npm - srvgov-cli - Versions diffs - 0.3.0 → 0.5.0 - Mend

srvgov-cli 0.3.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +48 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -28,6 +28,7 @@ srvgov ports -o json
 srvgov logs --unit sshd --since "1 hour ago" --lines 50 -o json
 srvgov svc status sshd -o json
 srvgov file stat /etc/hosts -o json
+srvgov docker list -o json
 srvgov exec --dry-run "uptime" -o json
 srvgov exec "uptime" -o json
 srvgov audit query --limit 20 -o json
@@ -84,6 +85,7 @@ The observation commands turn common read-only SSH output into stable JSON:
 ```bash
 srvgov status -o json
 srvgov ports -o json
+srvgov status --targets web-a,web-b --concurrency 5 -o json
 srvgov logs --unit nginx --since "30 minutes ago" --priority warning --lines 100 -o json
 srvgov logs --file /var/log/nginx/error.log --grep "upstream" --lines 100 -o json
 ```
@@ -95,6 +97,24 @@ operators. `ports` falls back from `ss` to `netstat`. Unit logs fall back from
 adds `sudo`; unavailable PID/process fields remain empty. Log text, process
 names, generated command text, caller output, and audit records are redacted.
+### Read-only fleet fanout
+`status`, `ports`, and `exec` accept comma-separated context names:
+```bash
+srvgov status --targets web-a,web-b,web-c --concurrency 5 -o json
+srvgov ports --targets web-a,web-b,web-c -o json
+srvgov exec --targets web-a,web-b,web-c "uptime" -o json
+```
+Fanout is deliberately R0-only in v1. Before any SSH connection, srvgov
+classifies the command and computes effective risk for every target. If any
+target is above R0, the entire fanout is rejected; there is no multi-target
+ticket or allow flow. Targets are deduplicated and sorted, each target is
+audited independently, and one failed host does not stop the others. Any
+per-target failure returns exit code 7 after emitting the complete result.
+`--targets` and `--context` are mutually exclusive.
 ## Service Control
 `svc` exposes only a fixed service-operation whitelist. Unit names are treated
@@ -144,6 +164,34 @@ file content; audit stores only the redacted path, byte count, and SHA-256.
 Writes are direct and non-atomic; temporary-file plus rename is not implemented
 in this release. `file` never uses SFTP and never adds `sudo`.
+## Docker Governance
+Docker reads provide stable, redacted structures:
+```bash
+srvgov docker list -o json
+srvgov docker inspect api -o json
+srvgov docker logs api --tail 100 -o json
+```
+`docker list`, `inspect`, and `logs` are audited R0 operations. Inspect uses a
+remote fixed-field projection and excludes container environment variables and
+the full inspect document. Logs default to 100 lines and accept `--tail`
+between 1 and 10000.
+Lifecycle changes are R2 and require human authorization:
+```bash
+srvgov docker restart api \
+  --reason "restart after reviewed deployment" --ticket OPS-123 --yes -o json
+```
+The fixed whitelist contains only `ps`/`list`, `inspect`, `logs`, `start`,
+`stop`, `restart`, and `rm`, one container at a time. It never exposes Docker
+run, create, exec, build, copy, compose, or prune. Protected contexts raise
+lifecycle changes to R3 and require human-supplied `--allow-destructive`.
+Container identifiers are shell-quoted.
 ## Governed Execution
 Preview without connecting or executing:

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "srvgov-cli",
-  "version": "0.3.0",
+  "version": "0.5.0",
   "description": "Governed remote server command execution CLI for AI agents",
   "bin": {
     "srvgov": "bin/srvgov-cli.js",