relight-cli 0.1.0 → 0.3.0

package/src/lib/clouds/gcp.js

@@ -1,11 +1,17 @@
 import { createSign } from "crypto";
 import { readFileSync } from "fs";
 
-var RUN_API = "https://run.googleapis.com/v2";
+export var RUN_API = "https://run.googleapis.com/v2";
 var CRM_API = "https://cloudresourcemanager.googleapis.com/v1";
 var TOKEN_URI = "https://oauth2.googleapis.com/token";
 var SCOPE = "https://www.googleapis.com/auth/cloud-platform";
 
+export var AR_API = "https://artifactregistry.googleapis.com/v1";
+export var SQLADMIN_API = "https://sqladmin.googleapis.com/v1";
+export var DNS_API = "https://dns.googleapis.com/dns/v1";
+export var LOGGING_API = "https://logging.googleapis.com/v2";
+export var MONITORING_API = "https://monitoring.googleapis.com/v3";
+
 // --- Service account key file ---
 
 export function readKeyFile(path) {
@@ -25,7 +31,7 @@ export function readKeyFile(path) {
   };
 }
 
-// --- JWT → access token ---
+// --- JWT -> access token ---
 
 export async function mintAccessToken(clientEmail, privateKey) {
   var now = Math.floor(Date.now() / 1000);
@@ -53,7 +59,7 @@ export async function mintAccessToken(clientEmail, privateKey) {
   var res = await fetch(TOKEN_URI, {
     method: "POST",
     headers: { "Content-Type": "application/x-www-form-urlencoded" },
-    body: `grant_type=${encodeURIComponent("urn:ietf:params:oauth:grant_type:jwt-bearer")}&assertion=${encodeURIComponent(jwt)}`,
+    body: `grant_type=${encodeURIComponent("urn:ietf:params:oauth:grant-type:jwt-bearer")}&assertion=${encodeURIComponent(jwt)}`,
   });
 
   if (!res.ok) {
@@ -95,10 +101,51 @@ export async function gcpApi(method, url, body, token) {
   return res.json();
 }
 
+// --- LRO polling ---
+
+export async function waitForOperation(token, operationName, apiBase) {
+  var url = apiBase
+    ? `${apiBase}/${operationName}`
+    : `https://run.googleapis.com/v2/${operationName}`;
+  while (true) {
+    var op = await gcpApi("GET", url, null, token);
+    if (op.done) {
+      if (op.error) {
+        throw new Error(`Operation failed: ${op.error.message || JSON.stringify(op.error)}`);
+      }
+      return op.response || op;
+    }
+    await new Promise((r) => setTimeout(r, 2000));
+  }
+}
+
+export async function waitForSqlOperation(token, project, opName) {
+  while (true) {
+    var op = await gcpApi(
+      "GET",
+      `${SQLADMIN_API}/projects/${project}/operations/${opName}`,
+      null,
+      token
+    );
+    if (op.status === "DONE") {
+      if (op.error) {
+        var msgs = (op.error.errors || []).map((e) => e.message).join(", ");
+        throw new Error(`SQL operation failed: ${msgs || JSON.stringify(op.error)}`);
+      }
+      return op;
+    }
+    await new Promise((r) => setTimeout(r, 3000));
+  }
+}
+
+// --- Project verification ---
+
 export async function verifyProject(token, project) {
   return gcpApi("GET", `${CRM_API}/projects/${project}`, null, token);
 }
 
+// --- Cloud Run ---
+
 export async function listRegions(token, project) {
   var res = await gcpApi(
     "GET",
@@ -117,4 +164,208 @@ export async function listServices(token, project, region) {
     token
   );
   return res.services || [];
-}
+}
+
+export async function listAllServices(token, project) {
+  var res = await gcpApi(
+    "GET",
+    `${RUN_API}/projects/${project}/locations/-/services`,
+    null,
+    token
+  );
+  return res.services || [];
+}
+
+export async function getService(token, serviceName) {
+  return gcpApi("GET", `${RUN_API}/${serviceName}`, null, token);
+}
+
+export async function createService(token, project, region, serviceId, body) {
+  var op = await gcpApi(
+    "POST",
+    `${RUN_API}/projects/${project}/locations/${region}/services?serviceId=${serviceId}`,
+    body,
+    token
+  );
+  return waitForOperation(token, op.name);
+}
+
+export async function updateService(token, serviceName, body) {
+  var op = await gcpApi("PATCH", `${RUN_API}/${serviceName}`, body, token);
+  return waitForOperation(token, op.name);
+}
+
+export async function deleteService(token, serviceName) {
+  var op = await gcpApi("DELETE", `${RUN_API}/${serviceName}`, null, token);
+  return waitForOperation(token, op.name);
+}
+
+export async function setIamPolicy(token, serviceName, policy) {
+  return gcpApi(
+    "POST",
+    `${RUN_API}/${serviceName}:setIamPolicy`,
+    { policy },
+    token
+  );
+}
+
+// --- Artifact Registry ---
+
+export async function getRepository(token, project, location, repoName) {
+  return gcpApi(
+    "GET",
+    `${AR_API}/projects/${project}/locations/${location}/repositories/${repoName}`,
+    null,
+    token
+  );
+}
+
+export async function createRepository(token, project, location, repoName) {
+  var op = await gcpApi(
+    "POST",
+    `${AR_API}/projects/${project}/locations/${location}/repositories?repositoryId=${repoName}`,
+    { format: "DOCKER" },
+    token
+  );
+  if (op.done) return op.response || op;
+  return waitForOperation(token, op.name, AR_API);
+}
+
+// --- Cloud SQL ---
+
+export async function createSqlInstance(token, project, body) {
+  var op = await gcpApi(
+    "POST",
+    `${SQLADMIN_API}/projects/${project}/instances`,
+    body,
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function getSqlInstance(token, project, instanceName) {
+  return gcpApi(
+    "GET",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}`,
+    null,
+    token
+  );
+}
+
+export async function deleteSqlInstance(token, project, instanceName) {
+  var op = await gcpApi(
+    "DELETE",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}`,
+    null,
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function createSqlDatabase(token, project, instanceName, dbName) {
+  var op = await gcpApi(
+    "POST",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/databases`,
+    { name: dbName },
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function deleteSqlDatabase(token, project, instanceName, dbName) {
+  var op = await gcpApi(
+    "DELETE",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/databases/${dbName}`,
+    null,
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function createSqlUser(token, project, instanceName, userName, password) {
+  var op = await gcpApi(
+    "POST",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/users`,
+    { name: userName, password },
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function updateSqlUser(token, project, instanceName, userName, password) {
+  var op = await gcpApi(
+    "PUT",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/users?name=${encodeURIComponent(userName)}`,
+    { name: userName, password },
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function deleteSqlUser(token, project, instanceName, userName) {
+  var op = await gcpApi(
+    "DELETE",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/users?name=${encodeURIComponent(userName)}`,
+    null,
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function listSqlDatabases(token, project, instanceName) {
+  var res = await gcpApi(
+    "GET",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/databases`,
+    null,
+    token
+  );
+  return res.items || [];
+}
+
+// --- Cloud DNS ---
+
+export async function listManagedZones(token, project) {
+  var res = await gcpApi(
+    "GET",
+    `${DNS_API}/projects/${project}/managedZones`,
+    null,
+    token
+  );
+  return res.managedZones || [];
+}
+
+export async function createDnsChange(token, project, zoneName, change) {
+  return gcpApi(
+    "POST",
+    `${DNS_API}/projects/${project}/managedZones/${zoneName}/changes`,
+    change,
+    token
+  );
+}
+
+export async function listResourceRecordSets(token, project, zoneName) {
+  var res = await gcpApi(
+    "GET",
+    `${DNS_API}/projects/${project}/managedZones/${zoneName}/rrsets`,
+    null,
+    token
+  );
+  return res.rrsets || [];
+}
+
+// --- Cloud Logging ---
+
+export async function listLogEntries(token, body) {
+  return gcpApi("POST", `${LOGGING_API}/entries:list`, body, token);
+}
+
+// --- Cloud Monitoring ---
+
+export async function queryTimeSeries(token, project, body) {
+  return gcpApi(
+    "POST",
+    `${MONITORING_API}/projects/${project}/timeSeries:query`,
+    body,
+    token
+  );
+}

package/src/lib/clouds/neon.js

@@ -0,0 +1,147 @@
+var API_BASE = "https://console.neon.tech/api/v2";
+
+export async function neonApi(apiKey, method, path, body) {
+  var headers = {
+    Authorization: `Bearer ${apiKey}`,
+    Accept: "application/json",
+  };
+
+  if (body && typeof body === "object") {
+    headers["Content-Type"] = "application/json";
+    body = JSON.stringify(body);
+  }
+
+  var res = await fetch(`${API_BASE}${path}`, {
+    method,
+    headers,
+    body: method === "GET" || method === "DELETE" ? undefined : body,
+  });
+
+  if (!res.ok) {
+    var text = await res.text();
+    throw new Error(`Neon API ${method} ${path}: ${res.status} ${text}`);
+  }
+
+  if (res.status === 204) return null;
+  return res.json();
+}
+
+// --- Projects ---
+
+export async function listProjects(apiKey) {
+  var data = await neonApi(apiKey, "GET", "/projects");
+  return data.projects || [];
+}
+
+export async function createProject(apiKey, opts = {}) {
+  var body = {
+    project: {
+      name: opts.name || "relight",
+      pg_version: opts.pgVersion || 16,
+    },
+  };
+  if (opts.regionId) body.project.region_id = opts.regionId;
+  return neonApi(apiKey, "POST", "/projects", body);
+}
+
+export async function getProject(apiKey, projectId) {
+  return neonApi(apiKey, "GET", `/projects/${projectId}`);
+}
+
+export async function deleteProject(apiKey, projectId) {
+  return neonApi(apiKey, "DELETE", `/projects/${projectId}`);
+}
+
+// --- Branches ---
+
+export async function listBranches(apiKey, projectId) {
+  var data = await neonApi(apiKey, "GET", `/projects/${projectId}/branches`);
+  return data.branches || [];
+}
+
+// --- Databases ---
+
+export async function listDatabases(apiKey, projectId, branchId) {
+  var data = await neonApi(
+    apiKey,
+    "GET",
+    `/projects/${projectId}/branches/${branchId}/databases`
+  );
+  return data.databases || [];
+}
+
+export async function createDatabase(apiKey, projectId, branchId, dbName, ownerName) {
+  return neonApi(
+    apiKey,
+    "POST",
+    `/projects/${projectId}/branches/${branchId}/databases`,
+    { database: { name: dbName, owner_name: ownerName } }
+  );
+}
+
+export async function deleteDatabase(apiKey, projectId, branchId, dbName) {
+  return neonApi(
+    apiKey,
+    "DELETE",
+    `/projects/${projectId}/branches/${branchId}/databases/${dbName}`
+  );
+}
+
+// --- Roles ---
+
+export async function createRole(apiKey, projectId, branchId, roleName) {
+  return neonApi(
+    apiKey,
+    "POST",
+    `/projects/${projectId}/branches/${branchId}/roles`,
+    { role: { name: roleName } }
+  );
+}
+
+export async function deleteRole(apiKey, projectId, branchId, roleName) {
+  return neonApi(
+    apiKey,
+    "DELETE",
+    `/projects/${projectId}/branches/${branchId}/roles/${roleName}`
+  );
+}
+
+export async function getRolePassword(apiKey, projectId, branchId, roleName) {
+  var data = await neonApi(
+    apiKey,
+    "GET",
+    `/projects/${projectId}/branches/${branchId}/roles/${roleName}/reveal_password`
+  );
+  return data.password;
+}
+
+export async function resetRolePassword(apiKey, projectId, branchId, roleName) {
+  var data = await neonApi(
+    apiKey,
+    "POST",
+    `/projects/${projectId}/branches/${branchId}/roles/${roleName}/reset_password`
+  );
+  return data.password;
+}
+
+// --- Connection URI ---
+
+export async function getConnectionUri(apiKey, projectId, dbName, roleName) {
+  var params = new URLSearchParams({
+    database_name: dbName,
+    role_name: roleName,
+  });
+  var data = await neonApi(
+    apiKey,
+    "GET",
+    `/projects/${projectId}/connection_uri?${params}`
+  );
+  return data.uri;
+}
+
+// --- Verification ---
+
+export async function verifyApiKey(apiKey) {
+  var projects = await listProjects(apiKey);
+  return projects;
+}

package/src/lib/clouds/slicervm.js

@@ -0,0 +1,139 @@
+// SlicerVM API client
+// Supports two connection modes:
+// - Unix socket: cfg.socketPath (local dev, no auth)
+// - HTTP: cfg.apiUrl + cfg.apiToken (remote, bearer token auth)
+
+import http from "node:http";
+
+function socketRequest(socketPath, method, path, body, headers) {
+  return new Promise((resolve, reject) => {
+    var opts = { socketPath, method, path, headers: headers || {} };
+    var req = http.request(opts, (res) => {
+      var chunks = [];
+      res.on("data", (c) => chunks.push(c));
+      res.on("end", () => {
+        resolve({
+          ok: res.statusCode >= 200 && res.statusCode < 300,
+          status: res.statusCode,
+          headers: res.headers,
+          text: () => Promise.resolve(Buffer.concat(chunks).toString()),
+          json: () => Promise.resolve(JSON.parse(Buffer.concat(chunks).toString())),
+          body: null,
+        });
+      });
+    });
+    req.on("error", reject);
+    if (body) req.write(body);
+    req.end();
+  });
+}
+
+export async function slicerFetch(cfg, method, path, body, opts = {}) {
+  var headers = {};
+
+  if (cfg.apiToken) {
+    headers.Authorization = `Bearer ${cfg.apiToken}`;
+  }
+
+  var rawBody = body;
+  if (opts.contentType) {
+    headers["Content-Type"] = opts.contentType;
+  } else if (body && typeof body === "object" && !Buffer.isBuffer(body)) {
+    headers["Content-Type"] = "application/json";
+    rawBody = JSON.stringify(body);
+  }
+
+  var res;
+  if (cfg.socketPath) {
+    res = await socketRequest(cfg.socketPath, method, path, method === "GET" ? undefined : rawBody, headers);
+  } else {
+    res = await fetch(`${cfg.apiUrl}${path}`, {
+      method,
+      headers,
+      body: method === "GET" ? undefined : rawBody,
+    });
+  }
+
+  if (!res.ok) {
+    var text = await res.text();
+    throw new Error(`Slicer API ${method} ${path}: ${res.status} ${text}`);
+  }
+
+  var ct = (res.headers instanceof Headers)
+    ? res.headers.get("content-type") || ""
+    : res.headers["content-type"] || "";
+
+  if (ct.includes("application/json")) {
+    return res.json();
+  }
+  if (opts.stream) {
+    return res;
+  }
+  return res.text();
+}
+
+// --- Nodes ---
+
+export async function listNodes(cfg) {
+  return slicerFetch(cfg, "GET", "/nodes");
+}
+
+export async function createNode(cfg, hostGroup, opts = {}) {
+  return slicerFetch(cfg, "POST", `/hostgroup/${hostGroup}/nodes`, {
+    tags: opts.tags || [],
+    vcpu: opts.vcpu,
+    memory: opts.memory,
+  });
+}
+
+export async function deleteNode(cfg, hostGroup, hostname) {
+  return slicerFetch(cfg, "DELETE", `/hostgroup/${hostGroup}/nodes/${hostname}`);
+}
+
+// --- VM lifecycle ---
+
+export async function resumeVM(cfg, hostname) {
+  return slicerFetch(cfg, "POST", `/vm/${hostname}/resume`);
+}
+
+export async function pauseVM(cfg, hostname) {
+  return slicerFetch(cfg, "POST", `/vm/${hostname}/pause`);
+}
+
+export async function healthCheck(cfg, hostname) {
+  return slicerFetch(cfg, "GET", `/vm/${hostname}/health`);
+}
+
+// --- Exec ---
+
+export async function execInVM(cfg, hostname, cmd, args, opts = {}) {
+  var qs = new URLSearchParams();
+  qs.set("cmd", cmd);
+  for (var arg of (args || [])) {
+    qs.append("args", arg);
+  }
+  if (opts.uid !== undefined) qs.set("uid", String(opts.uid));
+  if (opts.gid !== undefined) qs.set("gid", String(opts.gid));
+  if (opts.workdir) qs.set("cwd", opts.workdir);
+  return slicerFetch(cfg, "POST", `/vm/${hostname}/exec?${qs}`, null, {
+    stream: opts.stream,
+  });
+}
+
+// --- File upload ---
+
+export async function uploadToVM(cfg, hostname, path, tarBuffer, opts = {}) {
+  var qs = new URLSearchParams({ path });
+  if (opts.uid !== undefined) qs.set("uid", String(opts.uid));
+  if (opts.gid !== undefined) qs.set("gid", String(opts.gid));
+  if (opts.mode) qs.set("mode", opts.mode);
+  return slicerFetch(cfg, "POST", `/vm/${hostname}/cp?${qs}`, tarBuffer, {
+    contentType: "application/x-tar",
+  });
+}
+
+// --- Auth verification ---
+
+export async function verifyConnection(cfg) {
+  return listNodes(cfg);
+}