonly out: {
         vmid: Output<number>;
     };
@@ -12,14 +12,12 @@ export declare class TemplateBuilder extends BaseBuilder {
     private _memory;
     private _provision;
     private _storage?;
-    private _sshKeys?;
     constructor(name: string);
     private discoverTemplate;
     baseImage(os: OSImage): this;
     cores(n: number): this;
     memory(mb: number): this;
     storage(pool: string): this;
-    sshKey(keys: string | readonly string[]): this;
     provision(...playbookPaths: (string | string[])[]): this;
     deploy(): Promise<{
         name: string;
@@ -30,15 +28,10 @@ export declare class TemplateBuilder extends BaseBuilder {
         vmid: string;
         node?: undefined;
     }>;
+    private _deploy;
     destroy(): Promise<{
         destroyed: boolean;
     } | {
         destroyed: string;
     }>;
-    private waitForTask;
-    private resolvePublicKeys;
-    private checkCloudInit;
-    protected checkPort(ip: string, port: number): Promise<boolean>;
-    protected runProvisioner(ip: string, script: string): Promise<void>;
-    private sshKeyPath;
 }

package/dist/providers/proxmox/template.js

@@ -1,13 +1,9 @@
-import { readFileSync } from "node:fs";
-import { homedir } from "node:os";
-import { spawn } from "node:child_process";
-import { BaseBuilder } from "../../core/resource.js";
+import { ProxmoxBaseBuilder } from "./base.js";
 import { Config } from "../../core/config.js";
 import { Output } from "../../core/output.js";
-import { getPMClient } from "./api.js";
+import { getPMClient, withVmidAllocation } from "./api.js";
 import { getFileHash, parseProvisionMetadata, mergeProvisionMetadata } from "./hash.js";
-import { checkPort, runProvisioner } from "../../core/provisioner.js";
-export class TemplateBuilder extends BaseBuilder {
+export class TemplateBuilder extends ProxmoxBaseBuilder {
     out = {
         vmid: new Output(),
     };
@@ -18,7 +14,6 @@ export class TemplateBuilder extends BaseBuilder {
     _memory = 2048;
     _provision = [];
     _storage;
-    _sshKeys;
     constructor(name) {
         super(name);
         this.discoveryPromise = this.discoverTemplate(name);
@@ -61,22 +56,24 @@ export class TemplateBuilder extends BaseBuilder {
         this._storage = pool;
         return this;
     }
-    sshKey(keys) {
-        this._sshKeys = Array.isArray(keys) ? [...keys] : keys;
-        return this;
-    }
     provision(...playbookPaths) {
         this._provision.push(...playbookPaths.flat());
         return this;
     }
     async deploy() {
+        try {
+            return await this._deploy();
+        }
+        catch (err) {
+            this.out.vmid.reject(err);
+            throw err;
+        }
+    }
+    async _deploy() {
         const dryRun = this.isDryRunActive();
         const existing = await this.discoveryPromise;
         const pm = getPMClient();
         if (existing) {
-            this.resolvedVmid = existing.vmid;
-            this.resolvedNode = existing.node;
-            this.out.vmid.resolve(existing.vmid);
             // Check if playbook hashes differ
             const appliedHashes = parseProvisionMetadata(existing.description ?? "");
             const declaredPlaybooksWithHashes = this._provision.map((p) => {
@@ -88,6 +85,9 @@ export class TemplateBuilder extends BaseBuilder {
                 return !appliedHash || appliedHash !== p.hash;
             });
             if (!hasChanges) {
+                this.resolvedVmid = existing.vmid;
+                this.resolvedNode = existing.node;
+                this.out.vmid.resolve(existing.vmid);
                 console.log(`\n🖥️  Finalizing Proxmox Template "${this.name}"...`);
                 console.log(`   ✅ Template "${this.name}" already exists and matches defined state.`);
                 return { name: this.name, vmid: this.resolvedVmid, node: this.resolvedNode };
@@ -96,11 +96,11 @@ export class TemplateBuilder extends BaseBuilder {
             console.log(`   🔄 Template playbook hashes changed. Purging old template...`);
             if (dryRun) {
                 console.log(`   📝 [PLAN] Would purge template "${this.name}" (vmid=${existing.vmid}) and rebuild.`);
+                this.out.vmid.resolve(-1);
                 return { name: this.name, vmid: "PENDING" };
             }
-            else {
-                await pm.delete(`/nodes/${existing.node}/qemu/${existing.vmid}?purge=1&destroy-unreferenced-disks=1`);
-            }
+            await pm.delete(`/nodes/${existing.node}/qemu/${existing.vmid}?purge=1&destroy-unreferenced-disks=1`);
+            // Fall through to rebuild
         }
         console.log(`\n🖥️  Finalizing Proxmox Template "${this.name}"...`);
         if (dryRun) {
@@ -115,31 +115,7 @@ export class TemplateBuilder extends BaseBuilder {
             return { name: this.name, vmid: "PENDING" };
         }
         // Pick target node (cluster-aware)
-        let node;
-        try {
-            const nodesList = await pm.get("/nodes");
-            const configuredNodes = Config.get().providers.proxmox?.nodes;
-            const onlineNodes = (nodesList ?? []).filter((n) => {
-                if (n.status !== "online")
-                    return false;
-                if (configuredNodes && configuredNodes.length > 0) {
-                    return configuredNodes.includes(n.node);
-                }
-                return true;
-            });
-            if (onlineNodes.length > 0) {
-                onlineNodes.sort((a, b) => {
-                    const freeA = (a.maxmem ?? 0) - (a.mem ?? 0);
-                    const freeB = (b.maxmem ?? 0) - (b.mem ?? 0);
-                    return freeB - freeA;
-                });
-                node = onlineNodes[0].node;
-                console.log(`   🧠 Cluster-aware node selection: picked "${node}" with the most free RAM (${Math.round((((onlineNodes[0].maxmem ?? 0) - (onlineNodes[0].mem ?? 0)) / 1024 / 1024 / 1024) * 10) / 10} GB free)`);
-            }
-        }
-        catch (err) {
-            // Fallback
-        }
+        let node = await this.selectBestNode(pm);
         if (!node) {
             const configuredNodes = Config.get().providers.proxmox?.nodes;
             node = configuredNodes?.[0];
@@ -150,8 +126,6 @@ export class TemplateBuilder extends BaseBuilder {
         }
         if (!node)
             throw new Error("No Proxmox nodes available");
-        const newVmid = await pm.get("/cluster/nextid");
-        const storage = this._storage ?? "rbd_pool";
         // Lookup base image template
         const resources = await pm.get("/cluster/resources?type=vm");
         const isVmid = this._baseImage && /^\d+$/.test(this._baseImage);
@@ -164,28 +138,38 @@ export class TemplateBuilder extends BaseBuilder {
         if (this._baseImage && !baseTemplate) {
             throw new Error(`No Proxmox base template found matching "${this._baseImage}".`);
         }
-        if (baseTemplate) {
-            console.log(`   📋 Cloning base template "${baseTemplate.name}" (vmid=${baseTemplate.vmid}) → "${this.name}" (vmid=${newVmid})`);
-            const taskId = await pm.post(`/nodes/${baseTemplate.node || node}/qemu/${baseTemplate.vmid}/clone`, {
-                newid: newVmid,
-                name: this.name,
-                full: 1,
-                storage,
-                format: "raw",
-                target: node,
-            });
-            await this.waitForTask(baseTemplate.node || node, taskId, pm);
-        }
-        else {
-            console.log(`   🆕 Creating blank VM "${this.name}" (vmid=${newVmid})`);
-            await pm.post(`/nodes/${node}/qemu`, {
-                vmid: newVmid,
-                name: this.name,
-                cores: this._cores,
-                memory: this._memory,
-                net0: "virtio,bridge=vmbr1",
-                ostype: "l26",
-            });
+        const storage = this._storage ?? "rbd_pool";
+        // Allocate VMID and immediately issue the create/clone request while holding the lock
+        // to prevent parallel templates from claiming the same VMID.
+        const { newVmid, cloneTaskId, cloneNode } = await withVmidAllocation(async () => {
+            const vmid = await pm.get("/cluster/nextid");
+            if (baseTemplate) {
+                console.log(`   📋 Cloning base template "${baseTemplate.name}" (vmid=${baseTemplate.vmid}) → "${this.name}" (vmid=${vmid})`);
+                const taskId = await pm.post(`/nodes/${baseTemplate.node || node}/qemu/${baseTemplate.vmid}/clone`, {
+                    newid: vmid,
+                    name: this.name,
+                    full: 1,
+                    storage,
+                    format: "raw",
+                    target: node,
+                });
+                return { newVmid: vmid, cloneTaskId: taskId, cloneNode: baseTemplate.node || node };
+            }
+            else {
+                console.log(`   🆕 Creating blank VM "${this.name}" (vmid=${vmid})`);
+                await pm.post(`/nodes/${node}/qemu`, {
+                    vmid,
+                    name: this.name,
+                    cores: this._cores,
+                    memory: this._memory,
+                    net0: "virtio,bridge=vmbr1",
+                    ostype: "l26",
+                });
+                return { newVmid: vmid, cloneTaskId: null, cloneNode: null };
+            }
+        });
+        if (cloneTaskId && cloneNode) {
+            await this.waitForTask(cloneNode, cloneTaskId, pm);
         }
         this.resolvedVmid = newVmid;
         this.resolvedNode = node;
@@ -275,76 +259,4 @@ export class TemplateBuilder extends BaseBuilder {
         console.log(`   🗑️  Removed Template "${this.name}" (vmid=${existing.vmid})`);
         return { destroyed: this.name };
     }
-    async waitForTask(node, upid, pm) {
-        const encoded = encodeURIComponent(upid);
-        await this.waitFor(`clone task to complete`, async () => {
-            const status = await pm.get(`/nodes/${node}/tasks/${encoded}/status`);
-            if (status?.status !== "stopped")
-                return false;
-            if (status.exitstatus && status.exitstatus !== "OK") {
-                throw new Error(`Clone task failed: ${status.exitstatus}`);
-            }
-            return true;
-        }, { intervalMs: 5_000, timeoutMs: 300_000 });
-    }
-    resolvePublicKeys() {
-        const input = this._sshKeys;
-        if (!input) {
-            try {
-                return [readFileSync(`${homedir()}/.ssh/id_ed25519.pub`, "utf-8").trim()];
-            }
-            catch {
-                return [];
-            }
-        }
-        if (Array.isArray(input))
-            return input.map((k) => k.trim()).filter(Boolean);
-        if (input.startsWith("ssh-") ||
-            input.startsWith("ecdsa-") ||
-            input.startsWith("sk-")) {
-            return [input.trim()];
-        }
-        try {
-            return [readFileSync(input.replace(/^~/, homedir()), "utf-8").trim()];
-        }
-        catch {
-            return [];
-        }
-    }
-    checkCloudInit(ip) {
-        const keyPath = this.sshKeyPath();
-        return new Promise((resolve) => {
-            const proc = spawn("ssh", [
-                "-i",
-                keyPath,
-                "-o",
-                "StrictHostKeyChecking=no",
-                "-o",
-                "ConnectTimeout=10",
-                "-o",
-                "BatchMode=yes",
-                `root@${ip}`,
-                "cloud-init status",
-            ], { stdio: ["ignore", "pipe", "ignore"] });
-            let out = "";
-            proc.stdout.on("data", (d) => (out += d.toString()));
-            proc.on("close", () => resolve(out.includes("done") || out.includes("error")));
-            proc.on("error", () => resolve(false));
-        });
-    }
-    async checkPort(ip, port) {
-        return checkPort(ip, port);
-    }
-    async runProvisioner(ip, script) {
-        return runProvisioner(ip, "root", this._sshKeys, script);
-    }
-    sshKeyPath() {
-        const keyInput = Array.isArray(this._sshKeys) ? null : this._sshKeys;
-        return (keyInput &&
-            !keyInput.startsWith("ssh-") &&
-            !keyInput.startsWith("ecdsa-") &&
-            !keyInput.startsWith("sk-")
-            ? keyInput.replace(/\.pub$/, "")
-            : `${homedir()}/.ssh/id_ed25519`).replace(/^~/, homedir());
-    }
 }

package/dist/providers/proxmox/vm.d.ts

@@ -1,8 +1,8 @@
-import { BaseBuilder } from "../../core/resource.js";
+import { ProxmoxBaseBuilder } from "./base.js";
 import { Output } from "../../core/output.js";
 import type { OSImage } from "../../types/proxmox.js";
 import { TemplateBuilder } from "./template.js";
-export declare class VMBuilder extends BaseBuilder {
+export declare class VMBuilder extends ProxmoxBaseBuilder {
     readonly out: {
         ip: Output<string>;
         vmid: Output<number>;
@@ -20,7 +20,7 @@ export declare class VMBuilder extends BaseBuilder {
     private _storage?;
     private _vlan?;
     private _ip?;
-    private _sshKeys?;
+    private _gateway?;
     private _machine;
     private _forceConfigCheck;
     constructor(name: string);
@@ -35,7 +35,7 @@ export declare class VMBuilder extends BaseBuilder {
     storage(pool: string): this;
     vlan(tag: number): this;
     ip(address: string): this;
-    sshKey(keys: string | readonly string[]): this;
+    gateway(gw: string): this;
     machine(type: "q35" | "i440fx"): this;
     forceConfigCheck(): this;
     deploy(): Promise<{
@@ -54,14 +54,9 @@ export declare class VMBuilder extends BaseBuilder {
         ip: string | null;
         node?: undefined;
     }>;
+    private _deploy;
     private resolveExistingIp;
     private registerHost;
     destroy(): Promise<any>;
-    private waitForTask;
     private destroyVmByName;
-    private resolvePublicKeys;
-    private checkCloudInit;
-    protected checkPort(ip: string, port: number): Promise<boolean>;
-    protected runProvisioner(ip: string, script: string): Promise<void>;
-    private sshKeyPath;
 }