relight-cli 0.2.0 → 0.4.0

package/src/commands/service.js

@@ -0,0 +1,227 @@
+import { createInterface } from "readline";
+import { success, fatal, fmt, table } from "../lib/output.js";
+import {
+  SERVICE_TYPES,
+  getRegisteredServices,
+  saveServiceConfig,
+  removeServiceConfig,
+  normalizeServiceConfig,
+  tryGetServiceConfig,
+} from "../lib/config.js";
+import { verifyConnection } from "../lib/clouds/slicervm.js";
+import { verifyApiKey } from "../lib/clouds/neon.js";
+import kleur from "kleur";
+
+function prompt(rl, question) {
+  return new Promise((resolve) => rl.question(question, resolve));
+}
+
+export async function serviceList() {
+  var services = getRegisteredServices();
+
+  if (services.length === 0) {
+    process.stderr.write("No services registered.\n");
+    process.stderr.write(
+      `\n${fmt.dim("Hint:")} ${fmt.cmd("relight service add")} to register one.\n`
+    );
+    return;
+  }
+
+  var headers = ["NAME", "LAYER", "TYPE", "ENDPOINT"];
+  var rows = services.map((a) => [
+    fmt.bold(a.name),
+    a.layer,
+    SERVICE_TYPES[a.type]?.name || a.type,
+    a.socketPath || a.apiUrl || (a.type === "neon" ? "console.neon.tech" : "-"),
+  ]);
+
+  console.log(table(headers, rows));
+}
+
+export async function serviceAdd(name) {
+  var rl = createInterface({ input: process.stdin, output: process.stderr });
+
+  // 1. Pick layer
+  var layers = ["compute", "db"];
+  process.stderr.write(`\n${kleur.bold("Register a service")}\n\n`);
+  process.stderr.write(`  ${kleur.bold("Layer:")}\n\n`);
+  for (var i = 0; i < layers.length; i++) {
+    process.stderr.write(`  ${kleur.bold(`[${i + 1}]`)} ${layers[i]}\n`);
+  }
+  process.stderr.write("\n");
+
+  var layerChoice = await prompt(rl, `Select layer [1-${layers.length}]: `);
+  var layerIdx = parseInt(layerChoice, 10) - 1;
+  if (isNaN(layerIdx) || layerIdx < 0 || layerIdx >= layers.length) {
+    rl.close();
+    fatal("Invalid selection.");
+  }
+  var layer = layers[layerIdx];
+
+  // 2. Pick type (contextual to layer)
+  var types = Object.entries(SERVICE_TYPES)
+    .filter(([, v]) => v.layer === layer)
+    .map(([id, v]) => ({ id, name: v.name }));
+
+  process.stderr.write(`\n  ${kleur.bold("Type:")}\n\n`);
+  for (var i = 0; i < types.length; i++) {
+    process.stderr.write(
+      `  ${kleur.bold(`[${i + 1}]`)} ${types[i].name}\n`
+    );
+  }
+  process.stderr.write("\n");
+
+  var typeChoice = await prompt(rl, `Select type [1-${types.length}]: `);
+  var typeIdx = parseInt(typeChoice, 10) - 1;
+  if (isNaN(typeIdx) || typeIdx < 0 || typeIdx >= types.length) {
+    rl.close();
+    fatal("Invalid selection.");
+  }
+  var serviceType = types[typeIdx].id;
+
+  // 3. Connection details (SlicerVM-specific)
+  var config = { layer, type: serviceType };
+
+  if (serviceType === "slicervm") {
+    process.stderr.write(`\n  ${kleur.bold("Connection mode")}\n\n`);
+    process.stderr.write(`  ${kleur.bold("[1]")} Unix socket (local dev)\n`);
+    process.stderr.write(`  ${kleur.bold("[2]")} HTTP API (remote)\n\n`);
+
+    var modeChoice = await prompt(rl, "Select [1-2]: ");
+    var useSocket = modeChoice.trim() === "1";
+
+    if (useSocket) {
+      var defaultSocket = "/var/run/slicer/slicer.sock";
+      var socketPath = await prompt(rl, `Socket path [${defaultSocket}]: `);
+      socketPath = (socketPath || "").trim() || defaultSocket;
+      config.socketPath = socketPath;
+    } else {
+      var apiUrl = await prompt(
+        rl,
+        "Slicer API URL (e.g. https://slicer.example.com:8080): "
+      );
+      apiUrl = (apiUrl || "").trim().replace(/\/+$/, "");
+      if (!apiUrl) {
+        rl.close();
+        fatal("No API URL provided.");
+      }
+      config.apiUrl = apiUrl;
+
+      var token = await prompt(rl, "API token: ");
+      token = (token || "").trim();
+      if (!token) {
+        rl.close();
+        fatal("No token provided.");
+      }
+      config.token = token;
+    }
+
+    var hostGroup = await prompt(rl, "Host group [apps]: ");
+    config.hostGroup = (hostGroup || "").trim() || "apps";
+
+    var baseDomain = await prompt(
+      rl,
+      "Base domain (e.g. apps.example.com) [localhost]: "
+    );
+    config.baseDomain = (baseDomain || "").trim() || "localhost";
+
+    // 4. Verify connection
+    process.stderr.write("\nVerifying...\n");
+    var verifyCfg = normalizeServiceConfig(config);
+    try {
+      await verifyConnection(verifyCfg);
+    } catch (e) {
+      rl.close();
+      fatal("Connection failed.", e.message);
+    }
+
+    if (useSocket) {
+      process.stderr.write(`  Socket: ${fmt.bold(config.socketPath)}\n`);
+    } else {
+      process.stderr.write(`  API: ${fmt.bold(config.apiUrl)}\n`);
+    }
+    process.stderr.write(`  Host group: ${fmt.dim(config.hostGroup)}\n`);
+    process.stderr.write(`  Base domain: ${fmt.dim(config.baseDomain)}\n`);
+  } else if (serviceType === "neon") {
+    process.stderr.write(`\n  ${kleur.bold("Neon API key")}\n\n`);
+    process.stderr.write(
+      `  ${fmt.dim("Get your API key at https://console.neon.tech/app/settings/api-keys")}\n\n`
+    );
+
+    var apiKey = await prompt(rl, "API key: ");
+    apiKey = (apiKey || "").trim();
+    if (!apiKey) {
+      rl.close();
+      fatal("No API key provided.");
+    }
+    config.apiKey = apiKey;
+
+    // Verify connection
+    process.stderr.write("\nVerifying...\n");
+    try {
+      var projects = await verifyApiKey(apiKey);
+      process.stderr.write(
+        `  Authenticated. ${projects.length} existing project${projects.length === 1 ? "" : "s"}.\n`
+      );
+    } catch (e) {
+      rl.close();
+      fatal("Authentication failed.", e.message);
+    }
+  }
+
+  // 5. Auto-name if not provided
+  if (!name) {
+    var existing = getRegisteredServices().filter((a) => a.type === serviceType);
+    if (existing.length === 0) {
+      name = serviceType;
+    } else {
+      name = `${serviceType}-${existing.length + 1}`;
+    }
+    var inputName = await prompt(rl, `Service name [${name}]: `);
+    name = (inputName || "").trim() || name;
+  }
+
+  // Check for existing
+  if (tryGetServiceConfig(name)) {
+    var overwrite = await prompt(
+      rl,
+      `Service '${name}' already exists. Overwrite? [y/N] `
+    );
+    if (!overwrite.match(/^y(es)?$/i)) {
+      rl.close();
+      process.stderr.write("Cancelled.\n");
+      process.exit(0);
+    }
+  }
+
+  rl.close();
+
+  // 6. Save
+  saveServiceConfig(name, config);
+
+  success(`Service ${fmt.bold(name)} registered!`);
+}
+
+export async function serviceRemove(name) {
+  if (!name) {
+    fatal("Usage: relight service remove <name>");
+  }
+
+  if (!tryGetServiceConfig(name)) {
+    fatal(`Service '${name}' not found.`);
+  }
+
+  var rl = createInterface({ input: process.stdin, output: process.stderr });
+  var answer = await new Promise((resolve) =>
+    rl.question(`Remove service '${name}'? [y/N] `, resolve)
+  );
+  rl.close();
+
+  if (!answer.match(/^y(es)?$/i)) {
+    process.stderr.write("Cancelled.\n");
+    return;
+  }
+
+  removeServiceConfig(name);
+  success(`Service ${fmt.bold(name)} removed.`);
+}

package/src/lib/clouds/gcp.js

@@ -2,6 +2,8 @@ import { createSign } from "crypto";
 import { readFileSync } from "fs";
 
 export var RUN_API = "https://run.googleapis.com/v2";
+var FIREBASE_API = "https://firebase.googleapis.com/v1beta1";
+var FIREBASE_HOSTING_API = "https://firebasehosting.googleapis.com/v1beta1";
 var CRM_API = "https://cloudresourcemanager.googleapis.com/v1";
 var TOKEN_URI = "https://oauth2.googleapis.com/token";
 var SCOPE = "https://www.googleapis.com/auth/cloud-platform";
@@ -59,7 +61,7 @@ export async function mintAccessToken(clientEmail, privateKey) {
   var res = await fetch(TOKEN_URI, {
     method: "POST",
     headers: { "Content-Type": "application/x-www-form-urlencoded" },
-    body: `grant_type=${encodeURIComponent("urn:ietf:params:oauth:grant_type:jwt-bearer")}&assertion=${encodeURIComponent(jwt)}`,
+    body: `grant_type=${encodeURIComponent("urn:ietf:params:oauth:grant-type:jwt-bearer")}&assertion=${encodeURIComponent(jwt)}`,
   });
 
   if (!res.ok) {
@@ -98,6 +100,8 @@ export async function gcpApi(method, url, body, token) {
     throw new Error(`GCP API ${method} ${url}: ${res.status} ${text}`);
   }
 
+  var contentType = res.headers.get("content-type") || "";
+  if (!contentType.includes("json")) return {};
   return res.json();
 }
 
@@ -302,6 +306,26 @@ export async function updateSqlUser(token, project, instanceName, userName, pass
   return waitForSqlOperation(token, project, op.name);
 }
 
+export async function deleteSqlUser(token, project, instanceName, userName) {
+  var op = await gcpApi(
+    "DELETE",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/users?name=${encodeURIComponent(userName)}`,
+    null,
+    token
+  );
+  return waitForSqlOperation(token, project, op.name);
+}
+
+export async function listSqlDatabases(token, project, instanceName) {
+  var res = await gcpApi(
+    "GET",
+    `${SQLADMIN_API}/projects/${project}/instances/${instanceName}/databases`,
+    null,
+    token
+  );
+  return res.items || [];
+}
+
 // --- Cloud DNS ---
 
 export async function listManagedZones(token, project) {
@@ -333,6 +357,78 @@ export async function listResourceRecordSets(token, project, zoneName) {
   return res.rrsets || [];
 }
 
+// --- Firebase ---
+
+export async function ensureFirebaseProject(token, project) {
+  try {
+    await gcpApi("GET", `${FIREBASE_API}/projects/${project}`, null, token);
+    return;
+  } catch {}
+
+  // Try to add Firebase programmatically
+  try {
+    var op = await gcpApi("POST", `${FIREBASE_API}/projects/${project}:addFirebase`, {}, token);
+    if (op.name && !op.done) {
+      while (true) {
+        var status = await gcpApi("GET", `${FIREBASE_API}/${op.name}`, null, token);
+        if (status.done) {
+          if (status.error) throw new Error(status.error.message);
+          return;
+        }
+        await new Promise((r) => setTimeout(r, 2000));
+      }
+    }
+    return;
+  } catch {
+    throw new Error(
+      "Could not enable Firebase for this project.\n" +
+      "  This usually means the Firebase Terms of Service have not been accepted.\n" +
+      "  Visit https://console.firebase.google.com/ and add your GCP project there first."
+    );
+  }
+}
+
+// --- Firebase Hosting ---
+
+export async function createHostingSite(token, project, siteId) {
+  return gcpApi("POST", `${FIREBASE_HOSTING_API}/projects/${project}/sites?siteId=${siteId}`, {}, token);
+}
+
+export async function getHostingSite(token, project, siteId) {
+  return gcpApi("GET", `${FIREBASE_HOSTING_API}/projects/${project}/sites/${siteId}`, null, token);
+}
+
+export async function deleteHostingSite(token, project, siteId) {
+  return gcpApi("DELETE", `${FIREBASE_HOSTING_API}/projects/${project}/sites/${siteId}`, null, token);
+}
+
+export async function deployHostingProxy(token, siteId, serviceId, region) {
+  // Create version with Cloud Run rewrite
+  var version = await gcpApi("POST", `${FIREBASE_HOSTING_API}/sites/${siteId}/versions`, {
+    config: {
+      rewrites: [{ glob: "**", run: { serviceId, region } }],
+    },
+  }, token);
+
+  var versionId = version.name.split("/").pop();
+
+  // Finalize version
+  await gcpApi("PATCH", `${FIREBASE_HOSTING_API}/sites/${siteId}/versions/${versionId}?update_mask=status`, {
+    status: "FINALIZED",
+  }, token);
+
+  // Create release
+  await gcpApi("POST", `${FIREBASE_HOSTING_API}/sites/${siteId}/releases?versionName=sites/${siteId}/versions/${versionId}`, {}, token);
+}
+
+export async function addHostingCustomDomain(token, project, siteId, domain) {
+  return gcpApi("POST", `${FIREBASE_HOSTING_API}/projects/${project}/sites/${siteId}/customDomains?customDomainId=${domain}`, {}, token);
+}
+
+export async function deleteHostingCustomDomain(token, project, siteId, domain) {
+  return gcpApi("DELETE", `${FIREBASE_HOSTING_API}/projects/${project}/sites/${siteId}/customDomains/${domain}`, null, token);
+}
+
 // --- Cloud Logging ---
 
 export async function listLogEntries(token, body) {

package/src/lib/clouds/neon.js

@@ -0,0 +1,147 @@
+var API_BASE = "https://console.neon.tech/api/v2";
+
+export async function neonApi(apiKey, method, path, body) {
+  var headers = {
+    Authorization: `Bearer ${apiKey}`,
+    Accept: "application/json",
+  };
+
+  if (body && typeof body === "object") {
+    headers["Content-Type"] = "application/json";
+    body = JSON.stringify(body);
+  }
+
+  var res = await fetch(`${API_BASE}${path}`, {
+    method,
+    headers,
+    body: method === "GET" || method === "DELETE" ? undefined : body,
+  });
+
+  if (!res.ok) {
+    var text = await res.text();
+    throw new Error(`Neon API ${method} ${path}: ${res.status} ${text}`);
+  }
+
+  if (res.status === 204) return null;
+  return res.json();
+}
+
+// --- Projects ---
+
+export async function listProjects(apiKey) {
+  var data = await neonApi(apiKey, "GET", "/projects");
+  return data.projects || [];
+}
+
+export async function createProject(apiKey, opts = {}) {
+  var body = {
+    project: {
+      name: opts.name || "relight",
+      pg_version: opts.pgVersion || 16,
+    },
+  };
+  if (opts.regionId) body.project.region_id = opts.regionId;
+  return neonApi(apiKey, "POST", "/projects", body);
+}
+
+export async function getProject(apiKey, projectId) {
+  return neonApi(apiKey, "GET", `/projects/${projectId}`);
+}
+
+export async function deleteProject(apiKey, projectId) {
+  return neonApi(apiKey, "DELETE", `/projects/${projectId}`);
+}
+
+// --- Branches ---
+
+export async function listBranches(apiKey, projectId) {
+  var data = await neonApi(apiKey, "GET", `/projects/${projectId}/branches`);
+  return data.branches || [];
+}
+
+// --- Databases ---
+
+export async function listDatabases(apiKey, projectId, branchId) {
+  var data = await neonApi(
+    apiKey,
+    "GET",
+    `/projects/${projectId}/branches/${branchId}/databases`
+  );
+  return data.databases || [];
+}
+
+export async function createDatabase(apiKey, projectId, branchId, dbName, ownerName) {
+  return neonApi(
+    apiKey,
+    "POST",
+    `/projects/${projectId}/branches/${branchId}/databases`,
+    { database: { name: dbName, owner_name: ownerName } }
+  );
+}
+
+export async function deleteDatabase(apiKey, projectId, branchId, dbName) {
+  return neonApi(
+    apiKey,
+    "DELETE",
+    `/projects/${projectId}/branches/${branchId}/databases/${dbName}`
+  );
+}
+
+// --- Roles ---
+
+export async function createRole(apiKey, projectId, branchId, roleName) {
+  return neonApi(
+    apiKey,
+    "POST",
+    `/projects/${projectId}/branches/${branchId}/roles`,
+    { role: { name: roleName } }
+  );
+}
+
+export async function deleteRole(apiKey, projectId, branchId, roleName) {
+  return neonApi(
+    apiKey,
+    "DELETE",
+    `/projects/${projectId}/branches/${branchId}/roles/${roleName}`
+  );
+}
+
+export async function getRolePassword(apiKey, projectId, branchId, roleName) {
+  var data = await neonApi(
+    apiKey,
+    "GET",
+    `/projects/${projectId}/branches/${branchId}/roles/${roleName}/reveal_password`
+  );
+  return data.password;
+}
+
+export async function resetRolePassword(apiKey, projectId, branchId, roleName) {
+  var data = await neonApi(
+    apiKey,
+    "POST",
+    `/projects/${projectId}/branches/${branchId}/roles/${roleName}/reset_password`
+  );
+  return data.password;
+}
+
+// --- Connection URI ---
+
+export async function getConnectionUri(apiKey, projectId, dbName, roleName) {
+  var params = new URLSearchParams({
+    database_name: dbName,
+    role_name: roleName,
+  });
+  var data = await neonApi(
+    apiKey,
+    "GET",
+    `/projects/${projectId}/connection_uri?${params}`
+  );
+  return data.uri;
+}
+
+// --- Verification ---
+
+export async function verifyApiKey(apiKey) {
+  var projects = await listProjects(apiKey);
+  return projects;
+}