spindb 0.46.4 → 0.47.0

package/dist/engines/valkey/index.js

@@ -1,13 +1,13 @@
-import { spawn, exec } from 'child_process';
-import { promisify } from 'util';
+import { spawn } from 'child_process';
 import { existsSync } from 'fs';
 import { mkdir, writeFile, readFile, unlink } from 'fs/promises';
-import { join } from 'path';
+import { dirname, join } from 'path';
 import { BaseEngine } from '../base-engine.js';
 import { paths } from '../../config/paths.js';
 import { getEngineDefaults } from '../../config/defaults.js';
 import { platformService, isWindows } from '../../core/platform-service.js';
 import { configManager } from '../../core/config-manager.js';
+import { getDefaultUsername, loadCredentials, saveCredentials, } from '../../core/credential-manager.js';
 import { logDebug, logWarning, assertValidUsername, } from '../../core/error-handler.js';
 import { processManager } from '../../core/process-manager.js';
 import { valkeyBinaryManager } from './binary-manager.js';
@@ -17,10 +17,89 @@ import { fetchAvailableVersions as fetchHostdbVersions } from './hostdb-releases
 import { detectBackupFormat as detectBackupFormatImpl, restoreBackup, } from './restore.js';
 import { createBackup } from './backup.js';
 import { getValkeyCliPath, VALKEY_CLI_NOT_FOUND_ERROR } from './cli-utils.js';
+import { Engine, } from '../../types/index.js';
 import { parseRedisResult } from '../../core/query-parser.js';
 import { getLibraryEnv, detectLibraryError } from '../../core/library-env.js';
-const execAsync = promisify(exec);
 const ENGINE = 'valkey';
+function shouldPassValkeyCliUsername(username) {
+    if (!username) {
+        return false;
+    }
+    const trimmed = username.trim();
+    return trimmed.length > 0 && trimmed.toLowerCase() !== 'default';
+}
+function buildValkeyCliEnv(libraryEnv = {}, password) {
+    const env = { ...process.env, ...libraryEnv };
+    if (password) {
+        env.REDISCLI_AUTH = password;
+    }
+    else {
+        delete env.REDISCLI_AUTH;
+    }
+    return env;
+}
+function getValkeyCliBaseDir(valkeyCli) {
+    return dirname(dirname(valkeyCli));
+}
+function getResolvedValkeyCliLibraryEnv(valkeyCli) {
+    return getLibraryEnv(getValkeyCliBaseDir(valkeyCli));
+}
+function getLocalCliHost(container) {
+    return container.bindAddress ?? '127.0.0.1';
+}
+async function runValkeyCliCommand(valkeyCli, args, options = {}) {
+    return new Promise((resolve, reject) => {
+        const proc = spawn(valkeyCli, args, {
+            stdio: ['ignore', 'pipe', 'pipe'],
+            env: buildValkeyCliEnv(options.libraryEnv, options.password),
+        });
+        let stdout = '';
+        let stderr = '';
+        let settled = false;
+        let timeoutId;
+        let timeoutError = null;
+        const finish = (error) => {
+            if (settled)
+                return;
+            settled = true;
+            if (timeoutId) {
+                clearTimeout(timeoutId);
+            }
+            if (error) {
+                reject(error);
+            }
+            else {
+                resolve({ stdout, stderr });
+            }
+        };
+        if (options.timeout && options.timeout > 0) {
+            timeoutId = setTimeout(() => {
+                timeoutError = new Error(`valkey-cli command timed out after ${options.timeout}ms`);
+                proc.kill();
+            }, options.timeout);
+        }
+        proc.stdout?.on('data', (data) => {
+            stdout += data.toString();
+        });
+        proc.stderr?.on('data', (data) => {
+            stderr += data.toString();
+        });
+        proc.on('error', (error) => {
+            finish(error);
+        });
+        proc.on('close', (code) => {
+            if (timeoutError) {
+                finish(timeoutError);
+                return;
+            }
+            if (code === 0) {
+                finish();
+                return;
+            }
+            finish(new Error(stderr || `valkey-cli exited with code ${code}`));
+        });
+    });
+}
 /**
  * Escape a Valkey key for use in CLI commands.
  * Escapes backslashes, double quotes, and control characters to prevent
@@ -199,6 +278,12 @@ export class ValkeyEngine extends BaseEngine {
     displayName = 'Valkey';
     defaultPort = engineDef.defaultPort;
     supportedVersions = SUPPORTED_MAJOR_VERSIONS;
+    async getLocalAuth(containerName) {
+        const savedCreds = await loadCredentials(containerName, Engine.Valkey, getDefaultUsername(Engine.Valkey));
+        return savedCreds
+            ? { username: savedCreds.username, password: savedCreds.password }
+            : {};
+    }
     // Get platform info for binary operations
     getPlatformInfo() {
         return platformService.getPlatformInfo();
@@ -442,7 +527,7 @@ export class ValkeyEngine extends BaseEngine {
             // This follows the pattern used by MySQL which works on Windows
             return new Promise((resolve, reject) => {
                 const spawnOpts = {
-                    stdio: ['ignore', 'pipe', 'pipe'],
+                    stdio: ['ignore', 'ignore', 'ignore'],
                     detached: true,
                     windowsHide: true,
                     env: { ...process.env, ...libraryEnv },
@@ -451,8 +536,6 @@ export class ValkeyEngine extends BaseEngine {
                 const cygwinConfigPath = toCygwinPath(configPath);
                 const proc = spawn(valkeyServer, [cygwinConfigPath], spawnOpts);
                 let settled = false;
-                let stderrOutput = '';
-                let stdoutOutput = '';
                 // Handle spawn errors (binary not found, DLL issues, etc.)
                 proc.on('error', (err) => {
                     if (settled)
@@ -460,16 +543,6 @@ export class ValkeyEngine extends BaseEngine {
                     settled = true;
                     reject(new Error(`Failed to spawn Valkey server: ${err.message}`));
                 });
-                proc.stdout?.on('data', (data) => {
-                    const str = data.toString();
-                    stdoutOutput += str;
-                    logDebug(`valkey-server stdout: ${str}`);
-                });
-                proc.stderr?.on('data', (data) => {
-                    const str = data.toString();
-                    stderrOutput += str;
-                    logDebug(`valkey-server stderr: ${str}`);
-                });
                 // Detach the process so it continues running after parent exits
                 proc.unref();
                 // Give spawn a moment to fail if it's going to, then check readiness
@@ -490,7 +563,7 @@ export class ValkeyEngine extends BaseEngine {
                         // Non-fatal - process is running, PID file is for convenience
                     }
                     // Wait for Valkey to be ready
-                    const ready = await this.waitForReady(port, version);
+                    const ready = await this.waitForReady(name, port, version, bindAddress);
                     if (settled)
                         return;
                     if (ready) {
@@ -524,7 +597,7 @@ export class ValkeyEngine extends BaseEngine {
                             logContent = '(log file not found or empty)';
                         }
                         // Check for library loading errors first
-                        const libError = detectLibraryError(stderrOutput + logContent, 'Valkey');
+                        const libError = detectLibraryError(logContent, 'Valkey');
                         if (libError) {
                             reject(new Error(libError));
                             return;
@@ -535,8 +608,6 @@ export class ValkeyEngine extends BaseEngine {
                             `Config: ${configPath}`,
                             `Log file: ${logFile}`,
                             `Log content:\n${logContent || '(empty)'}`,
-                            stderrOutput ? `Stderr:\n${stderrOutput}` : '',
-                            stdoutOutput ? `Stdout:\n${stdoutOutput}` : '',
                         ]
                             .filter(Boolean)
                             .join('\n');
@@ -575,7 +646,7 @@ export class ValkeyEngine extends BaseEngine {
                         return;
                     }
                     // Wait for Valkey to be ready
-                    const ready = await this.waitForReady(port, version);
+                    const ready = await this.waitForReady(name, port, version, bindAddress);
                     if (ready) {
                         resolve({
                             port,
@@ -619,7 +690,7 @@ export class ValkeyEngine extends BaseEngine {
     }
     // Wait for Valkey to be ready to accept connections
     // TODO - consider copying the mongodb logic for this
-    async waitForReady(port, version, timeoutMs = 60000) {
+    async waitForReady(containerName, port, version, bindAddress = '127.0.0.1', timeoutMs = 60000) {
         const startTime = Date.now();
         const checkInterval = 500;
         let valkeyCli;
@@ -632,10 +703,20 @@ export class ValkeyEngine extends BaseEngine {
             await new Promise((resolve) => setTimeout(resolve, 2000));
             return true;
         }
+        const libraryEnv = getResolvedValkeyCliLibraryEnv(valkeyCli);
         while (Date.now() - startTime < timeoutMs) {
             try {
-                const cmd = `"${valkeyCli}" -h 127.0.0.1 -p ${port} PING`;
-                const { stdout } = await execAsync(cmd, { timeout: 5000 });
+                const auth = await this.getLocalAuth(containerName);
+                const args = ['-h', bindAddress, '-p', String(port)];
+                if (shouldPassValkeyCliUsername(auth.username)) {
+                    args.push('--user', auth.username);
+                }
+                args.push('PING');
+                const { stdout } = await runValkeyCliCommand(valkeyCli, args, {
+                    timeout: 5000,
+                    password: auth.password,
+                    libraryEnv,
+                });
                 if (stdout.trim() === 'PONG') {
                     logDebug(`Valkey ready on port ${port}`);
                     return true;
@@ -659,10 +740,21 @@ export class ValkeyEngine extends BaseEngine {
         logDebug(`Stopping Valkey container "${name}" on port ${port}`);
         // Try graceful shutdown via valkey-cli
         const valkeyCli = await this.getValkeyCliPathForVersion(version);
+        const libraryEnv = getResolvedValkeyCliLibraryEnv(valkeyCli);
+        const host = getLocalCliHost(container);
         if (valkeyCli) {
             try {
-                const cmd = `"${valkeyCli}" -h 127.0.0.1 -p ${port} SHUTDOWN SAVE`;
-                await execAsync(cmd, { timeout: 10000 });
+                const auth = await this.getLocalAuth(name);
+                const args = ['-h', host, '-p', String(port)];
+                if (shouldPassValkeyCliUsername(auth.username)) {
+                    args.push('--user', auth.username);
+                }
+                args.push('SHUTDOWN', 'SAVE');
+                await runValkeyCliCommand(valkeyCli, args, {
+                    timeout: 10000,
+                    password: auth.password,
+                    libraryEnv,
+                });
                 logDebug('Valkey shutdown command sent');
                 // Wait a bit for process to exit
                 await new Promise((resolve) => setTimeout(resolve, 2000));
@@ -716,10 +808,21 @@ export class ValkeyEngine extends BaseEngine {
         const pidFile = join(containerDir, 'valkey.pid');
         // Try pinging with valkey-cli
         const valkeyCli = await this.getValkeyCliPathForVersion(version);
+        const libraryEnv = getResolvedValkeyCliLibraryEnv(valkeyCli);
+        const host = getLocalCliHost(container);
         if (valkeyCli) {
             try {
-                const cmd = `"${valkeyCli}" -h 127.0.0.1 -p ${port} PING`;
-                const { stdout } = await execAsync(cmd, { timeout: 5000 });
+                const auth = await this.getLocalAuth(name);
+                const args = ['-h', host, '-p', String(port)];
+                if (shouldPassValkeyCliUsername(auth.username)) {
+                    args.push('--user', auth.username);
+                }
+                args.push('PING');
+                const { stdout } = await runValkeyCliCommand(valkeyCli, args, {
+                    timeout: 5000,
+                    password: auth.password,
+                    libraryEnv,
+                });
                 if (stdout.trim() === 'PONG') {
                     return { running: true, message: 'Valkey is running' };
                 }
@@ -785,14 +888,22 @@ export class ValkeyEngine extends BaseEngine {
     }
     // Open valkey-cli interactive shell
     async connect(container, database) {
-        const { port, version } = container;
+        const { name, port, version } = container;
         const db = database || container.database || '0';
         const valkeyCli = await this.getValkeyCliPathForVersion(version);
+        const libraryEnv = getResolvedValkeyCliLibraryEnv(valkeyCli);
+        const auth = await this.getLocalAuth(name);
+        const host = getLocalCliHost(container);
+        const args = ['-h', host, '-p', String(port), '-n', db];
+        if (shouldPassValkeyCliUsername(auth.username)) {
+            args.push('--user', auth.username);
+        }
         const spawnOptions = {
             stdio: 'inherit',
+            env: buildValkeyCliEnv(libraryEnv, auth.password),
         };
         return new Promise((resolve, reject) => {
-            const proc = spawn(valkeyCli, ['-h', '127.0.0.1', '-p', String(port), '-n', db], spawnOptions);
+            const proc = spawn(valkeyCli, args, spawnOptions);
             proc.on('error', reject);
             proc.on('close', () => resolve());
         });
@@ -816,6 +927,7 @@ export class ValkeyEngine extends BaseEngine {
     async connectWithIredis(container, database) {
         const { port } = container;
         const db = database || container.database || '0';
+        const host = getLocalCliHost(container);
         const iredis = await this.getIredisPath();
         if (!iredis) {
             throw new Error('iredis not found. Install it with:\n' +
@@ -826,7 +938,7 @@ export class ValkeyEngine extends BaseEngine {
             stdio: 'inherit',
         };
         return new Promise((resolve, reject) => {
-            const proc = spawn(iredis, ['-h', '127.0.0.1', '-p', String(port), '-n', db], spawnOptions);
+            const proc = spawn(iredis, ['-h', host, '-p', String(port), '-n', db], spawnOptions);
             proc.on('error', reject);
             proc.on('close', () => resolve());
         });
@@ -849,16 +961,27 @@ export class ValkeyEngine extends BaseEngine {
      * Uses FLUSHDB to clear all keys in the specified database
      */
     async dropDatabase(container, database) {
-        const { port, version } = container;
+        const { name, port, version } = container;
         const dbNum = parseInt(database, 10);
         if (isNaN(dbNum) || dbNum < 0 || dbNum > 15) {
             throw new Error(`Invalid Valkey database number: ${database}. Must be 0-15.`);
         }
         const valkeyCli = await this.getValkeyCliPathForVersion(version);
+        const libraryEnv = getResolvedValkeyCliLibraryEnv(valkeyCli);
+        const auth = await this.getLocalAuth(name);
+        const host = getLocalCliHost(container);
         // SELECT the database and FLUSHDB
-        const cmd = `"${valkeyCli}" -h 127.0.0.1 -p ${port} -n ${database} FLUSHDB`;
+        const args = ['-h', host, '-p', String(port), '-n', database];
+        if (shouldPassValkeyCliUsername(auth.username)) {
+            args.push('--user', auth.username);
+        }
+        args.push('FLUSHDB');
         try {
-            await execAsync(cmd, { timeout: 10000 });
+            await runValkeyCliCommand(valkeyCli, args, {
+                timeout: 10000,
+                password: auth.password,
+                libraryEnv,
+            });
             logDebug(`Flushed Valkey database ${database}`);
         }
         catch (error) {
@@ -876,12 +999,23 @@ export class ValkeyEngine extends BaseEngine {
      * This is acceptable for SpinDB since each container runs one Valkey server.
      */
     async getDatabaseSize(container) {
-        const { port, version } = container;
+        const { name, port, version } = container;
         try {
             const valkeyCli = await this.getValkeyCliPathForVersion(version);
+            const libraryEnv = getResolvedValkeyCliLibraryEnv(valkeyCli);
+            const auth = await this.getLocalAuth(name);
+            const host = getLocalCliHost(container);
             // INFO memory returns server-wide stats (database selection has no effect)
-            const cmd = `"${valkeyCli}" -h 127.0.0.1 -p ${port} INFO memory`;
-            const { stdout } = await execAsync(cmd, { timeout: 10000 });
+            const args = ['-h', host, '-p', String(port)];
+            if (shouldPassValkeyCliUsername(auth.username)) {
+                args.push('--user', auth.username);
+            }
+            args.push('INFO', 'memory');
+            const { stdout } = await runValkeyCliCommand(valkeyCli, args, {
+                timeout: 10000,
+                password: auth.password,
+                libraryEnv,
+            });
             // Parse used_memory (total server memory) from INFO output
             const match = stdout.match(/used_memory:(\d+)/);
             if (match) {
@@ -1136,16 +1270,24 @@ export class ValkeyEngine extends BaseEngine {
     }
     // Run a Valkey command file or inline command
     async runScript(container, options) {
-        const { port, version } = container;
+        const { name, port, version } = container;
         const db = options.database || container.database || '0';
         const valkeyCli = await this.getValkeyCliPathForVersion(version);
+        const libraryEnv = getResolvedValkeyCliLibraryEnv(valkeyCli);
+        const auth = await this.getLocalAuth(name);
+        const host = getLocalCliHost(container);
+        const args = ['-h', host, '-p', String(port), '-n', db];
+        if (shouldPassValkeyCliUsername(auth.username)) {
+            args.push('--user', auth.username);
+        }
+        const env = buildValkeyCliEnv(libraryEnv, auth.password);
         if (options.file) {
             // Read file and pipe to valkey-cli via stdin (avoids shell interpolation issues)
             const fileContent = await readFile(options.file, 'utf-8');
-            const args = ['-h', '127.0.0.1', '-p', String(port), '-n', db];
             await new Promise((resolve, reject) => {
                 const proc = spawn(valkeyCli, args, {
                     stdio: ['pipe', 'inherit', 'inherit'],
+                    env,
                 });
                 let rejected = false;
                 proc.on('error', (err) => {
@@ -1169,10 +1311,10 @@ export class ValkeyEngine extends BaseEngine {
         }
         else if (options.sql) {
             // Run inline command by piping to valkey-cli stdin (avoids shell quoting issues on Windows)
-            const args = ['-h', '127.0.0.1', '-p', String(port), '-n', db];
             await new Promise((resolve, reject) => {
                 const proc = spawn(valkeyCli, args, {
                     stdio: ['pipe', 'inherit', 'inherit'],
+                    env,
                 });
                 let rejected = false;
                 proc.on('error', (err) => {
@@ -1199,28 +1341,26 @@ export class ValkeyEngine extends BaseEngine {
         }
     }
     async executeQuery(container, query, options) {
-        const { port, version } = container;
+        const { name, port, version } = container;
         const db = options?.database || container.database || '0';
         const host = options?.host ?? '127.0.0.1';
         const valkeyCli = await this.getValkeyCliPathForVersion(version);
-        const binBaseDir = this.getBinaryPath(version);
-        const libraryEnv = getLibraryEnv(binBaseDir);
+        const libraryEnv = getResolvedValkeyCliLibraryEnv(valkeyCli);
+        const localAuth = !options?.username &&
+            !options?.password &&
+            (host === '127.0.0.1' || host === 'localhost')
+            ? await this.getLocalAuth(name)
+            : null;
         return new Promise((resolve, reject) => {
             const args = ['-h', host, '-p', String(port), '-n', db, '--raw'];
-            if (options?.username) {
-                args.push('--user', options.username);
+            const username = options?.username || localAuth?.username;
+            if (shouldPassValkeyCliUsername(username)) {
+                args.push('--user', username);
             }
             if (options?.ssl) {
                 args.push('--tls');
             }
-            // Pass password via REDISCLI_AUTH env to avoid exposing it in process listings
-            const env = {
-                ...process.env,
-                ...libraryEnv,
-            };
-            if (options?.password) {
-                env.REDISCLI_AUTH = options.password;
-            }
+            const env = buildValkeyCliEnv(libraryEnv, options?.password ?? localAuth?.password);
             const proc = spawn(valkeyCli, args, {
                 stdio: ['pipe', 'pipe', 'pipe'],
                 env,
@@ -1262,9 +1402,12 @@ export class ValkeyEngine extends BaseEngine {
     async createUser(container, options) {
         const { username, password } = options;
         assertValidUsername(username);
-        const { port, version } = container;
+        const { name, port, version } = container;
         const db = options.database ?? container.database ?? '0';
         const valkeyCli = await this.getValkeyCliPath(version);
+        const libraryEnv = getResolvedValkeyCliLibraryEnv(valkeyCli);
+        const auth = await this.getLocalAuth(name);
+        const host = getLocalCliHost(container);
         // Reject passwords with characters that break ACL SETUSER syntax:
         // '>' sets password, '#' sets hash, '<' removes password — all are ACL delimiters.
         // Whitespace and newlines would split the command unexpectedly.
@@ -1273,10 +1416,14 @@ export class ValkeyEngine extends BaseEngine {
         }
         // ACL SETUSER is idempotent - sets user with full access
         // Send ACL command via stdin to avoid leaking password in process argv
-        const cliArgs = ['-h', '127.0.0.1', '-p', String(port), '-n', db];
+        const cliArgs = ['-h', host, '-p', String(port), '-n', db];
+        if (shouldPassValkeyCliUsername(auth.username)) {
+            cliArgs.push('--user', auth.username);
+        }
         await new Promise((resolve, reject) => {
             const proc = spawn(valkeyCli, cliArgs, {
                 stdio: ['pipe', 'pipe', 'pipe'],
+                env: buildValkeyCliEnv(libraryEnv, auth.password),
             });
             let stderr = '';
             proc.stderr?.on('data', (data) => {
@@ -1294,8 +1441,8 @@ export class ValkeyEngine extends BaseEngine {
         });
         logDebug(`Created Valkey user: ${username}`);
         // Valkey uses redis:// scheme for compatibility
-        const connectionString = `redis://${encodeURIComponent(username)}:${encodeURIComponent(password)}@127.0.0.1:${port}/${db}`;
-        return {
+        const connectionString = `redis://${encodeURIComponent(username)}:${encodeURIComponent(password)}@${host}:${port}/${db}`;
+        const credentials = {
             username,
             password,
             connectionString,
@@ -1303,6 +1450,8 @@ export class ValkeyEngine extends BaseEngine {
             container: container.name,
             database: db,
         };
+        await saveCredentials(name, Engine.Valkey, credentials);
+        return credentials;
     }
 }
 export const valkeyEngine = new ValkeyEngine();