sdtk-ops-kit 0.2.0

package/src/lib/args.js

@@ -0,0 +1,107 @@
+"use strict";
+
+const { ValidationError } = require("./errors");
+
+function parseFlags(argv, defs) {
+  const flags = {};
+  const positional = [];
+  const aliasMap = {};
+
+  for (const [name, def] of Object.entries(defs)) {
+    if (def.alias) {
+      aliasMap[def.alias] = name;
+    }
+    if (def.type === "boolean") {
+      flags[name] = false;
+    } else if (def.multiple) {
+      flags[name] = [];
+    } else {
+      flags[name] = undefined;
+    }
+  }
+
+  let i = 0;
+  while (i < argv.length) {
+    const arg = argv[i];
+
+    if (!arg.startsWith("-")) {
+      positional.push(arg);
+      i++;
+      continue;
+    }
+
+    let key;
+    let inlineValue;
+    if (arg.includes("=")) {
+      const eqIdx = arg.indexOf("=");
+      key = arg.slice(0, eqIdx);
+      inlineValue = arg.slice(eqIdx + 1);
+    } else {
+      key = arg;
+    }
+
+    const stripped = key.replace(/^-{1,2}/, "");
+    const resolved = aliasMap[stripped] || stripped;
+    if (!(resolved in defs)) {
+      throw new ValidationError(`Unknown flag: ${key}`);
+    }
+
+    const def = defs[resolved];
+    if (def.type === "boolean") {
+      flags[resolved] = true;
+      i++;
+      continue;
+    }
+
+    let value = inlineValue;
+    if (value === undefined) {
+      i++;
+      if (i >= argv.length) {
+        throw new ValidationError(`Flag ${key} requires a value.`);
+      }
+      value = argv[i];
+    }
+
+    if (def.multiple) {
+      flags[resolved].push(value);
+    } else {
+      flags[resolved] = value;
+    }
+    i++;
+  }
+
+  return { flags, positional };
+}
+
+function requireFlag(flags, name, label) {
+  const value = flags[name];
+  if (value === undefined || value === null || value === "") {
+    throw new ValidationError(`Missing required flag: --${label || name}`);
+  }
+  return value;
+}
+
+function validateChoice(value, choices, label) {
+  if (!choices.includes(value)) {
+    throw new ValidationError(
+      `Invalid value for --${label}: "${value}". Must be one of: ${choices.join(", ")}`
+    );
+  }
+  return value;
+}
+
+function validatePattern(value, regex, label, hint) {
+  if (!regex.test(value)) {
+    throw new ValidationError(
+      `Invalid value for --${label}: "${value}". ${hint || `Must match ${regex}`}`
+    );
+  }
+  return value;
+}
+
+module.exports = {
+  parseFlags,
+  requireFlag,
+  validateChoice,
+  validatePattern,
+};

package/src/lib/errors.js

@@ -0,0 +1,41 @@
+"use strict";
+
+class CliError extends Error {
+  constructor(message, exitCode = 4) {
+    super(message);
+    this.name = this.constructor.name;
+    this.exitCode = exitCode;
+  }
+}
+
+class ValidationError extends CliError {
+  constructor(message) {
+    super(message, 1);
+  }
+}
+
+class DependencyError extends CliError {
+  constructor(message) {
+    super(message, 2);
+  }
+}
+
+class IntegrityError extends CliError {
+  constructor(message) {
+    super(message, 3);
+  }
+}
+
+class InternalError extends CliError {
+  constructor(message) {
+    super(message, 4);
+  }
+}
+
+module.exports = {
+  CliError,
+  ValidationError,
+  DependencyError,
+  IntegrityError,
+  InternalError,
+};

package/src/lib/powershell.js

@@ -0,0 +1,65 @@
+"use strict";
+
+const { execFile } = require("child_process");
+const { DependencyError } = require("./errors");
+
+function findPowerShell() {
+  if (process.platform === "win32") {
+    return "powershell.exe";
+  }
+  return "pwsh";
+}
+
+function runScript(scriptPath, params = {}, options = {}) {
+  return new Promise((resolve, reject) => {
+    const psExe = findPowerShell();
+    const args = [
+      "-ExecutionPolicy",
+      "Bypass",
+      "-NoProfile",
+      "-NonInteractive",
+      "-File",
+      scriptPath,
+    ];
+
+    for (const [key, value] of Object.entries(params)) {
+      if (value === true) {
+        args.push(`-${key}`);
+      } else if (value === false || value === undefined || value === null) {
+        continue;
+      } else {
+        args.push(`-${key}`);
+        args.push(String(value));
+      }
+    }
+
+    execFile(psExe, args, { maxBuffer: 10 * 1024 * 1024 }, (error, stdout, stderr) => {
+      if (error && error.code === "ENOENT") {
+        reject(
+          new DependencyError(
+            `PowerShell not found. Ensure PowerShell is installed and available in PATH.\nTried: ${psExe}`
+          )
+        );
+        return;
+      }
+
+      const exitCode = error ? error.code || 1 : 0;
+      const result = {
+        exitCode: typeof exitCode === "number" ? exitCode : 1,
+        stdout: stdout || "",
+        stderr: stderr || "",
+      };
+
+      if (!options.silent && result.stdout) {
+        process.stdout.write(result.stdout);
+      }
+
+      resolve(result);
+    });
+  });
+}
+
+module.exports = {
+  findPowerShell,
+  runScript,
+};

package/src/lib/scope.js

@@ -0,0 +1,58 @@
+"use strict";
+
+const os = require("os");
+const path = require("path");
+
+const VALID_SCOPES = ["project", "user"];
+
+const MANAGED_CLAUDE_SKILLS = [
+  "ops-backup",
+  "ops-ci-cd",
+  "ops-compliance",
+  "ops-container",
+  "ops-cost",
+  "ops-debug",
+  "ops-deploy",
+  "ops-discover",
+  "ops-incident",
+  "ops-infra-plan",
+  "ops-monitor",
+  "ops-parallel",
+  "ops-plan",
+  "ops-security-infra",
+  "ops-verify",
+];
+
+const MANAGED_CODEX_SKILLS = MANAGED_CLAUDE_SKILLS.map((name) => `sdtk-${name}`);
+
+function defaultScope(runtime) {
+  return runtime === "claude" ? "project" : "user";
+}
+
+function isProjectScopeSupported(runtime) {
+  return runtime === "claude";
+}
+
+function resolveSkillsDir(runtime, scope, projectPath) {
+  if (runtime === "claude") {
+    if (scope === "user") {
+      return path.join(os.homedir(), ".claude", "skills");
+    }
+    return path.join(projectPath || process.cwd(), ".claude", "skills");
+  }
+
+  const codexHome = process.env.CODEX_HOME || path.join(os.homedir(), ".codex");
+  return path.join(codexHome, "skills");
+}
+
+function managedSkillNames(runtime) {
+  return runtime === "claude" ? MANAGED_CLAUDE_SKILLS : MANAGED_CODEX_SKILLS;
+}
+
+module.exports = {
+  VALID_SCOPES,
+  defaultScope,
+  isProjectScopeSupported,
+  resolveSkillsDir,
+  managedSkillNames,
+};

package/src/lib/toolkit-payload.js

@@ -0,0 +1,123 @@
+"use strict";
+
+const crypto = require("crypto");
+const fs = require("fs");
+const path = require("path");
+const { IntegrityError } = require("./errors");
+
+const PACKAGE_ROOT = path.resolve(__dirname, "..", "..");
+const ASSETS_DIR = path.join(PACKAGE_ROOT, "assets", "toolkit");
+const MANIFEST_PATH = path.join(
+  PACKAGE_ROOT,
+  "assets",
+  "manifest",
+  "toolkit-bundle.manifest.json"
+);
+
+const REQUIRED_FILES = [
+  "toolkit/AGENTS.md",
+  "toolkit/install.ps1",
+  "toolkit/sdtk-spec.config.json",
+  "toolkit/sdtk-spec.config.profiles.example.json",
+  "toolkit/SDTKOPS_TOOLKIT.md",
+  "toolkit/scripts/install-claude-skills.ps1",
+  "toolkit/scripts/install-codex-skills.ps1",
+  "toolkit/scripts/uninstall-claude-skills.ps1",
+  "toolkit/scripts/uninstall-codex-skills.ps1",
+];
+
+const FORBIDDEN_PREFIXES = [
+  "toolkit/skills-claude/",
+  "toolkit/templates/",
+];
+
+const FORBIDDEN_PATHS = new Set([
+  "toolkit/skills/placeholder.md",
+  "toolkit/scripts/placeholder.md",
+]);
+
+function loadManifest() {
+  if (!fs.existsSync(MANIFEST_PATH)) {
+    throw new IntegrityError(
+      `SDTK-OPS toolkit manifest not found: ${MANIFEST_PATH}\nRun "npm run build:payload" to sync toolkit assets.`
+    );
+  }
+
+  try {
+    return JSON.parse(fs.readFileSync(MANIFEST_PATH, "utf-8"));
+  } catch (error) {
+    throw new IntegrityError(`Failed to parse SDTK-OPS toolkit manifest: ${error.message}`);
+  }
+}
+
+function hashFile(filePath) {
+  return crypto.createHash("sha256").update(fs.readFileSync(filePath)).digest("hex");
+}
+
+function resolvePayloadFile(relativePath) {
+  return path.join(ASSETS_DIR, relativePath);
+}
+
+function verify() {
+  const manifest = loadManifest();
+  if (!Array.isArray(manifest.files)) {
+    throw new IntegrityError("SDTK-OPS toolkit manifest has no files array.");
+  }
+
+  const errors = [];
+  const manifestPaths = new Set();
+
+  for (const entry of manifest.files) {
+    manifestPaths.add(entry.path);
+
+    if (FORBIDDEN_PATHS.has(entry.path)) {
+      errors.push(`FORBIDDEN PAYLOAD FILE: ${entry.path}`);
+      continue;
+    }
+
+    if (FORBIDDEN_PREFIXES.some((prefix) => entry.path.startsWith(prefix))) {
+      errors.push(`FORBIDDEN PAYLOAD PREFIX: ${entry.path}`);
+      continue;
+    }
+
+    const filePath = path.join(ASSETS_DIR, entry.path);
+    if (!fs.existsSync(filePath)) {
+      errors.push(`MISSING: ${entry.path}`);
+      continue;
+    }
+
+    const actualHash = hashFile(filePath);
+    if (actualHash !== entry.sha256) {
+      errors.push(
+        `HASH MISMATCH: ${entry.path}\n  expected: ${entry.sha256}\n  actual:   ${actualHash}`
+      );
+    }
+  }
+
+  for (const requiredPath of REQUIRED_FILES) {
+    if (!manifestPaths.has(requiredPath)) {
+      errors.push(`REQUIRED FILE MISSING FROM MANIFEST: ${requiredPath}`);
+    }
+  }
+
+  const skillManifestEntries = manifest.files.filter(
+    (entry) => entry.path.startsWith("toolkit/skills/") && entry.path.endsWith("/SKILL.md")
+  );
+  if (skillManifestEntries.length < 15) {
+    errors.push(`Expected at least 15 skill payload entries, found ${skillManifestEntries.length}.`);
+  }
+
+  if (errors.length > 0) {
+    throw new IntegrityError(`SDTK-OPS toolkit payload integrity check failed:\n${errors.join("\n")}`);
+  }
+}
+
+module.exports = {
+  ASSETS_DIR,
+  MANIFEST_PATH,
+  REQUIRED_FILES,
+  hashFile,
+  loadManifest,
+  resolvePayloadFile,
+  verify,
+};