relight-cli 0.3.0 → 0.4.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "relight-cli",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "Deploy web apps across clouds with scale-to-zero",
   "bin": {
     "relight": "./src/cli.js"

package/src/commands/apps.js

@@ -84,6 +84,9 @@ export async function appsInfo(name, options) {
   if (appConfig.createdAt) {
     console.log(`${fmt.bold("Created:")}    ${appConfig.createdAt}`);
   }
+  if (info.consoleUrl) {
+    console.log(`${fmt.bold("Console:")}    ${fmt.url(info.consoleUrl)}`);
+  }
 }
 
 export async function appsDestroy(name, options) {

package/src/commands/auth.js

@@ -168,7 +168,7 @@ async function authGCP(rl) {
   var SA_URL =
     "https://console.cloud.google.com/iam-admin/serviceaccounts/create";
   var ENABLE_APIS =
-    "https://console.cloud.google.com/apis/enableflow?apiid=run.googleapis.com,artifactregistry.googleapis.com,sqladmin.googleapis.com,dns.googleapis.com,logging.googleapis.com,monitoring.googleapis.com";
+    "https://console.cloud.google.com/apis/enableflow?apiid=run.googleapis.com,artifactregistry.googleapis.com,sqladmin.googleapis.com,dns.googleapis.com,logging.googleapis.com,monitoring.googleapis.com,firebase.googleapis.com,firebasehosting.googleapis.com";
 
   process.stderr.write(`\n  ${kleur.bold("Setup")}\n\n`);
   process.stderr.write(`  1. Enable the required APIs:\n`);
@@ -181,6 +181,8 @@ async function authGCP(rl) {
   process.stderr.write(`       ${fmt.val("Service Account User")}\n`);
   process.stderr.write(`       ${fmt.val("Cloud SQL Admin")}\n`);
   process.stderr.write(`       ${fmt.val("DNS Administrator")}\n`);
+  process.stderr.write(`       ${fmt.val("Firebase Admin")}\n`);
+  process.stderr.write(`       ${fmt.val("Firebase Hosting Admin")}\n`);
   process.stderr.write(`       ${fmt.val("Logs Viewer")}\n`);
   process.stderr.write(`       ${fmt.val("Monitoring Viewer")}\n\n`);
   process.stderr.write(`  3. Go to the service account → ${kleur.bold("Keys")} tab\n`);

package/src/commands/doctor.js

@@ -9,7 +9,7 @@ import {
   normalizeServiceConfig,
 } from "../lib/config.js";
 import { verifyToken as cfVerify, getWorkersSubdomain } from "../lib/clouds/cf.js";
-import { mintAccessToken, verifyProject as gcpVerifyProject, listRegions as gcpListRegions, gcpApi, AR_API, SQLADMIN_API, DNS_API } from "../lib/clouds/gcp.js";
+import { mintAccessToken, verifyProject as gcpVerifyProject, listAllServices as gcpListServices, gcpApi, AR_API, SQLADMIN_API, DNS_API } from "../lib/clouds/gcp.js";
 import { verifyCredentials as awsVerify, checkAppRunner, awsJsonApi, awsQueryApi, awsRestXmlApi } from "../lib/clouds/aws.js";
 import { verifyConnection as slicerVerify } from "../lib/clouds/slicervm.js";
 import kleur from "kleur";
@@ -156,7 +156,7 @@ async function checkGCP(cfg) {
 
     ok =
       (await asyncCheck("Cloud Run API reachable", async () => {
-        await gcpListRegions(token, cfg.project);
+        await gcpListServices(token, cfg.project);
       })) && ok;
 
     ok =

package/src/commands/domains.js

@@ -144,12 +144,23 @@ export async function domainsAdd(args, options) {
   rl.close();
 
   if (crossCloud) {
-    // Cross-cloud: DNS record on one cloud, app config on another
+    // Cross-cloud: set up domain mapping on the app cloud first (e.g. Firebase Hosting for GCP)
+    var dnsTarget;
+    var dnsProxied = true;
+    if (appProvider.mapCustomDomain) {
+      status(`Setting up hosting for ${domain}...`);
+      var mapping = await appProvider.mapCustomDomain(appCfg, name, domain);
+      dnsTarget = mapping.dnsTarget;
+      if (mapping.proxied === false) dnsProxied = false;
+    } else {
+      var appUrl = await appProvider.getAppUrl(appCfg, name);
+      dnsTarget = new URL(appUrl).hostname;
+    }
+
+    // Create DNS record pointing to the hosting provider
     status(`Creating DNS record for ${domain}...`);
-    var appUrl = await appProvider.getAppUrl(appCfg, name);
-    var dnsTarget = new URL(appUrl).hostname;
     try {
-      await dnsProvider.addDnsRecord(dnsCfg, domain, dnsTarget, zone);
+      await dnsProvider.addDnsRecord(dnsCfg, domain, dnsTarget, zone, { proxied: dnsProxied });
     } catch (e) {
       fatal(e.message);
     }
@@ -209,6 +220,12 @@ export async function domainsRemove(args, options) {
     await dnsProvider.removeDnsRecord(dnsCfg, domain);
 
     var appProvider = await target.provider("app");
+
+    // Remove domain mapping on the app cloud if supported
+    if (appProvider.unmapCustomDomain) {
+      await appProvider.unmapCustomDomain(appCfg, name, domain);
+    }
+
     var appConfig = await appProvider.getAppConfig(appCfg, name);
     if (appConfig) {
       appConfig.domains = (appConfig.domains || []).filter((d) => d !== domain);

package/src/commands/ps.js

@@ -23,22 +23,25 @@ export async function ps(name, options) {
   // Fetch live metrics
   var metrics = await appProvider.getContainerStatus(cfg, name);
 
-  // Aggregate: group by region + durableObjectId, keep only active instances
+  // Aggregate: group by region + id, keep only active instances
   var containers = [];
   for (var row of metrics) {
     var dim = row.dimensions;
-    if (!dim.active) continue;
-    var existing = containers.find(
-      (c) => c.region === dim.region && c.doId === dim.durableObjectId
-    );
+    if (dim.active === false) continue;
+    var id = dim.durableObjectId || dim.hostname || null;
+    var region = dim.region || dim.hostname || "-";
+    var existing = id ? containers.find(
+      (c) => c.region === region && c.id === id
+    ) : null;
     if (existing) {
       existing.cpuSamples++;
       existing.cpuLoad += row.avg?.cpuLoad || 0;
       existing.memory += row.avg?.memory || 0;
     } else {
       containers.push({
-        region: dim.region,
-        doId: dim.durableObjectId,
+        region,
+        id,
+        status: dim.status || null,
         cpuLoad: row.avg?.cpuLoad || 0,
         memory: row.avg?.memory || 0,
         cpuSamples: 1,
@@ -49,7 +52,7 @@ export async function ps(name, options) {
     c.cpuLoad = c.cpuLoad / c.cpuSamples;
     c.memory = c.memory / c.cpuSamples;
   }
-  containers.sort((a, b) => a.region.localeCompare(b.region) || a.doId.localeCompare(b.doId));
+  containers.sort((a, b) => (a.region || "").localeCompare(b.region || ""));
 
   if (options.json) {
     console.log(
@@ -61,7 +64,8 @@ export async function ps(name, options) {
           instances,
           containers: containers.map((c) => ({
             region: c.region,
-            id: c.doId,
+            id: c.id || null,
+            status: c.status || null,
             cpu: +(c.cpuLoad * 100).toFixed(1),
             memoryMiB: +(c.memory / 1024 / 1024).toFixed(0),
           })),
@@ -102,11 +106,12 @@ export async function ps(name, options) {
   console.log(`\n${fmt.bold("Containers:")}`);
 
   if (containers.length > 0) {
-    var headers = ["", "REGION", "ID", "CPU", "MEMORY"];
+    var hasIds = containers.some((c) => c.id);
+    var headers = hasIds ? ["", "REGION", "ID", "CPU", "MEMORY"] : ["", "REGION", "STATUS", "CPU", "MEMORY"];
     var rows = containers.map((c) => [
       kleur.green("*"),
       c.region,
-      c.doId.slice(0, 8),
+      hasIds ? (c.id || "-").slice(0, 8) : (c.status || "running"),
       (c.cpuLoad * 100).toFixed(1) + "%",
       (c.memory / 1024 / 1024).toFixed(0) + " MiB",
     ]);

package/src/lib/clouds/gcp.js

@@ -2,6 +2,8 @@ import { createSign } from "crypto";
 import { readFileSync } from "fs";
 
 export var RUN_API = "https://run.googleapis.com/v2";
+var FIREBASE_API = "https://firebase.googleapis.com/v1beta1";
+var FIREBASE_HOSTING_API = "https://firebasehosting.googleapis.com/v1beta1";
 var CRM_API = "https://cloudresourcemanager.googleapis.com/v1";
 var TOKEN_URI = "https://oauth2.googleapis.com/token";
 var SCOPE = "https://www.googleapis.com/auth/cloud-platform";
@@ -98,6 +100,8 @@ export async function gcpApi(method, url, body, token) {
     throw new Error(`GCP API ${method} ${url}: ${res.status} ${text}`);
   }
 
+  var contentType = res.headers.get("content-type") || "";
+  if (!contentType.includes("json")) return {};
   return res.json();
 }
 
@@ -353,6 +357,78 @@ export async function listResourceRecordSets(token, project, zoneName) {
   return res.rrsets || [];
 }
 
+// --- Firebase ---
+
+export async function ensureFirebaseProject(token, project) {
+  try {
+    await gcpApi("GET", `${FIREBASE_API}/projects/${project}`, null, token);
+    return;
+  } catch {}
+
+  // Try to add Firebase programmatically
+  try {
+    var op = await gcpApi("POST", `${FIREBASE_API}/projects/${project}:addFirebase`, {}, token);
+    if (op.name && !op.done) {
+      while (true) {
+        var status = await gcpApi("GET", `${FIREBASE_API}/${op.name}`, null, token);
+        if (status.done) {
+          if (status.error) throw new Error(status.error.message);
+          return;
+        }
+        await new Promise((r) => setTimeout(r, 2000));
+      }
+    }
+    return;
+  } catch {
+    throw new Error(
+      "Could not enable Firebase for this project.\n" +
+      "  This usually means the Firebase Terms of Service have not been accepted.\n" +
+      "  Visit https://console.firebase.google.com/ and add your GCP project there first."
+    );
+  }
+}
+
+// --- Firebase Hosting ---
+
+export async function createHostingSite(token, project, siteId) {
+  return gcpApi("POST", `${FIREBASE_HOSTING_API}/projects/${project}/sites?siteId=${siteId}`, {}, token);
+}
+
+export async function getHostingSite(token, project, siteId) {
+  return gcpApi("GET", `${FIREBASE_HOSTING_API}/projects/${project}/sites/${siteId}`, null, token);
+}
+
+export async function deleteHostingSite(token, project, siteId) {
+  return gcpApi("DELETE", `${FIREBASE_HOSTING_API}/projects/${project}/sites/${siteId}`, null, token);
+}
+
+export async function deployHostingProxy(token, siteId, serviceId, region) {
+  // Create version with Cloud Run rewrite
+  var version = await gcpApi("POST", `${FIREBASE_HOSTING_API}/sites/${siteId}/versions`, {
+    config: {
+      rewrites: [{ glob: "**", run: { serviceId, region } }],
+    },
+  }, token);
+
+  var versionId = version.name.split("/").pop();
+
+  // Finalize version
+  await gcpApi("PATCH", `${FIREBASE_HOSTING_API}/sites/${siteId}/versions/${versionId}?update_mask=status`, {
+    status: "FINALIZED",
+  }, token);
+
+  // Create release
+  await gcpApi("POST", `${FIREBASE_HOSTING_API}/sites/${siteId}/releases?versionName=sites/${siteId}/versions/${versionId}`, {}, token);
+}
+
+export async function addHostingCustomDomain(token, project, siteId, domain) {
+  return gcpApi("POST", `${FIREBASE_HOSTING_API}/projects/${project}/sites/${siteId}/customDomains?customDomainId=${domain}`, {}, token);
+}
+
+export async function deleteHostingCustomDomain(token, project, siteId, domain) {
+  return gcpApi("DELETE", `${FIREBASE_HOSTING_API}/projects/${project}/sites/${siteId}/customDomains/${domain}`, null, token);
+}
+
 // --- Cloud Logging ---
 
 export async function listLogEntries(token, body) {

package/src/lib/providers/aws/dns.js

@@ -149,7 +149,7 @@ export async function removeDomain(cfg, appName, domain) {
 
 // --- Pure DNS record operations (for cross-cloud use) ---
 
-export async function addDnsRecord(cfg, domain, target, zone) {
+export async function addDnsRecord(cfg, domain, target, zone, opts = {}) {
   var cr = { accessKeyId: cfg.accessKeyId, secretAccessKey: cfg.secretAccessKey };
   var fqdn = domain.endsWith(".") ? domain : domain + ".";
   var targetFqdn = target.endsWith(".") ? target : target + ".";

package/src/lib/providers/cf/dns.js

@@ -107,7 +107,7 @@ export async function removeDomain(cfg, appName, domain) {
 
 // --- Pure DNS record operations (for cross-cloud use) ---
 
-export async function addDnsRecord(cfg, domain, target, zone) {
+export async function addDnsRecord(cfg, domain, target, zone, opts = {}) {
   // Check for existing records
   var existing = await listDnsRecords(cfg.accountId, cfg.apiToken, zone.id, { name: domain });
   if (existing.length > 0) {
@@ -117,12 +117,12 @@ export async function addDnsRecord(cfg, domain, target, zone) {
     );
   }
 
-  // Create CNAME: domain -> target, proxied
+  var proxied = opts.proxied !== undefined ? opts.proxied : true;
   await createDnsRecord(cfg.accountId, cfg.apiToken, zone.id, {
     type: "CNAME",
     name: domain,
     content: target,
-    proxied: true,
+    proxied,
   });
 }
 

package/src/lib/providers/gcp/app.js

@@ -9,6 +9,13 @@ import {
   listLogEntries,
   queryTimeSeries,
   deleteSqlInstance,
+  ensureFirebaseProject,
+  createHostingSite,
+  getHostingSite,
+  deleteHostingSite,
+  deployHostingProxy,
+  addHostingCustomDomain,
+  deleteHostingCustomDomain,
 } from "../../clouds/gcp.js";
 
 // --- Helpers ---
@@ -199,8 +206,14 @@ export async function getAppInfo(cfg, appName) {
   var svc = await findService(token, cfg.project, appName);
   if (!svc) return null;
 
+  var region = parseRegionFromName(svc.name);
+  var svcId = svc.name.split("/").pop();
   var appConfig = await getAppConfig(cfg, appName);
-  return { appConfig, url: svc.uri || null };
+  return {
+    appConfig,
+    url: svc.uri || null,
+    consoleUrl: `https://console.cloud.google.com/run/detail/${region}/${svcId}?project=${cfg.project}`,
+  };
 }
 
 // --- Destroy ---
@@ -216,6 +229,11 @@ export async function destroyApp(cfg, appName) {
     } catch {}
   }
 
+  // Delete Firebase Hosting site if exists
+  try {
+    await deleteHostingSite(token, cfg.project, hostingSiteId(appName));
+  } catch {}
+
   // Delete Cloud Run service
   var svc = await findService(token, cfg.project, appName);
   if (!svc) throw new Error(`Service relight-${appName} not found.`);
@@ -275,6 +293,48 @@ export async function getAppUrl(cfg, appName) {
   return svc?.uri || null;
 }
 
+// --- Custom domain via Firebase Hosting ---
+
+function hostingSiteId(appName) {
+  return `relight-${appName}`;
+}
+
+async function ensureHostingSite(token, project, appName) {
+  var siteId = hostingSiteId(appName);
+  try {
+    await getHostingSite(token, project, siteId);
+  } catch {
+    await ensureFirebaseProject(token, project);
+    await createHostingSite(token, project, siteId);
+  }
+
+  // Deploy proxy config pointing to Cloud Run
+  var svc = await findService(token, project, appName);
+  if (!svc) throw new Error(`Service relight-${appName} not found.`);
+  var region = parseRegionFromName(svc.name);
+  var svcId = svc.name.split("/").pop();
+  await deployHostingProxy(token, siteId, svcId, region);
+
+  return siteId;
+}
+
+export async function mapCustomDomain(cfg, appName, domain) {
+  var token = await mintAccessToken(cfg.clientEmail, cfg.privateKey);
+  var siteId = await ensureHostingSite(token, cfg.project, appName);
+  await addHostingCustomDomain(token, cfg.project, siteId, domain);
+  return { dnsTarget: `${siteId}.web.app`, proxied: false };
+}
+
+export async function unmapCustomDomain(cfg, appName, domain) {
+  var token = await mintAccessToken(cfg.clientEmail, cfg.privateKey);
+  var siteId = hostingSiteId(appName);
+  try {
+    await deleteHostingCustomDomain(token, cfg.project, siteId, domain);
+  } catch (e) {
+    if (!e.message.includes("404")) throw e;
+  }
+}
+
 // --- Log streaming ---
 
 export async function streamLogs(cfg, appName) {
@@ -328,6 +388,10 @@ export async function getCosts(cfg, appNames, dateRange) {
   var token = await mintAccessToken(cfg.clientEmail, cfg.privateKey);
   var { sinceISO, untilISO } = dateRange;
 
+  // MQL datetime format: YYYY/MM/DD-HH:MM:SS (not ISO 8601)
+  var sinceMql = isoToMql(sinceISO);
+  var untilMql = isoToMql(untilISO);
+
   // Discover apps
   var apps;
   if (appNames) {
@@ -353,7 +417,7 @@ export async function getCosts(cfg, appNames, dateRange) {
         query: `fetch cloud_run_revision
           | metric 'run.googleapis.com/request_count'
           | filter resource.service_name == '${app.serviceName}'
-          | within d'${sinceISO}', d'${untilISO}'
+          | within d'${sinceMql}', d'${untilMql}'
           | group_by [], sum(val())`,
       });
       var reqData = reqRes.timeSeriesData || [];
@@ -362,7 +426,9 @@ export async function getCosts(cfg, appNames, dateRange) {
           usage.requests += Number(pt.values?.[0]?.int64Value || 0);
         }
       }
-    } catch {}
+    } catch (e) {
+      process.stderr.write(`  Warning: failed to fetch request metrics: ${e.message}\n`);
+    }
 
     try {
       // CPU allocation
@@ -370,7 +436,7 @@ export async function getCosts(cfg, appNames, dateRange) {
         query: `fetch cloud_run_revision
           | metric 'run.googleapis.com/container/cpu/allocation_time'
           | filter resource.service_name == '${app.serviceName}'
-          | within d'${sinceISO}', d'${untilISO}'
+          | within d'${sinceMql}', d'${untilMql}'
           | group_by [], sum(val())`,
       });
       var cpuData = cpuRes.timeSeriesData || [];
@@ -379,7 +445,9 @@ export async function getCosts(cfg, appNames, dateRange) {
           usage.cpuSeconds += Number(pt.values?.[0]?.doubleValue || 0);
         }
       }
-    } catch {}
+    } catch (e) {
+      process.stderr.write(`  Warning: failed to fetch CPU metrics: ${e.message}\n`);
+    }
 
     try {
       // Memory allocation
@@ -387,7 +455,7 @@ export async function getCosts(cfg, appNames, dateRange) {
         query: `fetch cloud_run_revision
           | metric 'run.googleapis.com/container/memory/allocation_time'
           | filter resource.service_name == '${app.serviceName}'
-          | within d'${sinceISO}', d'${untilISO}'
+          | within d'${sinceMql}', d'${untilMql}'
           | group_by [], sum(val())`,
       });
       var memData = memRes.timeSeriesData || [];
@@ -397,7 +465,9 @@ export async function getCosts(cfg, appNames, dateRange) {
           usage.memGibSeconds += Number(pt.values?.[0]?.doubleValue || 0);
         }
       }
-    } catch {}
+    } catch (e) {
+      process.stderr.write(`  Warning: failed to fetch memory metrics: ${e.message}\n`);
+    }
 
     results.push({ name: app.name, usage });
   }
@@ -405,6 +475,11 @@ export async function getCosts(cfg, appNames, dateRange) {
   return results;
 }
 
+function isoToMql(iso) {
+  // Convert 2026-03-01T00:00:00Z -> 2026/03/01-00:00:00
+  return iso.replace(/Z$/, "").replace(/^(\d{4})-(\d{2})-(\d{2})T/, "$1/$2/$3-");
+}
+
 // --- Regions ---
 
 export function getRegions() {

package/src/lib/providers/gcp/dns.js

@@ -4,7 +4,7 @@ import {
   createDnsChange,
   listResourceRecordSets,
 } from "../../clouds/gcp.js";
-import { getAppConfig, pushAppConfig, getAppUrl } from "./app.js";
+import { getAppConfig, pushAppConfig, getAppUrl, mapCustomDomain as mapDomain, unmapCustomDomain as unmapDomain } from "./app.js";
 
 export async function getZones(cfg) {
   var token = await mintAccessToken(cfg.clientEmail, cfg.privateKey);
@@ -47,10 +47,9 @@ export async function listDomains(cfg, appName) {
 export async function addDomain(cfg, appName, domain, { zone }) {
   var token = await mintAccessToken(cfg.clientEmail, cfg.privateKey);
 
-  // Get Cloud Run URL to use as CNAME target
-  var url = await getAppUrl(cfg, appName);
-  if (!url) throw new Error("Could not determine app URL for CNAME target.");
-  var target = new URL(url).hostname;
+  // Set up Firebase Hosting and get CNAME target
+  var mapping = await mapDomain(cfg, appName, domain);
+  var target = mapping.dnsTarget;
 
   // FQDN for Cloud DNS (trailing dot)
   var fqdn = domain.endsWith(".") ? domain : domain + ".";
@@ -67,7 +66,7 @@ export async function addDomain(cfg, appName, domain, { zone }) {
     );
   }
 
-  // Create CNAME record
+  // Create CNAME record pointing to Firebase Hosting
   await createDnsChange(token, cfg.project, zone.id, {
     additions: [
       {
@@ -111,6 +110,9 @@ export async function removeDomain(cfg, appName, domain) {
     }
   }
 
+  // Remove Firebase Hosting custom domain
+  await unmapDomain(cfg, appName, domain);
+
   // Update app config
   var appConfig = await getAppConfig(cfg, appName);
   if (appConfig) {
@@ -121,7 +123,7 @@ export async function removeDomain(cfg, appName, domain) {
 
 // --- Pure DNS record operations (for cross-cloud use) ---
 
-export async function addDnsRecord(cfg, domain, target, zone) {
+export async function addDnsRecord(cfg, domain, target, zone, opts = {}) {
   var token = await mintAccessToken(cfg.clientEmail, cfg.privateKey);
   var fqdn = domain.endsWith(".") ? domain : domain + ".";
   var targetFqdn = target.endsWith(".") ? target : target + ".";