puls-dev 0.3.3 → 0.3.4

package/dist/providers/proxmox/vm.js

@@ -1,14 +1,10 @@
-import { readFileSync } from "node:fs";
-import { homedir } from "node:os";
-import { spawn } from "node:child_process";
-import { BaseBuilder } from "../../core/resource.js";
+import { ProxmoxBaseBuilder } from "./base.js";
 import { Config } from "../../core/config.js";
 import { Output } from "../../core/output.js";
-import { getPMClient } from "./api.js";
+import { getPMClient, withVmidAllocation } from "./api.js";
 import { getFileHash, parseProvisionMetadata, mergeProvisionMetadata } from "./hash.js";
-import { checkPort, runProvisioner } from "../../core/provisioner.js";
 import { resourceContextStorage } from "../../core/context.js";
-export class VMBuilder extends BaseBuilder {
+export class VMBuilder extends ProxmoxBaseBuilder {
     out = {
         ip: new Output(),
         vmid: new Output(),
@@ -26,7 +22,7 @@ export class VMBuilder extends BaseBuilder {
     _storage;
     _vlan;
     _ip;
-    _sshKeys;
+    _gateway;
     _machine = "q35";
     _forceConfigCheck = false;
     constructor(name) {
@@ -97,8 +93,8 @@ export class VMBuilder extends BaseBuilder {
         this._ip = address;
         return this;
     }
-    sshKey(keys) {
-        this._sshKeys = Array.isArray(keys) ? [...keys] : keys;
+    gateway(gw) {
+        this._gateway = gw;
         return this;
     }
     machine(type) {
@@ -110,6 +106,16 @@ export class VMBuilder extends BaseBuilder {
         return this;
     }
     async deploy() {
+        try {
+            return await this._deploy();
+        }
+        catch (err) {
+            this.out.vmid.reject(err);
+            this.out.ip.reject(err);
+            throw err;
+        }
+    }
+    async _deploy() {
         const dryRun = this.isDryRunActive();
         const existing = await this.discoveryPromise;
         const pm = getPMClient();
@@ -121,8 +127,8 @@ export class VMBuilder extends BaseBuilder {
             this.resolvedIp = await this.resolveExistingIp(existing.node, existing.vmid, pm);
             if (this.resolvedIp) {
                 this.out.ip.resolve(this.resolvedIp);
+                this.registerHost();
             }
-            this.registerHost();
             const activeIp = this.resolvedIp ?? "0.0.0.0";
             // 1. Calculate hashes and check if playbooks need to run
             const appliedHashes = parseProvisionMetadata(existing.description ?? "");
@@ -146,10 +152,10 @@ export class VMBuilder extends BaseBuilder {
                     }
                 }
                 else {
-                    console.log(`   🔄 Running ${playbooksToRun.length} playbook changes → ${activeIp}`);
                     if (activeIp === "0.0.0.0") {
                         throw new Error(`Failed to resolve IP for existing VM "${this.name}" to run playbooks`);
                     }
+                    console.log(`   🔄 Running ${playbooksToRun.length} playbook changes → ${activeIp}`);
                     // Wait for SSH
                     await this.waitFor(`SSH on ${activeIp} to be ready`, () => this.checkPort(activeIp, 22), { intervalMs: 10_000, timeoutMs: 300_000 });
                     // Execute each playbook
@@ -171,7 +177,7 @@ export class VMBuilder extends BaseBuilder {
                     ip: activeIp,
                 };
             }
-            // No playbook changes!
+            // No playbook changes
             console.log(`\n🖥️  Finalizing Proxmox VM "${this.name}"...`);
             console.log(`   ✅ VM "${this.name}" already exists (vmid=${existing.vmid}, node=${existing.node}, status=${existing.status})`);
             console.log(`   ✅ Configuration and playbooks are up to date.`);
@@ -225,34 +231,7 @@ export class VMBuilder extends BaseBuilder {
                     : `Create a template whose name contains "${sourceVmid}".`));
         }
         // Resolve target node: explicit → cluster-aware (online & max free RAM) → configured nodes list → template's node → API discovery
-        let node = this._node;
-        if (!node) {
-            try {
-                const nodesList = await pm.get("/nodes");
-                const configuredNodes = Config.get().providers.proxmox?.nodes;
-                const onlineNodes = (nodesList ?? []).filter((n) => {
-                    if (n.status !== "online")
-                        return false;
-                    if (configuredNodes && configuredNodes.length > 0) {
-                        return configuredNodes.includes(n.node);
-                    }
-                    return true;
-                });
-                if (onlineNodes.length > 0) {
-                    // Sort descending by free memory (maxmem - mem)
-                    onlineNodes.sort((a, b) => {
-                        const freeA = (a.maxmem ?? 0) - (a.mem ?? 0);
-                        const freeB = (b.maxmem ?? 0) - (b.mem ?? 0);
-                        return freeB - freeA;
-                    });
-                    node = onlineNodes[0].node;
-                    console.log(`   🧠 Cluster-aware node selection: picked "${node}" with the most free RAM (${Math.round((((onlineNodes[0].maxmem ?? 0) - (onlineNodes[0].mem ?? 0)) / 1024 / 1024 / 1024) * 10) / 10} GB free)`);
-                }
-            }
-            catch (err) {
-                // Fallback silently to configured nodes list or discovery
-            }
-        }
+        let node = this._node ?? await this.selectBestNode(pm);
         if (!node) {
             const configuredNodes = Config.get().providers.proxmox?.nodes;
             node = configuredNodes?.[0] ?? template?.node;
@@ -263,31 +242,38 @@ export class VMBuilder extends BaseBuilder {
         }
         if (!node)
             throw new Error("No Proxmox nodes available");
-        const newVmid = await pm.get("/cluster/nextid");
         const storage = this._storage ?? "rbd_pool";
-        if (template) {
-            console.log(`   📋 Cloning template "${template.name}" (vmid=${template.vmid}) → "${this.name}" (vmid=${newVmid})`);
-            const taskId = await pm.post(`/nodes/${template.node || node}/qemu/${template.vmid}/clone`, {
-                newid: newVmid,
-                name: this.name,
-                full: 1,
-                storage,
-                format: "raw",
-                target: node,
-            });
-            // Clone is async - wait for the Proxmox task to finish before configuring
-            await this.waitForTask(template.node || node, taskId, pm);
-        }
-        else {
-            console.log(`   🆕 Creating blank VM "${this.name}" (vmid=${newVmid})`);
-            await pm.post(`/nodes/${node}/qemu`, {
-                vmid: newVmid,
-                name: this.name,
-                cores: this._cores,
-                memory: this._memory,
-                net0: `virtio,bridge=vmbr1${this._vlan ? `,tag=${this._vlan}` : ""}`,
-                ostype: "l26",
-            });
+        // Allocate VMID and immediately issue the create/clone request while holding the lock
+        // to prevent parallel VMs from claiming the same VMID.
+        const { newVmid, cloneTaskId, cloneNode } = await withVmidAllocation(async () => {
+            const vmid = await pm.get("/cluster/nextid");
+            if (template) {
+                console.log(`   📋 Cloning template "${template.name}" (vmid=${template.vmid}) → "${this.name}" (vmid=${vmid})`);
+                const taskId = await pm.post(`/nodes/${template.node || node}/qemu/${template.vmid}/clone`, {
+                    newid: vmid,
+                    name: this.name,
+                    full: 1,
+                    storage,
+                    format: "raw",
+                    target: node,
+                });
+                return { newVmid: vmid, cloneTaskId: taskId, cloneNode: template.node || node };
+            }
+            else {
+                console.log(`   🆕 Creating blank VM "${this.name}" (vmid=${vmid})`);
+                await pm.post(`/nodes/${node}/qemu`, {
+                    vmid,
+                    name: this.name,
+                    cores: this._cores,
+                    memory: this._memory,
+                    net0: `virtio,bridge=vmbr1${this._vlan ? `,tag=${this._vlan}` : ""}`,
+                    ostype: "l26",
+                });
+                return { newVmid: vmid, cloneTaskId: null, cloneNode: null };
+            }
+        });
+        if (cloneTaskId && cloneNode) {
+            await this.waitForTask(cloneNode, cloneTaskId, pm);
         }
         this.resolvedVmid = newVmid;
         this.resolvedNode = node;
@@ -318,7 +304,7 @@ export class VMBuilder extends BaseBuilder {
             ipconfig0: this._ip
                 ? (() => {
                     const [addr, prefix = "24"] = this._ip.split("/");
-                    const gw = addr.split(".").slice(0, 3).join(".") + ".1";
+                    const gw = this._gateway ?? (addr.split(".").slice(0, 3).join(".") + ".1");
                     return `gw=${gw},ip=${addr}/${prefix}`;
                 })()
                 : "ip=dhcp",
@@ -356,8 +342,9 @@ export class VMBuilder extends BaseBuilder {
                     return false;
                 }
             }, { intervalMs: 10_000, timeoutMs: 300_000 });
-            if (this.resolvedIp)
+            if (this.resolvedIp) {
                 this.out.ip.resolve(this.resolvedIp);
+            }
             console.log(`   🌐 IP: ${this.resolvedIp}`);
         }
         this.registerHost();
@@ -413,13 +400,12 @@ export class VMBuilder extends BaseBuilder {
     }
     registerHost() {
         const context = resourceContextStorage.getStore();
-        if (context && context.hosts) {
-            const activeIp = this.resolvedIp ?? "0.0.0.0";
+        if (context && context.hosts && this.resolvedIp) {
             if (!context.hosts.some((h) => h.name === this.name)) {
                 context.hosts.push({
                     name: this.name,
-                    ip: activeIp,
-                    user: "root",
+                    ip: this.resolvedIp,
+                    user: this.resolveUser(),
                     sshKey: this.sshKeyPath(),
                     provider: "proxmox",
                 });
@@ -442,19 +428,6 @@ export class VMBuilder extends BaseBuilder {
         await this.destroyVmByName(this.name, pm);
         return { destroyed: this.name };
     }
-    // Poll a Proxmox task UPID until it exits, then throw if it failed
-    async waitForTask(node, upid, pm) {
-        const encoded = encodeURIComponent(upid);
-        await this.waitFor(`clone task to complete`, async () => {
-            const status = await pm.get(`/nodes/${node}/tasks/${encoded}/status`);
-            if (status?.status !== "stopped")
-                return false;
-            if (status.exitstatus && status.exitstatus !== "OK") {
-                throw new Error(`Clone task failed: ${status.exitstatus}`);
-            }
-            return true;
-        }, { intervalMs: 5_000, timeoutMs: 300_000 });
-    }
     async destroyVmByName(name, pm) {
         const resources = await pm.get("/cluster/resources?type=vm");
         const vm = (resources ?? []).find((r) => r.name === name && !r.template);
@@ -472,72 +445,4 @@ export class VMBuilder extends BaseBuilder {
         await pm.delete(`/nodes/${vm.node}/qemu/${vm.vmid}?purge=1&destroy-unreferenced-disks=1`);
         console.log(`   🗑️  Removed VM "${name}" (vmid=${vm.vmid})`);
     }
-    resolvePublicKeys() {
-        const input = this._sshKeys;
-        if (!input) {
-            // Default: read ~/.ssh/id_rsa.pub if it exists
-            try {
-                return [
-                    readFileSync(`${homedir()}/.ssh/id_ed25519.pub`, "utf-8").trim(),
-                ];
-            }
-            catch {
-                return [];
-            }
-        }
-        if (Array.isArray(input))
-            return input.map((k) => k.trim()).filter(Boolean);
-        // Single string: key literal (starts with ssh-) or file path
-        if (input.startsWith("ssh-") ||
-            input.startsWith("ecdsa-") ||
-            input.startsWith("sk-")) {
-            return [input.trim()];
-        }
-        try {
-            return [
-                readFileSync(input.replace(/^~/, homedir()), "utf-8").trim(),
-            ];
-        }
-        catch {
-            return [];
-        }
-    }
-    checkCloudInit(ip) {
-        const keyPath = this.sshKeyPath();
-        return new Promise((resolve) => {
-            const proc = spawn("ssh", [
-                "-i",
-                keyPath,
-                "-o",
-                "StrictHostKeyChecking=no",
-                "-o",
-                "ConnectTimeout=10",
-                "-o",
-                "BatchMode=yes",
-                `root@${ip}`,
-                "cloud-init status",
-            ], { stdio: ["ignore", "pipe", "ignore"] });
-            let out = "";
-            proc.stdout.on("data", (d) => (out += d.toString()));
-            proc.on("close", () => resolve(out.includes("done") || out.includes("error")));
-            proc.on("error", () => resolve(false));
-        });
-    }
-    async checkPort(ip, port) {
-        return checkPort(ip, port);
-    }
-    async runProvisioner(ip, script) {
-        return runProvisioner(ip, "root", this._sshKeys, script);
-    }
-    sshKeyPath() {
-        const keyInput = Array.isArray(this._sshKeys)
-            ? null
-            : this._sshKeys;
-        return (keyInput &&
-            !keyInput.startsWith("ssh-") &&
-            !keyInput.startsWith("ecdsa-") &&
-            !keyInput.startsWith("sk-")
-            ? keyInput.replace(/\.pub$/, "")
-            : `${homedir()}/.ssh/id_ed25519`).replace(/^~/, homedir());
-    }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "puls-dev",
-  "version": "0.3.3",
+  "version": "0.3.4",
   "description": "Intent-driven infrastructure-as-code with eager discovery and no state files.",
   "type": "module",
   "main": "./dist/index.js",
@@ -37,8 +37,12 @@
     "README.md",
     "LICENSE"
   ],
+  "bin": {
+    "puls": "dist/bin/puls.js"
+  },
   "scripts": {
     "build": "tsc",
+    "postbuild": "node -e \"const fs=require('fs'),f='dist/bin/puls.js',c=fs.readFileSync(f,'utf8');if(!c.startsWith('#!'))fs.writeFileSync(f,'#!/usr/bin/env node\\n'+c);\" && chmod +x dist/bin/puls.js",
     "prepublishOnly": "npm run build",
     "test": "tsx --test \"src/**/*.test.ts\""
   },
@@ -54,29 +58,10 @@
   "author": "Bia",
   "license": "ISC",
   "devDependencies": {
-    "@aws-sdk/client-acm": "^3.1053.0",
-    "@aws-sdk/client-apigatewayv2": "^3.1053.0",
-    "@aws-sdk/client-cloudfront": "^3.1053.0",
-    "@aws-sdk/client-cloudwatch": "^3.1053.0",
-    "@aws-sdk/client-cloudwatch-logs": "^3.1053.0",
-    "@aws-sdk/client-ec2": "^3.1053.0",
-    "@aws-sdk/client-ecs": "^3.1053.0",
-    "@aws-sdk/client-iam": "^3.1053.0",
-    "@aws-sdk/client-lambda": "^3.1053.0",
-    "@aws-sdk/client-rds": "^3.1053.0",
-    "@aws-sdk/client-route-53": "^3.1053.0",
-    "@aws-sdk/client-route-53-domains": "^3.1053.0",
-    "@aws-sdk/client-s3": "^3.1053.0",
-    "@aws-sdk/client-secrets-manager": "^3.1053.0",
-    "@aws-sdk/client-sns": "^3.1053.0",
-    "@aws-sdk/client-sqs": "^3.1053.0",
-    "@aws-sdk/client-ssm": "^3.1053.0",
     "@types/node": "^25.6.2",
-    "google-auth-library": "^10.6.2",
     "ts-node": "^10.9.2",
     "tsx": "^4.21.0",
-    "typescript": "^6.0.3",
-    "undici": "^8.3.0"
+    "typescript": "^6.0.3"
   },
   "dependencies": {
     "@aws-sdk/client-acm": "^3.1053.0",