underpost 2.92.0 → 2.95.3

package/src/cli/image.js

@@ -24,143 +24,208 @@ const logger = loggerFactory(import.meta);
  */
 class UnderpostImage {
   static API = {
-    dockerfile: {
-      /**
-       * @method pullBaseImages
-       * @description Pulls base images and builds a 'rockylinux9-underpost' image,
-       * then loads it into the specified Kubernetes cluster type (Kind, Kubeadm, or K3s).
-       * @param {object} options - Options for pulling and loading images.
-       * @param {boolean} [options.kindLoad=false] - If true, load image into Kind cluster.
-       * @param {boolean} [options.kubeadmLoad=false] - If true, load image into Kubeadm cluster.
-       * @param {boolean} [options.k3sLoad=false] - If true, load image into K3s cluster.
-       * @param {string} [options.path=false] - Path to the Dockerfile context.
-       * @param {boolean} [options.dev=false] - If true, use development mode.
-       * @param {string} [options.version=''] - Version tag for the image.
-       * @memberof UnderpostImage
-       */
-      pullBaseImages(
-        options = {
-          kindLoad: false,
-          kubeadmLoad: false,
-          k3sLoad: false,
-          path: false,
-          dev: false,
-          version: '',
-        },
-      ) {
-        // shellExec(`sudo podman pull docker.io/library/debian:buster`);
-        shellExec(`sudo podman pull docker.io/library/rockylinux:9`);
-        const baseCommand = options.dev ? 'node bin' : 'underpost';
-        const baseCommandOption = options.dev ? ' --dev' : '';
-        const IMAGE_NAME = `rockylinux9-underpost`;
-        const IMAGE_NAME_FULL = `${IMAGE_NAME}:${options.version ? options.version : Underpost.version}`;
-        let LOAD_TYPE = '';
-        if (options.kindLoad === true) {
-          LOAD_TYPE = `--kind-load`;
-        } else if (options.kubeadmLoad === true) {
-          LOAD_TYPE = `--kubeadm-load`;
-        } else if (options.k3sLoad === true) {
-          // Handle K3s load type
-          LOAD_TYPE = `--k3s-load`;
+    /**
+     * @method pullBaseImages
+     * @description Pulls base images and builds a 'rockylinux9-underpost' image,
+     * then loads it into the specified Kubernetes cluster type (Kind, Kubeadm, or K3s).
+     * @param {object} options - Options for pulling and loading images.
+     * @param {boolean} [options.kind=false] - If true, load image into Kind cluster.
+     * @param {boolean} [options.kubeadm=false] - If true, load image into Kubeadm cluster.
+     * @param {boolean} [options.k3s=false] - If true, load image into K3s cluster.
+     * @param {string} [options.path=false] - Path to the Dockerfile context.
+     * @param {boolean} [options.dev=false] - If true, use development mode.
+     * @param {string} [options.version=''] - Version tag for the image.
+     * @param {string} [options.imageName=''] - Custom name for the image.
+     * @memberof UnderpostImage
+     */
+    pullBaseImages(
+      options = {
+        kind: false,
+        kubeadm: false,
+        k3s: false,
+        path: false,
+        dev: false,
+        version: '',
+        imageName: '',
+      },
+    ) {
+      shellExec(`sudo podman pull docker.io/library/rockylinux:9`);
+      const baseCommand = options.dev ? 'node bin' : 'underpost';
+      const baseCommandOption = options.dev ? ' --dev' : '';
+      const IMAGE_NAME = options.imageName
+        ? `options.imageName${options.version ? `:${options.version}` : ''}`
+        : `rockylinux9-underpost:${options.version ? options.version : Underpost.version}`;
+      let LOAD_TYPE = '';
+      if (options.kind === true) LOAD_TYPE = `--kind`;
+      else if (options.kubeadm === true) LOAD_TYPE = `--kubeadm`;
+      else if (options.k3s === true) LOAD_TYPE = `--k3s`;
+      shellExec(
+        `${baseCommand} image${baseCommandOption} --build --podman-save --reset --image-path=. --path ${
+          options.path ? options.path : getUnderpostRootPath()
+        } --image-name=${IMAGE_NAME} ${LOAD_TYPE}`,
+      );
+    },
+    /**
+     * @method build
+     * @description Builds a Docker image using Podman, optionally saves it as a tar archive,
+     * and loads it into a specified Kubernetes cluster (Kind, Kubeadm, or K3s).
+     * @param {object} options - Options for building and loading images.
+     * @param {string} [options.path=''] - The path to the directory containing the Dockerfile.
+     * @param {string} [options.imageName=''] - The name and tag for the image (e.g., 'my-app:latest').
+     * @param {string} [options.version=''] - Version tag for the image.
+     * @param {string} [options.imagePath=''] - Directory to save the image tar file.
+     * @param {string} [options.dockerfileName=''] - Name of the Dockerfile (defaults to 'Dockerfile').
+     * @param {boolean} [options.podmanSave=false] - If true, save the image as a tar archive using Podman.
+     * @param {boolean} [options.kind=false] - If true, load the image archive into a Kind cluster.
+     * @param {boolean} [options.kubeadm=false] - If true, load the image archive into a Kubeadm cluster (uses 'ctr').
+     * @param {boolean} [options.k3s=false] - If true, load the image archive into a K3s cluster (uses 'k3s ctr').
+     * @param {boolean} [options.secrets=false] - If true, load secrets from the .env file for the build.
+     * @param {string} [options.secretsPath=''] - Custom path to the .env file for secrets.
+     * @param {boolean} [options.reset=false] - If true, perform a no-cache build.
+     * @param {boolean} [options.dev=false] - If true, use development mode.
+     * @memberof UnderpostImage
+     */
+    build(
+      options = {
+        path: '',
+        imageName: '',
+        version: '',
+        imagePath: '',
+        dockerfileName: '',
+        podmanSave: false,
+        kind: false,
+        kubeadm: false,
+        k3s: false,
+        secrets: false,
+        secretsPath: '',
+        reset: false,
+        dev: false,
+      },
+    ) {
+      let {
+        path,
+        imageName,
+        version,
+        imagePath,
+        dockerfileName,
+        podmanSave,
+        secrets,
+        secretsPath,
+        kind,
+        kubeadm,
+        k3s,
+        reset,
+        dev,
+      } = options;
+      if (!path) path = '.';
+      if (!imageName) imageName = `rockylinux9-underpost:${Underpost.version}`;
+      if (!version) version = 'latest';
+      version = imageName && imageName.match(':') ? '' : `:${version}`;
+      const podManImg = `localhost/${imageName}${version}`;
+      if (imagePath && typeof imagePath === 'string' && !fs.existsSync(imagePath))
+        fs.mkdirSync(imagePath, { recursive: true });
+      const tarFile = `${imagePath}/${imageName.replace(':', '_')}.tar`;
+      let secretsInput = ' ';
+      let secretDockerInput = '';
+      let cache = '';
+      if (secrets === true) {
+        const envObj = dotenv.parse(
+          fs.readFileSync(
+            secretsPath && typeof secretsPath === 'string' ? secretsPath : `${getNpmRootPath()}/underpost/.env`,
+            'utf8',
+          ),
+        );
+        for (const key of Object.keys(envObj)) {
+          secretsInput += ` && export ${key}="${envObj[key]}" `; // Example: $(cat gitlab-token.txt)
+          secretDockerInput += ` --secret id=${key},env=${key} \ `;
         }
-
+      }
+      if (reset === true) cache += ' --rm --no-cache';
+      if (path && typeof path === 'string')
         shellExec(
-          `${baseCommand} dockerfile-image-build${baseCommandOption} --podman-save --reset --image-path=. --path ${
-            options.path ?? getUnderpostRootPath()
-          } --image-name=${IMAGE_NAME_FULL} ${LOAD_TYPE}`,
+          `cd ${path}${secretsInput}&& sudo podman build -f ./${
+            dockerfileName && typeof dockerfileName === 'string' ? dockerfileName : 'Dockerfile'
+          } -t ${imageName} --pull=never --cap-add=CAP_AUDIT_WRITE${cache}${secretDockerInput} --network host`,
         );
-      },
-      /**
-       * @method build
-       * @description Builds a Docker image using Podman, optionally saves it as a tar archive,
-       * and loads it into a specified Kubernetes cluster (Kind, Kubeadm, or K3s).
-       * @param {object} options - Options for building and loading images.
-       * @param {string} [options.path=''] - The path to the directory containing the Dockerfile.
-       * @param {string} [options.imageName=''] - The name and tag for the image (e.g., 'my-app:latest').
-       * @param {string} [options.imagePath=''] - Directory to save the image tar file.
-       * @param {string} [options.dockerfileName=''] - Name of the Dockerfile (defaults to 'Dockerfile').
-       * @param {boolean} [options.podmanSave=false] - If true, save the image as a tar archive using Podman.
-       * @param {boolean} [options.kindLoad=false] - If true, load the image archive into a Kind cluster.
-       * @param {boolean} [options.kubeadmLoad=false] - If true, load the image archive into a Kubeadm cluster (uses 'ctr').
-       * @param {boolean} [options.k3sLoad=false] - If true, load the image archive into a K3s cluster (uses 'k3s ctr').
-       * @param {boolean} [options.secrets=false] - If true, load secrets from the .env file for the build.
-       * @param {string} [options.secretsPath=''] - Custom path to the .env file for secrets.
-       * @param {boolean} [options.reset=false] - If true, perform a no-cache build.
-       * @param {boolean} [options.dev=false] - If true, use development mode.
-       * @memberof UnderpostImage
-       */
-      build(
-        options = {
-          path: '',
-          imageName: '',
-          imagePath: '',
-          dockerfileName: '',
-          podmanSave: false,
-          kindLoad: false,
-          kubeadmLoad: false,
-          k3sLoad: false,
-          secrets: false,
-          secretsPath: '',
-          reset: false,
-          dev: false,
-        },
-      ) {
-        let {
-          path,
-          imageName,
-          imagePath,
-          dockerfileName,
-          podmanSave,
-          secrets,
-          secretsPath,
-          kindLoad,
-          kubeadmLoad,
-          k3sLoad,
-          reset,
-          dev,
-        } = options;
-        if (!path) path = '.';
-        const podManImg = `localhost/${imageName}`;
-        if (imagePath && typeof imagePath === 'string' && !fs.existsSync(imagePath))
-          fs.mkdirSync(imagePath, { recursive: true });
-        const tarFile = `${imagePath}/${imageName.replace(':', '_')}.tar`;
-        let secretsInput = ' ';
-        let secretDockerInput = '';
-        let cache = '';
-        if (secrets === true) {
-          const envObj = dotenv.parse(
-            fs.readFileSync(
-              secretsPath && typeof secretsPath === 'string' ? secretsPath : `${getNpmRootPath()}/underpost/.env`,
-              'utf8',
-            ),
-          );
-          for (const key of Object.keys(envObj)) {
-            secretsInput += ` && export ${key}="${envObj[key]}" `; // Example: $(cat gitlab-token.txt)
-            secretDockerInput += ` --secret id=${key},env=${key} \ `;
-          }
-        }
-        if (reset === true) cache += ' --rm --no-cache';
-        if (path && typeof path === 'string')
-          shellExec(
-            `cd ${path}${secretsInput}&& sudo podman build -f ./${
-              dockerfileName && typeof dockerfileName === 'string' ? dockerfileName : 'Dockerfile'
-            } -t ${imageName} --pull=never --cap-add=CAP_AUDIT_WRITE${cache}${secretDockerInput} --network host`,
-          );
 
-        if (podmanSave === true) {
-          if (fs.existsSync(tarFile)) fs.removeSync(tarFile);
-          shellExec(`podman save -o ${tarFile} ${podManImg}`);
-        }
-        if (kindLoad === true) shellExec(`sudo kind load image-archive ${tarFile}`);
-        if (kubeadmLoad === true) {
-          // Use 'ctr' for Kubeadm
-          shellExec(`sudo ctr -n k8s.io images import ${tarFile}`);
-        }
-        if (k3sLoad === true) {
-          // Use 'k3s ctr' for K3s
-          shellExec(`sudo k3s ctr images import ${tarFile}`);
-        }
-      },
+      if (podmanSave === true) {
+        if (fs.existsSync(tarFile)) fs.removeSync(tarFile);
+        shellExec(`podman save -o ${tarFile} ${podManImg}`);
+      }
+      if (kind === true) shellExec(`sudo kind load image-archive ${tarFile}`);
+      else if (kubeadm === true) shellExec(`sudo ctr -n k8s.io images import ${tarFile}`);
+      else if (k3s === true) shellExec(`sudo k3s ctr images import ${tarFile}`);
+    },
+    /**
+     * @method list
+     * @description Lists currently loaded Docker images in the specified Kubernetes cluster node.
+     * @param {object} options - Options for listing loaded images.
+     * @param {string} [options.nodeName='kind-worker'] - The name of the node to query.
+     * @param {string} [options.namespace=''] - The namespace to filter images (if applicable).
+     * @param {boolean} [options.spec=false] - If true, include detailed specifications of each image.
+     * @param {boolean} [options.log=false] - If true, log the list of images to the console.
+     * @param {boolean} [options.k3s=false] - If true, list images from a K3s cluster.
+     * @param {boolean} [options.kubeadm=false] - If true, list images from a Kubeadm cluster.
+     * @param {boolean} [options.kind=false] - If true, list images from a Kind cluster.
+     * @returns {Array} - An array of loaded images information.
+     * @memberof UnderpostImage
+     */
+    list(options = { nodeName: '', namespace: '', spec: false, log: false, k3s: false, kubeadm: false, kind: false }) {
+      if ((options.kubeadm === true || options.k3s === true) && !options.nodeName)
+        options.nodeName = shellExec('echo $HOSTNAME', { stdout: true, silent: true }).trim();
+      const list = Underpost.deploy.getCurrentLoadedImages(
+        options.nodeName ? options.nodeName : 'kind-worker',
+        options,
+      );
+      if (options.log) console.table(list);
+      return list;
+    },
+    /**
+     * @method rm
+     * @description Removes a specified Docker image from the specified Kubernetes cluster type (Kind, Kubeadm, or K3s).
+     * @param {object} options - Options for removing the image.
+     * @param {string} [options.imageName=''] - The name and tag of the image to be removed.
+     * @param {boolean} [options.k3s=false] - If true, remove the image from a K3s cluster.
+     * @param {boolean} [options.kubeadm=false] - If true, remove the image from a Kubeadm cluster.
+     * @param {boolean} [options.kind=false] - If true, remove the image from a Kind cluster.
+     * @memberof UnderpostImage
+     */
+    rm(options = { imageName: '', k3s: false, kubeadm: false, kind: false }) {
+      let { imageName, k3s, kubeadm, kind } = options;
+      if (kind === true) {
+        shellExec(`docker exec -i kind-control-plane crictl rmi ${imageName}`);
+        shellExec(`docker exec -i kind-worker crictl rmi ${imageName}`);
+      } else if (kubeadm === true) {
+        shellExec(`crictl rmi ${imageName}`);
+      } else if (k3s === true) {
+        shellExec(`sudo k3s ctr images rm ${imageName}`);
+      }
+    },
+    /**
+     * @method pullDockerHubImage
+     * @description Pulls a Docker image from Docker Hub and loads it into the specified Kubernetes cluster type (Kind, Kubeadm, or K3s).
+     * @param {object} options - Options for pulling and loading the image.
+     * @param {boolean} [options.k3s=false] - If true, load the image into a K3s cluster.
+     * @param {boolean} [options.kubeadm=false] - If true, load the image into a Kubeadm cluster.
+     * @param {boolean} [options.kind=false] - If true, load the image into a Kind cluster.
+     * @param {string} [options.dockerhubImage=''] - The name of the Docker Hub image to be pulled.
+     * @param {string} [options.version=''] - The version tag of the image to be pulled.
+     * @memberof UnderpostImage
+     */
+    pullDockerHubImage(options = { k3s: false, kubeadm: false, kind: false, dockerhubImage: '', version: '' }) {
+      if (options.dockerhubImage === 'underpost') {
+        options.dockerhubImage = 'underpost/underpost-engine';
+        if (!options.version) options.version = Underpost.version;
+      }
+      if (!options.version) options.version = 'latest';
+      const version = options.dockerhubImage && options.dockerhubImage.match(':') ? '' : `:${options.version}`;
+      const image = `${options.dockerhubImage}${version}`;
+      if (options.kind === true) {
+        shellExec(`docker pull ${image}`);
+        shellExec(`sudo kind load docker-image ${image}`);
+      } else {
+        shellExec(`sudo crictl pull ${image}`);
+      }
     },
   };
 }

package/src/cli/index.js

@@ -8,7 +8,6 @@ import UnderpostLxd from './lxd.js';
 import UnderpostBaremetal from './baremetal.js';
 import UnderpostRun from './run.js';
 import Dns from '../server/dns.js';
-import { pbcopy } from '../server/process.js';
 import UnderpostStatic from './static.js';
 
 // Load environment variables from .env file
@@ -35,6 +34,8 @@ program
   .option('--sync-conf', 'Sync configuration to private repositories (requires --deploy-id)')
   .option('--purge', 'Remove deploy ID conf and all related repositories (requires --deploy-id)')
   .option('--dev', 'Sets the development cli context')
+  .option('--default-conf', 'Create default deploy ID conf env files')
+  .option('--conf-workflow-id <workflow-id>', 'Set custom configuration workflow ID for conf generation')
   .description('Initializes a new Underpost project, service, or configuration.')
   .action(Underpost.repo.new);
 
@@ -256,57 +257,7 @@ program
   .option('--ban-both-add', 'Adds IP addresses to both banned ingress and egress lists.')
   .option('--ban-both-remove', 'Removes IP addresses from both banned ingress and egress lists.')
   .description('Displays the current public machine IP addresses.')
-  .action(async (ips = '', options) => {
-    const ipList = ips
-      ? ips
-          .split(',')
-          .map((i) => i.trim())
-          .filter(Boolean)
-      : [];
-
-    if (options.banIngressAdd) {
-      return ipList.forEach((ip) => Dns.banIngress(ip));
-    }
-    if (options.banIngressRemove) {
-      return ipList.forEach((ip) => Dns.unbanIngress(ip));
-    }
-    if (options.banIngressList) {
-      return Dns.listBannedIngress();
-    }
-    if (options.banIngressClear) {
-      return Dns.clearBannedIngress();
-    }
-
-    if (options.banEgressAdd) {
-      return ipList.forEach((ip) => Dns.banEgress(ip));
-    }
-    if (options.banEgressRemove) {
-      return ipList.forEach((ip) => Dns.unbanEgress(ip));
-    }
-    if (options.banEgressList) {
-      return Dns.listBannedEgress();
-    }
-    if (options.banEgressClear) {
-      return Dns.clearBannedEgress();
-    }
-
-    if (options.banBothAdd) {
-      return ipList.forEach((ip) => {
-        Dns.banIngress(ip);
-        Dns.banEgress(ip);
-      });
-    }
-    if (options.banBothRemove) {
-      return ipList.forEach((ip) => {
-        Dns.unbanIngress(ip);
-        Dns.unbanEgress(ip);
-      });
-    }
-
-    const ip = await Dns.getPublicIp();
-    if (options.copy) return pbcopy(ip);
-    return console.log(ip);
-  });
+  .action(Dns.ipDispatcher);
 
 // 'cluster' command: Manage Kubernetes clusters
 program
@@ -412,37 +363,41 @@ program
     if (args[1].init) return Underpost.secret[args[0]].init();
   });
 
-// 'dockerfile-image-build' command: Build Docker images from Dockerfiles
+// 'image'
 program
-  .command('dockerfile-image-build')
+  .command('image')
+  .option(
+    '--build',
+    'Builds a Docker image using Podman, optionally saves it as a tar archive, and loads it into a specified Kubernetes cluster (Kind, Kubeadm, or K3s).',
+  )
+  .option('--ls', 'Lists all available Underpost Dockerfile images.')
+  .option('--rm <image-id>', 'Removes specified Underpost Dockerfile images.')
   .option('--path [path]', 'The path to the Dockerfile directory.')
   .option('--image-name [image-name]', 'Sets a custom name for the Docker image.')
   .option('--image-path [image-path]', 'Sets the output path for the tar image archive.')
   .option('--dockerfile-name [dockerfile-name]', 'Sets a custom name for the Dockerfile.')
   .option('--podman-save', 'Exports the built image as a tar file using Podman.')
-  .option('--kind-load', 'Imports the tar image into a Kind cluster.')
-  .option('--kubeadm-load', 'Imports the tar image into a Kubeadm cluster.')
+  .option('--pull-base', 'Pulls base images and builds a "rockylinux9-underpost" image.')
+  .option('--spec', 'Get current cached list of container images used by all pods')
+  .option('--namespace <namespace>', 'Kubernetes namespace for image operations (defaults to "default").')
+  .option('--kind', 'Set kind cluster env image context management.')
+  .option('--kubeadm', 'Set kubeadm cluster env image context management.')
+  .option('--k3s', 'Set k3s cluster env image context management.')
+  .option('--node-name', 'Set node name for kubeadm or k3s cluster env image context management.')
   .option('--secrets', 'Includes Dockerfile environment secrets during the build.')
   .option('--secrets-path [secrets-path]', 'Specifies a custom path for Dockerfile environment secrets.')
   .option('--reset', 'Performs a build without using the cache.')
   .option('--dev', 'Use development mode.')
-  .option('--k3s-load', 'Loads the image into a K3s cluster.')
-  .description(
-    'Builds a Docker image from a specified Dockerfile with various options for naming, saving, and loading.',
-  )
-  .action(Underpost.image.dockerfile.build);
-
-// 'dockerfile-pull-base-images' command: Pull base Dockerfile images
-program
-  .command('dockerfile-pull-base-images')
-  .option('--path [path]', 'The path to the Dockerfile directory.')
-  .option('--kind-load', 'Imports the pulled image into a Kind cluster.')
-  .option('--kubeadm-load', 'Imports the pulled image into a Kubeadm cluster.')
-  .option('--version', 'Sets a custom version for the base images.')
-  .option('--k3s-load', 'Loads the image into a K3s cluster.')
-  .option('--dev', 'Use development mode.')
-  .description('Pulls required Underpost Dockerfile base images and optionally loads them into clusters.')
-  .action(Underpost.image.dockerfile.pullBaseImages);
+  .option('--pull-dockerhub <dockerhub-image>', 'Sets a custom Docker Hub image for base image pulls.')
+  .description('Manages Docker images, including building, saving, and loading into Kubernetes clusters.')
+  .action(async (options) => {
+    if (options.rm) Underpost.image.rm({ ...options, imageName: options.rm });
+    if (options.ls) Underpost.image.list({ ...options, log: true });
+    if (options.pullBase) Underpost.image.pullBaseImages(options);
+    if (options.build) Underpost.image.build(options);
+    if (options.pullDockerhub)
+      Underpost.image.pullDockerHubImage({ ...options, dockerhubImage: options.pullDockerhub });
+  });
 
 // 'install' command: Fast import npm dependencies
 program
@@ -472,10 +427,14 @@ program
   .option('--drop', 'Drops the specified databases or collections before importing.')
   .option('--preserveUUID', 'Preserves UUIDs during database import operations.')
   .option('--git', 'Enables Git integration for backup version control (clone, pull, commit, push to GitHub).')
+  .option('--force-clone', 'Forces cloning of the Git repository, overwriting local changes.')
   .option('--hosts <hosts>', 'Comma-separated list of database hosts to filter operations.')
   .option('--paths <paths>', 'Comma-separated list of paths to filter database operations.')
   .option('--ns <ns-name>', 'Kubernetes namespace context for database operations (defaults to "default").')
-  .option('--dry-run', 'Simulates operations without executing them (useful for testing).')
+  .option(
+    '--macro-rollback-export <n-commits-reset>',
+    'Exports a macro rollback script that reverts the last n commits (Git integration required).',
+  )
   .description(
     'Manages database operations with support for MariaDB and MongoDB, including import/export, multi-pod targeting, and Git integration.',
   )
@@ -564,9 +523,10 @@ program
   .option('--ms-interval <ms-interval>', 'Sets a custom millisecond interval for monitoring checks.')
   .option('--now', 'Executes the monitor script immediately.')
   .option('--single', 'Disables recurrence, running the monitor script only once.')
-  .option('--replicas <replicas>', 'Sets a custom number of replicas for monitoring.')
+  .option('--replicas <replicas>', 'Sets a custom number of replicas for monitoring. Defaults to 1.')
   .option('--type <type>', 'Sets a custom monitor type.')
   .option('--sync', 'Synchronizes with current proxy deployments and traffic configurations.')
+  .option('--namespace <namespace>', 'Sets the Kubernetes namespace for the deployment. Defaults to "default".')
   .description('Manages health server monitoring for specified deployments.')
   .action(Underpost.monitor.callback);
 
@@ -589,13 +549,18 @@ program
   .option('--keys-list', 'Lists all ssh keys from current private keys file storage.')
   .option('--hosts-list', 'Lists all ssh hosts from current private keys file storage.')
   .option('--disable-password', 'Disables password authentication for the SSH session.')
+  .option('--key-test', 'Tests the SSH key using ssh-keygen.')
+  .option('--stop', 'Stops the SSH service.')
+  .option('--status', 'Checks the status of the SSH service.')
+  .option('--connect-uri', 'Displays the connection URI.')
+  .option('--copy', 'Copies the connection URI to clipboard.')
   .action(Underpost.ssh.callback);
 
 // 'run' command: Run a script
 program
   .command('run')
   .argument('<runner-id>', `The runner ID to run. Options: ${Object.keys(UnderpostRun.RUNNERS).join(', ')}.`)
-  .argument('[path]', 'The absolute or relative directory path where the script is located.')
+  .argument('[path]', 'The input value, identifier, or path for the operation.')
   .option('--command <command-array>', 'Array of commands to run.')
   .option('--args <args-array>', 'Array of arguments to pass to the command.')
   .option('--dev', 'Sets the development context environment for the script.')
@@ -622,9 +587,10 @@ program
     'Optional: Specifies a comma-separated list of key-value pairs for labels (e.g., "app=my-app,env=prod").',
   )
   .option('--claim-name <name>', 'Optional: Specifies the claim name for volume mounting in deploy-job.')
-  .option('--kind <kind-type>', 'Specifies the kind of Kubernetes resource (e.g., Job, Deployment) for deploy-job.')
-  .option('--kubeadm', 'Flag to indicate Kubeadm cluster type context')
-  .option('--k3s', 'Flag to indicate K3s cluster type context')
+  .option(
+    '--kind-type <kind-type>',
+    'Specifies the kind of Kubernetes resource (e.g., Job, Deployment) for deploy-job.',
+  )
   .option('--force', 'Forces operation, overriding any warnings or conflicts.')
   .option('--tls', 'Enables TLS for the runner execution.')
   .option('--reset', 'Resets the runner state before execution.')
@@ -642,7 +608,17 @@ program
   .option('--expose', 'Enables service exposure for the runner execution.')
   .option('--conf-server-path <conf-server-path>', 'Sets a custom configuration server path.')
   .option('--underpost-root <underpost-root>', 'Sets a custom Underpost root path.')
-  .description('Runs a script from the specified path.')
+  .option('--cron-jobs <jobs>', 'Comma-separated list of cron jobs to run before executing the script.')
+  .option('--timezone <timezone>', 'Sets the timezone for the runner execution.')
+  .option('--kubeadm', 'Sets the kubeadm cluster context for the runner execution.')
+  .option('--k3s', 'Sets the k3s cluster context for the runner execution.')
+  .option('--kind', 'Sets the kind cluster context for the runner execution.')
+  .option('--log-type <log-type>', 'Sets the log type for the runner execution.')
+  .option('--deploy-id <deploy-id>', 'Sets deploy id context for the runner execution.')
+  .option('--user <user>', 'Sets user context for the runner execution.')
+  .option('--hosts <hosts>', 'Comma-separated list of hosts for the runner execution.')
+  .option('--instance-id <instance-id>', 'Sets instance id context for the runner execution.')
+  .description('Runs specified scripts using various runners.')
   .action(UnderpostRun.API.callback);
 
 // 'lxd' command: LXD management
@@ -674,7 +650,10 @@ program
     '--delete-expose <vm-name-ports>',
     'Removes exposed ports on a VM (e.g., "k8s-control:80,443"). Multiple VM-port pairs can be comma-separated.',
   )
-  .option('--auto-expose-k8s-ports <vm-id>', 'Automatically exposes common Kubernetes ports for the specified VM.')
+  .option('--workflow-id <workflow-id>', 'Sets the workflow ID context for LXD operations.')
+  .option('--vm-id <vm-id>', 'Sets the VM ID context for LXD operations.')
+  .option('--deploy-id <deploy-id>', 'Sets the deployment ID context for LXD operations.')
+  .option('--namespace <namespace>', 'Kubernetes namespace for LXD operations (defaults to "default").')
   .description('Manages LXD containers and virtual machines.')
   .action(UnderpostLxd.API.callback);