puls-dev 0.3.5 → 0.3.7

package/dist/providers/cloudflare/zone.test.js

@@ -0,0 +1,284 @@
+import { test, describe, beforeEach, afterEach } from "node:test";
+import assert from "node:assert";
+import fs from "node:fs";
+import path from "node:path";
+import { ZoneBuilder } from "./zone.js";
+import { Config } from "../../core/config.js";
+describe("ZoneBuilder Unit Tests", () => {
+    let originalFetch;
+    let fetchCalls = [];
+    let mockResponses = {};
+    beforeEach(() => {
+        Config.set({
+            dryRun: false,
+            providers: {
+                cloudflare: { token: "fake-cf-token", accountId: "fake-cf-account" }
+            }
+        });
+        originalFetch = globalThis.fetch;
+        fetchCalls = [];
+        mockResponses = {};
+        globalThis.fetch = async (input, init) => {
+            const url = String(input);
+            const method = init?.method ?? "GET";
+            let body;
+            if (init?.body) {
+                if (typeof init.body === "string") {
+                    try {
+                        body = JSON.parse(init.body);
+                    }
+                    catch {
+                        body = init.body;
+                    }
+                }
+                else {
+                    body = init.body;
+                }
+            }
+            const headers = init?.headers;
+            fetchCalls.push({ url, method, body, headers });
+            const matchKey = Object.keys(mockResponses).find(key => {
+                const [mMethod, mPath] = key.split(" ");
+                return method === mMethod && url.endsWith(mPath);
+            });
+            if (matchKey) {
+                const resp = mockResponses[matchKey];
+                return {
+                    ok: resp.status >= 200 && resp.status < 300,
+                    status: resp.status,
+                    json: async () => resp.body,
+                    text: async () => JSON.stringify(resp.body),
+                };
+            }
+            return {
+                ok: false,
+                status: 404,
+                json: async () => ({ errors: [{ message: "Not found" }] }),
+                text: async () => "Not found",
+            };
+        };
+    });
+    afterEach(() => {
+        globalThis.fetch = originalFetch;
+    });
+    test("discovers zone successfully if it already exists", async () => {
+        mockResponses["GET /zones?name=example.com"] = {
+            status: 200,
+            body: {
+                result: [
+                    { id: "zone-123", name: "example.com", status: "active" }
+                ]
+            }
+        };
+        mockResponses["GET /zones/zone-123/dns_records?per_page=100"] = {
+            status: 200,
+            body: { result: [] }
+        };
+        const builder = new ZoneBuilder("example.com");
+        const result = await builder.deploy();
+        assert.strictEqual(result.zoneId, "zone-123");
+        assert.strictEqual(builder.resolvedId, "zone-123");
+        const posts = fetchCalls.filter(c => c.method === "POST");
+        assert.strictEqual(posts.length, 0); // No zone creation
+    });
+    test("creates zone if it does not exist", async () => {
+        mockResponses["GET /zones?name=example.com"] = {
+            status: 200,
+            body: { result: [] }
+        };
+        mockResponses["POST /zones"] = {
+            status: 200,
+            body: { result: { id: "zone-new-456" } }
+        };
+        const builder = new ZoneBuilder("example.com");
+        const result = await builder.deploy();
+        assert.strictEqual(result.zoneId, "zone-new-456");
+        assert.strictEqual(builder.resolvedId, "zone-new-456");
+        const postCall = fetchCalls.find(c => c.method === "POST" && c.url.endsWith("/zones"));
+        assert.ok(postCall);
+        assert.deepStrictEqual(postCall.body, {
+            name: "example.com",
+            account: { id: "fake-cf-account" },
+            type: "full"
+        });
+    });
+    test("handles dry-run deploy properly", async () => {
+        Config.set({
+            dryRun: true,
+            providers: {
+                cloudflare: { token: "fake-cf-token", accountId: "fake-cf-account" }
+            }
+        });
+        mockResponses["GET /zones?name=example.com"] = {
+            status: 200,
+            body: { result: [] }
+        };
+        const builder = new ZoneBuilder("example.com");
+        const result = await builder.deploy();
+        assert.strictEqual(result.zoneId, "PENDING");
+        const posts = fetchCalls.filter(c => c.method === "POST");
+        assert.strictEqual(posts.length, 0);
+    });
+    test("reconciles records correctly (creates missing, updates out of date, deletes stale)", async () => {
+        mockResponses["GET /zones?name=example.com"] = {
+            status: 200,
+            body: {
+                result: [{ id: "zone-123", name: "example.com" }]
+            }
+        };
+        mockResponses["GET /zones/zone-123/dns_records?per_page=100"] = {
+            status: 200,
+            body: {
+                result: [
+                    // Perfect match - should be skipped
+                    { id: "rec-1", type: "A", name: "www.example.com", content: "1.1.1.1", proxied: true },
+                    // Out of date - should be updated (content mismatch)
+                    { id: "rec-2", type: "CNAME", name: "blog.example.com", content: "old.example.com", proxied: false },
+                    // Duplicate/stale record of a declared name/type - should be deleted
+                    { id: "rec-3", type: "A", name: "www.example.com", content: "8.8.8.8", proxied: true }
+                ]
+            }
+        };
+        mockResponses["PUT /zones/zone-123/dns_records/rec-2"] = {
+            status: 200,
+            body: { result: { id: "rec-2" } }
+        };
+        mockResponses["POST /zones/zone-123/dns_records"] = {
+            status: 200,
+            body: { result: { id: "rec-4" } }
+        };
+        mockResponses["DELETE /zones/zone-123/dns_records/rec-3"] = {
+            status: 200,
+            body: {}
+        };
+        const builder = new ZoneBuilder("example.com");
+        // rec-1
+        builder.pointer("www", "1.1.1.1", true);
+        // rec-2 (updated)
+        builder.cname("blog", "new.example.com", false);
+        // rec-4 (created)
+        builder.pointer("api", "2.2.2.2", false);
+        await builder.deploy();
+        const putCall = fetchCalls.find(c => c.method === "PUT");
+        assert.ok(putCall);
+        assert.ok(putCall.url.endsWith("/zones/zone-123/dns_records/rec-2"));
+        assert.deepStrictEqual(putCall.body, {
+            type: "CNAME",
+            name: "blog",
+            content: "new.example.com",
+            ttl: 3600,
+            proxied: false
+        });
+        const postCall = fetchCalls.find(c => c.method === "POST" && c.url.includes("/dns_records"));
+        assert.ok(postCall);
+        assert.ok(postCall.url.endsWith("/zones/zone-123/dns_records"));
+        assert.deepStrictEqual(postCall.body, {
+            type: "A",
+            name: "api",
+            content: "2.2.2.2",
+            ttl: 3600,
+            proxied: false
+        });
+        const deleteCall = fetchCalls.find(c => c.method === "DELETE");
+        assert.ok(deleteCall);
+        assert.ok(deleteCall.url.endsWith("/zones/zone-123/dns_records/rec-3"));
+    });
+    test("loads records from configuration file (YAML) successfully", async () => {
+        mockResponses["GET /zones?name=file-example.com"] = {
+            status: 200,
+            body: {
+                result: [{ id: "zone-555", name: "file-example.com" }]
+            }
+        };
+        mockResponses["GET /zones/zone-555/dns_records?per_page=100"] = {
+            status: 200,
+            body: { result: [] }
+        };
+        mockResponses["POST /zones/zone-555/dns_records"] = {
+            status: 200,
+            body: { result: { id: "rec-new" } }
+        };
+        const tempYamlPath = path.resolve(process.cwd(), "temp-cf-records.yaml");
+        const yamlContent = `
+- name: mail
+  type: MX
+  value: mail.file-example.com
+  priority: 5
+- name: _sip._udp
+  type: SRV
+  value: sip.file-example.com
+  port: 5061
+  priority: 20
+  weight: 20
+- name: '@'
+  type: CAA
+  value: letsencrypt.org
+  tag: issue
+  flags: 0
+`;
+        fs.writeFileSync(tempYamlPath, yamlContent, "utf-8");
+        try {
+            const builder = new ZoneBuilder("file-example.com")
+                .record("temp-cf-records.yaml");
+            await builder.deploy();
+            const mxPost = fetchCalls.find(c => c.method === "POST" && c.body?.type === "MX");
+            assert.ok(mxPost);
+            assert.deepStrictEqual(mxPost.body, {
+                type: "MX",
+                name: "mail",
+                content: "mail.file-example.com",
+                ttl: 3600,
+                priority: 5
+            });
+            const srvPost = fetchCalls.find(c => c.method === "POST" && c.body?.type === "SRV");
+            assert.ok(srvPost);
+            assert.deepStrictEqual(srvPost.body, {
+                type: "SRV",
+                name: "_sip._udp",
+                ttl: 3600,
+                data: {
+                    priority: 20,
+                    weight: 20,
+                    port: 5061,
+                    target: "sip.file-example.com"
+                }
+            });
+            const caaPost = fetchCalls.find(c => c.method === "POST" && c.body?.type === "CAA");
+            assert.ok(caaPost);
+            assert.deepStrictEqual(caaPost.body, {
+                type: "CAA",
+                name: "@",
+                ttl: 3600,
+                data: {
+                    flags: 0,
+                    tag: "issue",
+                    value: "letsencrypt.org"
+                }
+            });
+        }
+        finally {
+            if (fs.existsSync(tempYamlPath))
+                fs.unlinkSync(tempYamlPath);
+        }
+    });
+    test("destroys zone successfully if exists", async () => {
+        mockResponses["GET /zones?name=example.com"] = {
+            status: 200,
+            body: {
+                result: [
+                    { id: "zone-123", name: "example.com" }
+                ]
+            }
+        };
+        mockResponses["DELETE /zones/zone-123"] = {
+            status: 200,
+            body: {}
+        };
+        const builder = new ZoneBuilder("example.com");
+        const result = await builder.destroy();
+        assert.deepStrictEqual(result, { destroyed: "example.com" });
+        const deleteCall = fetchCalls.find(c => c.method === "DELETE");
+        assert.ok(deleteCall);
+        assert.ok(deleteCall.url.endsWith("/zones/zone-123"));
+    });
+});

package/dist/providers/firebase/auth.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/providers/firebase/auth.test.js

@@ -0,0 +1,145 @@
+import { test, describe, beforeEach, afterEach, mock } from 'node:test';
+import assert from 'node:assert';
+import { GoogleAuth } from 'google-auth-library';
+import { FirebaseAuthBuilder } from './auth.js';
+import { Config } from '../../core/config.js';
+describe('FirebaseAuthBuilder Unit Tests', () => {
+    let originalFetch;
+    let fetchCalls = [];
+    let mockResponses = {};
+    function matchResponse(method, url) {
+        const key = Object.keys(mockResponses)
+            .filter((k) => {
+            const [m, path] = k.split(' ');
+            return method === m && url.includes(path);
+        })
+            .sort((a, b) => b.split(' ')[1].length - a.split(' ')[1].length)[0];
+        return key ? mockResponses[key] : null;
+    }
+    beforeEach(() => {
+        Config.set({
+            dryRun: false,
+            providers: { firebase: { projectId: 'my-project', serviceAccountPath: '/fake/sa.json' } },
+        });
+        originalFetch = globalThis.fetch;
+        fetchCalls = [];
+        mockResponses = {};
+        globalThis.fetch = async (input, init) => {
+            const url = String(input);
+            const method = init?.method ?? 'GET';
+            let body;
+            if (init?.body && typeof init.body === 'string') {
+                try {
+                    body = JSON.parse(init.body);
+                }
+                catch {
+                    body = init.body;
+                }
+            }
+            fetchCalls.push({ url, method, body });
+            const resp = matchResponse(method, url);
+            if (resp) {
+                return {
+                    ok: resp.status >= 200 && resp.status < 300,
+                    status: resp.status,
+                    json: async () => resp.body,
+                    text: async () => JSON.stringify(resp.body),
+                };
+            }
+            return {
+                ok: true,
+                status: 200,
+                json: async () => ({}),
+                text: async () => '{}',
+            };
+        };
+        mock.method(GoogleAuth.prototype, 'getClient', async () => ({
+            getAccessToken: async () => ({ token: 'fake-token' }),
+        }));
+    });
+    afterEach(() => {
+        globalThis.fetch = originalFetch;
+        mock.restoreAll();
+    });
+    test('performs dry-run without any API write calls', async () => {
+        Config.set({
+            dryRun: true,
+            providers: { firebase: { projectId: 'my-project', serviceAccountPath: '/fake/sa.json' } },
+        });
+        const builder = new FirebaseAuthBuilder();
+        builder.emailPassword().anonymous().phone();
+        const result = await builder.deploy();
+        assert.ok(result);
+        assert.strictEqual(result.project, 'my-project');
+        const writeCalls = fetchCalls.filter((c) => c.method !== 'GET');
+        assert.strictEqual(writeCalls.length, 0);
+    });
+    test('configures email/password and anonymous sign-in via PATCH', async () => {
+        const builder = new FirebaseAuthBuilder();
+        builder.emailPassword({ passwordRequired: false }).anonymous();
+        await builder.deploy();
+        const patchCall = fetchCalls.find((c) => c.method === 'PATCH' && c.url.includes('/config'));
+        assert.ok(patchCall);
+        assert.ok(patchCall.url.includes('signIn.email'));
+        assert.ok(patchCall.url.includes('signIn.anonymous'));
+        assert.strictEqual(patchCall.body.signIn.email.enabled, true);
+        assert.strictEqual(patchCall.body.signIn.email.passwordRequired, false);
+        assert.strictEqual(patchCall.body.signIn.anonymous.enabled, true);
+    });
+    test('enables phone sign-in via PATCH', async () => {
+        const builder = new FirebaseAuthBuilder();
+        builder.phone();
+        await builder.deploy();
+        const patchCall = fetchCalls.find((c) => c.method === 'PATCH' && c.url.includes('/config'));
+        assert.ok(patchCall);
+        assert.ok(patchCall.url.includes('signIn.phoneNumber'));
+        assert.strictEqual(patchCall.body.signIn.phoneNumber.enabled, true);
+    });
+    test('configures OAuth provider via POST when IDP does not exist', async () => {
+        // getIdp returns 404 (not configured yet)
+        mockResponses['GET /defaultSupportedIdpConfigs/google.com'] = {
+            status: 404,
+            body: { error: { message: 'not found' } },
+        };
+        const builder = new FirebaseAuthBuilder();
+        builder.google({ clientId: 'client-id-123', clientSecret: 'secret-456' });
+        await builder.deploy();
+        const postCall = fetchCalls.find((c) => c.method === 'POST' && c.url.includes('defaultSupportedIdpConfigs'));
+        assert.ok(postCall);
+        assert.ok(postCall.url.includes('idpId=google.com'));
+        assert.strictEqual(postCall.body.clientId, 'client-id-123');
+        assert.strictEqual(postCall.body.clientSecret, 'secret-456');
+        assert.strictEqual(postCall.body.enabled, true);
+    });
+    test('updates OAuth provider via PATCH when IDP already exists', async () => {
+        mockResponses['GET /defaultSupportedIdpConfigs/github.com'] = {
+            status: 200,
+            body: { name: 'projects/my-project/defaultSupportedIdpConfigs/github.com', enabled: true },
+        };
+        const builder = new FirebaseAuthBuilder();
+        builder.github({ clientId: 'gh-id', clientSecret: 'gh-secret' });
+        await builder.deploy();
+        const patchCall = fetchCalls.find((c) => c.method === 'PATCH' && c.url.includes('defaultSupportedIdpConfigs/github.com'));
+        assert.ok(patchCall);
+        assert.strictEqual(patchCall.body.clientId, 'gh-id');
+    });
+    test('sets authorized domains via PATCH', async () => {
+        const builder = new FirebaseAuthBuilder();
+        builder.authorizedDomains(['example.com', 'app.example.com', 'localhost']);
+        await builder.deploy();
+        const patchCall = fetchCalls.find((c) => c.method === 'PATCH' && c.url.includes('/config'));
+        assert.ok(patchCall);
+        assert.ok(patchCall.url.includes('authorizedDomains'));
+        assert.deepStrictEqual(patchCall.body.authorizedDomains, [
+            'example.com',
+            'app.example.com',
+            'localhost',
+        ]);
+    });
+    test('destroy returns without making API calls', async () => {
+        const builder = new FirebaseAuthBuilder();
+        const result = await builder.destroy();
+        assert.deepStrictEqual(result, { destroyed: 'auth' });
+        assert.strictEqual(fetchCalls.filter((c) => c.method !== 'GET').length, 0);
+    });
+});

package/dist/providers/firebase/hosting.test.js

@@ -1,6 +1,8 @@
 import { test, describe, beforeEach, afterEach, mock } from 'node:test';
 import assert from 'node:assert';
 import fs from 'node:fs';
+import { createHash } from 'node:crypto';
+import { gzipSync } from 'node:zlib';
 import { GoogleAuth } from 'google-auth-library';
 import { FirebaseHostingBuilder } from './hosting.js';
 import { Config } from '../../core/config.js';
@@ -129,6 +131,7 @@ describe('FirebaseHostingBuilder Unit Tests', () => {
         assert.strictEqual(writeCalls.length, 0);
     });
     test('deploys new version and creates release when site exists', async () => {
+        const expectedHash = createHash('sha256').update(gzipSync(Buffer.from('hello from index.html'))).digest('hex');
         mockResponses['GET /projects/my-project/sites/my-site'] = {
             status: 200,
             body: { name: 'projects/my-project/sites/my-site' }
@@ -141,10 +144,10 @@ describe('FirebaseHostingBuilder Unit Tests', () => {
             status: 200,
             body: {
                 uploadUrl: 'https://upload-firebasehosting.googleapis.com/upload/v111',
-                uploadRequiredHashes: ['mock-hash-index']
+                uploadRequiredHashes: [expectedHash]
             }
         };
-        mockResponses['POST /upload/v111/mock-hash-index'] = {
+        mockResponses[`POST /upload/v111/${expectedHash}`] = {
             status: 200,
             body: {}
         };
@@ -166,10 +169,8 @@ describe('FirebaseHostingBuilder Unit Tests', () => {
         assert.ok(createVersionCall);
         const populateCall = fetchCalls.find(c => c.method === 'POST' && c.url.endsWith('/versions/v111:populateFiles'));
         assert.ok(populateCall);
-        assert.deepStrictEqual(populateCall.body.files, {
-            '/index.html': '8bde9ea78d892f46c76f95e789dfe2000427a3fb3abff9afd8f6b31456703c1d'
-        });
-        const uploadCall = fetchCalls.find(c => c.method === 'POST' && c.url.includes('/upload/v111/mock-hash-index'));
+        assert.deepStrictEqual(populateCall.body.files, { '/index.html': expectedHash });
+        const uploadCall = fetchCalls.find(c => c.method === 'POST' && c.url.includes(`/upload/v111/${expectedHash}`));
         assert.ok(uploadCall);
         assert.strictEqual(uploadCall.headers?.['Authorization'], 'Bearer fake-access-token');
         const patchVersionCall = fetchCalls.find(c => c.method === 'PATCH' && c.url.endsWith('/versions/v111'));

package/dist/providers/firebase/storage.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/providers/firebase/storage.test.js

@@ -0,0 +1,148 @@
+import { test, describe, beforeEach, afterEach, mock } from 'node:test';
+import assert from 'node:assert';
+import fs from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
+import { GoogleAuth } from 'google-auth-library';
+import { FirebaseStorageBuilder } from './storage.js';
+import { Config } from '../../core/config.js';
+describe('FirebaseStorageBuilder Unit Tests', () => {
+    let originalFetch;
+    let fetchCalls = [];
+    let mockResponses = {};
+    // Real temp file: storage.ts uses a named ESM import that bypasses mock.method on the fs object
+    const tmpRulesFile = path.join(os.tmpdir(), 'puls-storage-test.rules');
+    function matchResponse(method, url) {
+        const key = Object.keys(mockResponses)
+            .filter((k) => {
+            const [m, path] = k.split(' ');
+            return method === m && url.includes(path);
+        })
+            .sort((a, b) => b.split(' ')[1].length - a.split(' ')[1].length)[0];
+        return key ? mockResponses[key] : null;
+    }
+    beforeEach(() => {
+        Config.set({
+            dryRun: false,
+            providers: { firebase: { projectId: 'my-project', serviceAccountPath: '/fake/sa.json' } },
+        });
+        originalFetch = globalThis.fetch;
+        fetchCalls = [];
+        mockResponses = {};
+        globalThis.fetch = async (input, init) => {
+            const url = String(input);
+            const method = init?.method ?? 'GET';
+            let body;
+            if (init?.body && typeof init.body === 'string') {
+                try {
+                    body = JSON.parse(init.body);
+                }
+                catch {
+                    body = init.body;
+                }
+            }
+            fetchCalls.push({ url, method, body });
+            const resp = matchResponse(method, url);
+            if (resp) {
+                return {
+                    ok: resp.status >= 200 && resp.status < 300,
+                    status: resp.status,
+                    json: async () => resp.body,
+                    text: async () => JSON.stringify(resp.body),
+                };
+            }
+            return {
+                ok: true, status: 200, json: async () => ({}), text: async () => '{}',
+            };
+        };
+        mock.method(GoogleAuth.prototype, 'getClient', async () => ({
+            getAccessToken: async () => ({ token: 'fake-token' }),
+        }));
+        fs.writeFileSync(tmpRulesFile, 'service firebase.storage { match /b/{b}/o/{a=**} { allow read; } }');
+    });
+    afterEach(() => {
+        globalThis.fetch = originalFetch;
+        mock.restoreAll();
+        try {
+            fs.unlinkSync(tmpRulesFile);
+        }
+        catch { /* ignore */ }
+    });
+    test('deploys without writing anything when no rules, cors, or lifecycle configured', async () => {
+        const builder = new FirebaseStorageBuilder('my-project.appspot.com');
+        const result = await builder.deploy();
+        assert.ok(result);
+        assert.strictEqual(result.bucket, 'my-project.appspot.com');
+        assert.strictEqual(result.project, 'my-project');
+        const writeCalls = fetchCalls.filter((c) => c.method !== 'GET');
+        assert.strictEqual(writeCalls.length, 0);
+    });
+    test('deploys storage rules by creating a ruleset and updating the release', async () => {
+        mockResponses['POST /rulesets'] = {
+            status: 200,
+            body: { name: 'projects/my-project/rulesets/ruleset-abc' },
+        };
+        mockResponses['PUT /releases/firebase.storage/my-project.appspot.com'] = {
+            status: 200,
+            body: {},
+        };
+        const builder = new FirebaseStorageBuilder('my-project.appspot.com');
+        builder.rules(tmpRulesFile);
+        await builder.deploy();
+        const rulesetCall = fetchCalls.find((c) => c.method === 'POST' && c.url.includes('/rulesets'));
+        assert.ok(rulesetCall);
+        assert.ok(rulesetCall.body.source.files[0].name === 'storage.rules');
+        const releaseCall = fetchCalls.find((c) => c.method === 'PUT' && c.url.includes('/releases/'));
+        assert.ok(releaseCall);
+        assert.ok(releaseCall.body.rulesetName.includes('ruleset-abc'));
+    });
+    test('deploys CORS configuration via PATCH to GCS API', async () => {
+        const builder = new FirebaseStorageBuilder('my-bucket');
+        builder.cors([
+            { origin: ['https://example.com'], method: ['GET', 'PUT'], maxAge: 7200 },
+        ]);
+        await builder.deploy();
+        const corsCall = fetchCalls.find((c) => c.method === 'PATCH' && c.url.includes('/b/my-bucket'));
+        assert.ok(corsCall);
+        assert.ok(Array.isArray(corsCall.body.cors));
+        assert.strictEqual(corsCall.body.cors[0].maxAgeSeconds, 7200);
+        assert.deepStrictEqual(corsCall.body.cors[0].origin, ['https://example.com']);
+    });
+    test('deploys lifecycle policy via PATCH to GCS API', async () => {
+        const builder = new FirebaseStorageBuilder('my-bucket');
+        builder.lifecycle({ deleteAfterDays: 30, matchesPrefix: ['tmp/', 'cache/'] });
+        await builder.deploy();
+        const lcCall = fetchCalls.find((c) => c.method === 'PATCH' && c.url.includes('/b/my-bucket'));
+        assert.ok(lcCall);
+        const rule = lcCall.body.lifecycle.rule[0];
+        assert.strictEqual(rule.action.type, 'Delete');
+        assert.strictEqual(rule.condition.age, 30);
+        assert.deepStrictEqual(rule.condition.matchesPrefix, ['tmp/', 'cache/']);
+    });
+    test('performs dry-run without any write API calls', async () => {
+        Config.set({
+            dryRun: true,
+            providers: { firebase: { projectId: 'my-project', serviceAccountPath: '/fake/sa.json' } },
+        });
+        const builder = new FirebaseStorageBuilder('my-project.appspot.com');
+        builder
+            .cors([{ origin: ['*'], method: ['GET'] }])
+            .lifecycle({ deleteAfterDays: 90 });
+        await builder.deploy();
+        const writeCalls = fetchCalls.filter((c) => c.method !== 'GET');
+        assert.strictEqual(writeCalls.length, 0);
+    });
+    test('uses project-derived default bucket name when none provided', async () => {
+        const builder = new FirebaseStorageBuilder();
+        const result = await builder.deploy();
+        // Default bucket is projectId.appspot.com
+        assert.strictEqual(result.bucket, 'my-project.appspot.com');
+    });
+    test('destroy returns without making write API calls', async () => {
+        const builder = new FirebaseStorageBuilder('my-project.appspot.com');
+        const result = await builder.destroy();
+        assert.ok(result.destroyed.includes('appspot.com'));
+        const writeCalls = fetchCalls.filter((c) => c.method !== 'GET');
+        assert.strictEqual(writeCalls.length, 0);
+    });
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "puls-dev",
-  "version": "0.3.5",
+  "version": "0.3.7",
   "description": "Intent-driven infrastructure-as-code with eager discovery and no state files.",
   "type": "module",
   "main": "./dist/index.js",
@@ -30,6 +30,10 @@
     "./gcp": {
       "types": "./dist/providers/gcp/index.d.ts",
       "default": "./dist/providers/gcp/index.js"
+    },
+    "./cloudflare": {
+      "types": "./dist/providers/cloudflare/index.d.ts",
+      "default": "./dist/providers/cloudflare/index.js"
     }
   },
   "files": [
@@ -44,7 +48,7 @@
     "build": "tsc",
     "postbuild": "node -e \"const fs=require('fs'),f='dist/bin/puls.js',c=fs.readFileSync(f,'utf8');if(!c.startsWith('#!'))fs.writeFileSync(f,'#!/usr/bin/env node\\n'+c);\" && chmod +x dist/bin/puls.js",
     "prepublishOnly": "npm run build",
-    "test": "tsx --test \"src/**/*.test.ts\""
+    "test": "find src -name '*.test.ts' | xargs tsx --test --test-concurrency=1"
   },
   "keywords": [
     "iac",