relight-cli 0.1.0 → 0.2.0

package/src/lib/clouds/cf.js

@@ -1,4 +1,7 @@
 var CF_API = "https://api.cloudflare.com/client/v4";
+var CF_REGISTRY = "registry.cloudflare.com";
+
+export { CF_REGISTRY };
 
 export var TOKEN_URL =
   "https://dash.cloudflare.com/profile/api-tokens?" +
@@ -13,12 +16,16 @@ export var TOKEN_URL =
   ) +
   "&name=relight-cli";
 
-export async function cfApi(method, path, body, apiToken) {
+// --- CF API base ---
+
+export async function cfApi(method, path, body, apiToken, contentType) {
   var headers = {
     Authorization: `Bearer ${apiToken}`,
   };
 
-  if (body && typeof body === "object") {
+  if (contentType) {
+    headers["Content-Type"] = contentType;
+  } else if (body && typeof body === "object") {
     headers["Content-Type"] = "application/json";
     body = JSON.stringify(body);
   }
@@ -41,6 +48,32 @@ export async function cfApi(method, path, body, apiToken) {
   return res.text();
 }
 
+// --- CF GraphQL Analytics API ---
+
+export async function cfGraphQL(apiToken, query, variables) {
+  var res = await fetch("https://api.cloudflare.com/client/v4/graphql", {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${apiToken}`,
+      "Content-Type": "application/json",
+    },
+    body: JSON.stringify({ query, variables }),
+  });
+
+  if (!res.ok) {
+    var text = await res.text();
+    throw new Error(`CF GraphQL: ${res.status} ${text}`);
+  }
+
+  var json = await res.json();
+  if (json.errors && json.errors.length > 0) {
+    throw new Error(`CF GraphQL: ${json.errors.map((e) => e.message).join(", ")}`);
+  }
+  return json.data;
+}
+
+// --- Auth verification ---
+
 export async function verifyToken(apiToken) {
   return cfApi("GET", "/user/tokens/verify", null, apiToken);
 }
@@ -50,6 +83,299 @@ export async function listAccounts(apiToken) {
   return res.result || [];
 }
 
+// --- Registry ---
+
+export async function getRegistryCredentials(accountId, apiToken) {
+  var res = await cfApi(
+    "POST",
+    `/accounts/${accountId}/containers/registries/${CF_REGISTRY}/credentials`,
+    { permissions: ["push", "pull"], expiration_minutes: 15 },
+    apiToken
+  );
+  return res.result;
+}
+
+// --- Worker scripts ---
+
+export async function uploadWorker(accountId, apiToken, scriptName, code, metadata) {
+  var form = new FormData();
+  form.append(
+    "metadata",
+    new Blob([JSON.stringify(metadata)], { type: "application/json" })
+  );
+  form.append(
+    "index.js",
+    new Blob([code], { type: "application/javascript+module" }),
+    "index.js"
+  );
+
+  var res = await fetch(
+    `${CF_API}/accounts/${accountId}/workers/scripts/${scriptName}`,
+    {
+      method: "PUT",
+      headers: { Authorization: `Bearer ${apiToken}` },
+      body: form,
+    }
+  );
+
+  if (!res.ok) {
+    var text = await res.text();
+    throw new Error(`Worker upload failed: ${res.status} ${text}`);
+  }
+
+  return res.json();
+}
+
+export async function deleteWorker(accountId, apiToken, scriptName) {
+  return cfApi(
+    "DELETE",
+    `/accounts/${accountId}/workers/scripts/${scriptName}`,
+    null,
+    apiToken
+  );
+}
+
+export async function patchWorkerSettings(accountId, apiToken, scriptName, settings) {
+  var form = new FormData();
+  form.append(
+    "settings",
+    new Blob([JSON.stringify(settings)], { type: "application/json" })
+  );
+
+  var res = await fetch(
+    `${CF_API}/accounts/${accountId}/workers/scripts/${scriptName}/settings`,
+    {
+      method: "PATCH",
+      headers: { Authorization: `Bearer ${apiToken}` },
+      body: form,
+    }
+  );
+
+  if (!res.ok) {
+    var text = await res.text();
+    throw new Error(`Settings update failed: ${res.status} ${text}`);
+  }
+
+  return res.json();
+}
+
+export async function listWorkerScripts(accountId, apiToken) {
+  var res = await cfApi(
+    "GET",
+    `/accounts/${accountId}/workers/scripts`,
+    null,
+    apiToken
+  );
+  return res.result || [];
+}
+
+export async function getWorkerSettings(accountId, apiToken, scriptName) {
+  var res = await cfApi(
+    "GET",
+    `/accounts/${accountId}/workers/scripts/${scriptName}/settings`,
+    null,
+    apiToken
+  );
+  return res.result;
+}
+
+// --- Container applications ---
+
+export async function getDONamespaceId(accountId, apiToken, scriptName, className) {
+  var res = await cfApi(
+    "GET",
+    `/accounts/${accountId}/workers/durable_objects/namespaces`,
+    null,
+    apiToken
+  );
+  var namespaces = res.result || [];
+  var ns = namespaces.find(
+    (n) => n.script === scriptName && n.class === className
+  );
+  return ns ? ns.id : null;
+}
+
+export async function listContainerApps(accountId, apiToken) {
+  var res = await cfApi(
+    "GET",
+    `/accounts/${accountId}/containers/applications`,
+    null,
+    apiToken
+  );
+  return res.result || [];
+}
+
+export async function findContainerApp(accountId, apiToken, name) {
+  var apps = await listContainerApps(accountId, apiToken);
+  return apps.find((a) => a.name === name) || null;
+}
+
+export async function createContainerApp(accountId, apiToken, app) {
+  var res = await cfApi(
+    "POST",
+    `/accounts/${accountId}/containers/applications`,
+    app,
+    apiToken
+  );
+  return res.result;
+}
+
+export async function deleteContainerApp(accountId, apiToken, appId) {
+  return cfApi(
+    "DELETE",
+    `/accounts/${accountId}/containers/applications/${appId}`,
+    null,
+    apiToken
+  );
+}
+
+export async function modifyContainerApp(accountId, apiToken, appId, changes) {
+  var res = await cfApi(
+    "PATCH",
+    `/accounts/${accountId}/containers/applications/${appId}`,
+    changes,
+    apiToken
+  );
+  return res.result;
+}
+
+export async function createRollout(accountId, apiToken, appId, rollout) {
+  var res = await cfApi(
+    "POST",
+    `/accounts/${accountId}/containers/applications/${appId}/rollouts`,
+    rollout,
+    apiToken
+  );
+  return res.result;
+}
+
+// --- Tail/logs ---
+
+export async function createTail(accountId, apiToken, scriptName) {
+  var res = await cfApi(
+    "POST",
+    `/accounts/${accountId}/workers/scripts/${scriptName}/tails`,
+    {},
+    apiToken
+  );
+  return res.result;
+}
+
+export async function deleteTail(accountId, apiToken, scriptName, tailId) {
+  return cfApi(
+    "DELETE",
+    `/accounts/${accountId}/workers/scripts/${scriptName}/tails/${tailId}`,
+    null,
+    apiToken
+  );
+}
+
+// --- Zones ---
+
+export async function listZones(accountId, apiToken) {
+  var all = [];
+  var page = 1;
+  while (true) {
+    var res = await cfApi(
+      "GET",
+      `/zones?account.id=${accountId}&per_page=50&status=active&page=${page}`,
+      null,
+      apiToken
+    );
+    var zones = res.result || [];
+    all.push(...zones);
+    if (zones.length < 50) break;
+    page++;
+  }
+  return all;
+}
+
+export function findZoneForHostname(zones, hostname) {
+  var match = null;
+  for (var zone of zones) {
+    if (hostname === zone.name || hostname.endsWith("." + zone.name)) {
+      if (!match || zone.name.length > match.name.length) {
+        match = zone;
+      }
+    }
+  }
+  return match;
+}
+
+// --- DNS records ---
+
+export async function listDnsRecords(accountId, apiToken, zoneId, params) {
+  var qs = new URLSearchParams(params || {}).toString();
+  var path = `/zones/${zoneId}/dns_records${qs ? "?" + qs : ""}`;
+  var res = await cfApi("GET", path, null, apiToken);
+  return res.result || [];
+}
+
+export async function createDnsRecord(accountId, apiToken, zoneId, record) {
+  return cfApi(
+    "POST",
+    `/zones/${zoneId}/dns_records`,
+    record,
+    apiToken
+  );
+}
+
+export async function deleteDnsRecord(accountId, apiToken, zoneId, recordId) {
+  return cfApi(
+    "DELETE",
+    `/zones/${zoneId}/dns_records/${recordId}`,
+    null,
+    apiToken
+  );
+}
+
+// --- Workers custom domains ---
+
+export async function addWorkerDomain(accountId, apiToken, scriptName, hostname, zoneId) {
+  return cfApi(
+    "PUT",
+    `/accounts/${accountId}/workers/domains`,
+    {
+      hostname,
+      zone_id: zoneId,
+      service: scriptName,
+      environment: "production",
+    },
+    apiToken
+  );
+}
+
+export async function removeWorkerDomain(accountId, apiToken, hostname) {
+  var res = await cfApi(
+    "GET",
+    `/accounts/${accountId}/workers/domains`,
+    null,
+    apiToken
+  );
+  var domains = res.result || [];
+  var domain = domains.find((d) => d.hostname === hostname);
+  if (!domain) return;
+
+  return cfApi(
+    "DELETE",
+    `/accounts/${accountId}/workers/domains/${domain.id}`,
+    null,
+    apiToken
+  );
+}
+
+export async function listWorkerDomainsForService(accountId, apiToken, scriptName) {
+  var res = await cfApi(
+    "GET",
+    `/accounts/${accountId}/workers/domains`,
+    null,
+    apiToken
+  );
+  return (res.result || []).filter((d) => d.service === scriptName);
+}
+
+// --- Workers subdomain ---
+
 export async function getWorkersSubdomain(accountId, apiToken) {
   try {
     var res = await cfApi(
@@ -63,3 +389,76 @@ export async function getWorkersSubdomain(accountId, apiToken) {
     return null;
   }
 }
+
+export async function enableWorkerSubdomain(accountId, apiToken, scriptName) {
+  return cfApi(
+    "POST",
+    `/accounts/${accountId}/workers/services/${scriptName}/environments/production/subdomain`,
+    { enabled: true },
+    apiToken
+  );
+}
+
+// --- D1 databases ---
+
+export async function createD1Database(accountId, apiToken, name, { locationHint, jurisdiction } = {}) {
+  var body = { name };
+  if (jurisdiction) body.jurisdiction = jurisdiction;
+  else if (locationHint) body.primary_location_hint = locationHint;
+  var res = await cfApi(
+    "POST",
+    `/accounts/${accountId}/d1/database`,
+    body,
+    apiToken
+  );
+  return res.result;
+}
+
+export async function deleteD1Database(accountId, apiToken, dbId) {
+  return cfApi(
+    "DELETE",
+    `/accounts/${accountId}/d1/database/${dbId}`,
+    null,
+    apiToken
+  );
+}
+
+export async function getD1Database(accountId, apiToken, dbId) {
+  var res = await cfApi(
+    "GET",
+    `/accounts/${accountId}/d1/database/${dbId}`,
+    null,
+    apiToken
+  );
+  return res.result;
+}
+
+export async function queryD1(accountId, apiToken, dbId, sql, params) {
+  var body = { sql };
+  if (params) body.params = params;
+  var res = await cfApi(
+    "POST",
+    `/accounts/${accountId}/d1/database/${dbId}/query`,
+    body,
+    apiToken
+  );
+  return res.result;
+}
+
+export async function exportD1(accountId, apiToken, dbId, body) {
+  return cfApi(
+    "POST",
+    `/accounts/${accountId}/d1/database/${dbId}/export`,
+    body,
+    apiToken
+  );
+}
+
+export async function importD1(accountId, apiToken, dbId, body) {
+  return cfApi(
+    "POST",
+    `/accounts/${accountId}/d1/database/${dbId}/import`,
+    body,
+    apiToken
+  );
+}

package/src/lib/clouds/gcp.js

@@ -1,11 +1,17 @@
 import { createSign } from "crypto";
 import { readFileSync } from "fs";
 
-var RUN_API = "https://run.googleapis.com/v2";
+export var RUN_API = "https://run.googleapis.com/v2";
 var CRM_API = "https://cloudresourcemanager.googleapis.com/v1";
 var TOKEN_URI = "https://oauth2.googleapis.com/token";
 var SCOPE = "https://www.googleapis.com/auth/cloud-platform";
 
+export var AR_API = "https://artifactregistry.googleapis.com/v1";
+export var SQLADMIN_API = "https://sqladmin.googleapis.com/v1";
+export var DNS_API = "https://dns.googleapis.com/dns/v1";
+export var LOGGING_API = "https://logging.googleapis.com/v2";
+export var MONITORING_API = "https://monitoring.googleapis.com/v3";
+
 // --- Service account key file ---
 
 export function readKeyFile(path) {
@@ -25,7 +31,7 @@ export function readKeyFile(path) {
   };
 }
 
-// --- JWT → access token ---
+// --- JWT -> access token ---
 
 export async function mintAccessToken(clientEmail, privateKey) {
   var now = Math.floor(Date.now() / 1000);
@@ -95,10 +101,51 @@ export async function gcpApi(method, url, body, token) {
   return res.json();
 }
 
+// --- LRO polling ---
+
+export async function waitForOperation(token, operationName, apiBase) {
+  var url = apiBase
+    ? `${apiBase}/${operationName}`
+    : `https://run.googleapis.com/v2/${operationName}`;
+  while (true) {
+    var op = await gcpApi("GET", url, null, token);
+    if (op.done) {
+      if (op.error) {
+        throw new Error(`Operation failed: ${op.error.message || JSON.stringify(op.error)}`);
+      }
+      return op.response || op;
+    }
+    await new Promise((r) => setTimeout(r, 2000));
+  }
+}
+
+export async function waitForSqlOperation(token, project, opName) {
+  while (true) {
+    var op = await gcpApi(
+      "GET",
+      `${SQLADMIN_API}/projects/${project}/operations/${opName}`,
+      null,
+      token
+    );
+    if (op.status === "DONE") {
+      if (op.error) {
+        var msgs = (op.error.errors || []).map((e) => e.message).join(", ");
+        throw new Error(`SQL operation failed: ${msgs || JSON.stringify(op.error)}`);
+      }
+      return op;
+    }
+    await new Promise((r) => setTimeout(r, 3000));
+  }
+}
+
+// --- Project verification ---
+
 export async function verifyProject(token, project) {
   return gcpApi("GET", `${CRM_API}/projects/${project}`, null, token);
 }
 
+// --- Cloud Run ---
+
 export async function listRegions(token, project) {
   var res = await gcpApi(
     "GET",
@@ -117,4 +164,188 @@ export async function listServices(token, project, region) {
     token
   );
   return res.services || [];
-}
+}
+
+export async function listAllServices(token, project) {
+  var res = await gcpApi(
+    "GET",
+    `${RUN_API}/projects/${project}/locations/-/services`,
+    null,
+    token
+  );
+  return res.services || [];
+}
+
+export async function getService(token, serviceName) {
+  return gcpApi("GET", `${RUN_API}/${serviceName}`, null, token);
+}
+
+export async function createService(token, project, region, serviceId, body) {
+  var op = await gcpApi(
+    "POST",
+    `${RUN_API}/projects/${project}/locations/${region}/services?serviceId=${serviceId}`,
+    body,
+    token
+  );
+  return waitForOperation(token, op.name);
+}
+
+export async function updateService(token, serviceName, body) {
+  var op = await gcpApi("PATCH", `${RUN_API}/${serviceName}`, body, token);
+  return waitForOperation(token, op.name);
+}
+
+export async function deleteService(token, serviceName) {
+  var op = await gcpApi("DELETE", `${RUN_API}/${serviceName}`, null, token);
+  return waitForOperation(token, op.name);
+}
+
+export async function setIamPolicy(token, serviceName, policy) {
+  return gcpApi(
+    "POST",
+    `${RUN_API}/${serviceName}:setIamPolicy`,
+    { policy },
+    token
+  );
+}
+
+// --- Artifact Registry ---
+
+export async function getRepository(token, project, location, repoName) {
+  return gcpApi(
+    "GET",
+    `${AR_API}/projects/${project}/locations/${location}/repositories/${repoName}`,
+    null,
+    token
+  );
+}
+
+export async function createRepository(token, project, location, repoName) {
+  var op = await gcpApi(
+    "POST",
+    `${AR_API}/projects/${project}/locations/${location}/repositories?repositoryId=${repoName}`,
+    { format: "DOCKER" },
+    token
+  );
+  if (op.done) return op.response || op;
+  return waitForOperation(token, op.name, AR_API);
+}
+
+// --- Cloud SQL ---
+
+export async function createSqlInstance(token, project, body) {
+  var op = await gcpApi(
+    "POST",
+    `${SQLADMIN_API}/projects/${project}/instances`,
+    body,
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function getSqlInstance(token, project, instanceName) {
+  return gcpApi(
+    "GET",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}`,
+    null,
+    token
+  );
+}
+
+export async function deleteSqlInstance(token, project, instanceName) {
+  var op = await gcpApi(
+    "DELETE",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}`,
+    null,
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function createSqlDatabase(token, project, instanceName, dbName) {
+  var op = await gcpApi(
+    "POST",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/databases`,
+    { name: dbName },
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function deleteSqlDatabase(token, project, instanceName, dbName) {
+  var op = await gcpApi(
+    "DELETE",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/databases/${dbName}`,
+    null,
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function createSqlUser(token, project, instanceName, userName, password) {
+  var op = await gcpApi(
+    "POST",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/users`,
+    { name: userName, password },
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function updateSqlUser(token, project, instanceName, userName, password) {
+  var op = await gcpApi(
+    "PUT",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/users?name=${encodeURIComponent(userName)}`,
+    { name: userName, password },
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+// --- Cloud DNS ---
+
+export async function listManagedZones(token, project) {
+  var res = await gcpApi(
+    "GET",
+    `${DNS_API}/projects/${project}/managedZones`,
+    null,
+    token
+  );
+  return res.managedZones || [];
+}
+
+export async function createDnsChange(token, project, zoneName, change) {
+  return gcpApi(
+    "POST",
+    `${DNS_API}/projects/${project}/managedZones/${zoneName}/changes`,
+    change,
+    token
+  );
+}
+
+export async function listResourceRecordSets(token, project, zoneName) {
+  var res = await gcpApi(
+    "GET",
+    `${DNS_API}/projects/${project}/managedZones/${zoneName}/rrsets`,
+    null,
+    token
+  );
+  return res.rrsets || [];
+}
+
+// --- Cloud Logging ---
+
+export async function listLogEntries(token, body) {
+  return gcpApi("POST", `${LOGGING_API}/entries:list`, body, token);
+}
+
+// --- Cloud Monitoring ---
+
+export async function queryTimeSeries(token, project, body) {
+  return gcpApi(
+    "POST",
+    `${MONITORING_API}/projects/${project}/timeSeries:query`,
+    body,
+    token
+  );
+}