underpost 3.2.8 → 3.2.10

package/src/cli/fs.js

@@ -150,8 +150,14 @@ class UnderpostFileStorage {
           } else pullSkipCount++;
         }
         if (pullSkipCount > 0) logger.warn(`Pull skipped ${pullSkipCount} files that already exist`);
-        Underpost.repo.initLocalRepo({ path });
-        shellExec(`cd ${path} && git add . && git commit -m "Base pull state"`);
+        // Only run git init/commit when the caller explicitly requests git tracking (--git flag).
+        // For bundle pulls into ./build the git step is unwanted and would error on a non-repo path.
+        if (options.git === true) {
+          Underpost.repo.initLocalRepo({ path });
+          shellExec(`cd ${path} && git add . && git commit -m "Base pull state"`, {
+            silentOnError: true
+          });
+        }
       } else {
         const files =
           options.git === true ? Underpost.repo.getChangedFiles(path) : await fs.readdir(path, { recursive: true });
@@ -203,11 +209,13 @@ class UnderpostFileStorage {
      * @description Uploads a file to Cloudinary.
      * @param {string} path - The path to the file to upload.
      * @param {object} [options] - An object containing options for the upload.
-     * @param {boolean} [options.force=false] - Flag to force file operations.
+     * @param {string} [options.deployId=''] - The identifier for the deployment (used to locate the storage config file).
+     * @param {boolean} [options.force=false] - Flag to force file operations (overwrites existing remote asset).
      * @param {string} [options.storageFilePath=''] - The path to the storage configuration file.
      * @returns {Promise<object>} A promise that resolves to the upload result.
      * @memberof UnderpostFileStorage
      */
+
     async upload(
       path,
       options = { rm: false, recursive: false, deployId: '', force: false, pull: false, storageFilePath: '' },
@@ -235,6 +243,7 @@ class UnderpostFileStorage {
      * @param {string} path - The path to the file to pull.
      * @param {object} [options] - Pull options.
      * @param {boolean} [options.omitUnzip=false] - If true, do not extract zip and keep downloaded zip file.
+     * @param {boolean} [options.force=false] - If true, re-download even if the local zip already exists.
      * @returns {Promise<void>} A promise that resolves when the file is pulled.
      * @memberof UnderpostFileStorage
      */
@@ -264,6 +273,13 @@ class UnderpostFileStorage {
       path = Underpost.fs.zip2File(zipPath);
       fs.removeSync(`${path}.zip`);
     },
+    /**
+     * @method delete
+     * @description Deletes a file from Cloudinary by its public ID.
+     * @param {string} path - The path (public ID) of the file to delete.
+     * @returns {Promise<object>} A promise that resolves to the Cloudinary delete result.
+     * @memberof UnderpostFileStorage
+     */
     async delete(path) {
       Underpost.fs.cloudinaryConfig();
       const deleteResult = await cloudinary.api

package/src/cli/index.js

@@ -66,6 +66,10 @@ program
   .option('--underpost-quickly-install', 'Uses Underpost Quickly Install for dependency installation.')
   .option('--skip-pull-base', 'Skips cloning repositories, uses current workspace code directly.')
   .option('--skip-full-build', 'Skips the full client bundle build during deployment.')
+  .option(
+    '--pull-bundle',
+    'Downloads the pre-built client bundle from Cloudinary via pull-bundle before starting. Use together with --skip-full-build to skip the local build entirely.',
+  )
   .action(Underpost.start.callback)
   .description('Initiates application servers, build pipelines, or other defined services based on the deployment ID.');
 
@@ -230,6 +234,7 @@ program
   .option('--ban-egress-clear', 'Clears all banned egress IP addresses.')
   .option('--ban-both-add', 'Adds IP addresses to both banned ingress and egress lists.')
   .option('--ban-both-remove', 'Removes IP addresses from both banned ingress and egress lists.')
+  .option('--mac', 'Prints the MAC address of the main network interface.')
   .description('Displays the current public machine IP addresses.')
   .action(Underpost.dns.ipDispatcher);
 
@@ -237,6 +242,7 @@ program
   .command('cluster')
   .argument('[pod-name]', 'Optional: Filters information by a specific pod name.')
   .option('--reset', `Deletes all clusters and prunes all related data and caches.`)
+  .option('--reset-mongodb', `Performs a hard cleanup of only MongoDB-related resources (StatefulSet, PVCs/PVs, Secrets, ConfigMaps, caches) without restarting the whole node.`)
   .option('--mariadb', 'Initializes the cluster with a MariaDB statefulset.')
   .option('--mysql', 'Initializes the cluster with a MySQL statefulset.')
   .option('--mongodb', 'Initializes the cluster with a MongoDB statefulset.')
@@ -333,6 +339,18 @@ program
     'Sets the local:remote port to expose when --expose is active (overrides auto-detected service port).',
   )
   .option('--cmd <cmd>', 'Custom initialization command for deployment (comma-separated commands).')
+  .option(
+    '--skip-full-build',
+    'Skip client bundle rebuild; container will pull pre-built bundle via pull-bundle instead.',
+  )
+  .option(
+    '--pull-bundle',
+    'Explicitly pull the pre-built client bundle from Cloudinary inside the container. Use together with --skip-full-build.',
+  )
+  .option(
+    '--image-pull-policy <policy>',
+    'Override container imagePullPolicy in the generated deployment manifest (Always, IfNotPresent, Never). Defaults to Never for localhost/ images and IfNotPresent otherwise.',
+  )
   .description('Manages application deployments, defaulting to deploying development pods.')
   .action(Underpost.deploy.callback);
 
@@ -657,17 +675,25 @@ program
   .option(
     '--host-aliases <host-aliases>',
     'Adds entries to the Pod /etc/hosts via hostAliases. ' +
-      'Format: semicolon-separated entries of "ip=hostname1,hostname2" ' +
-      '(e.g., "127.0.0.1=foo.local,bar.local;10.1.2.3=foo.remote,bar.remote").',
+    'Format: semicolon-separated entries of "ip=hostname1,hostname2" ' +
+    '(e.g., "127.0.0.1=foo.local,bar.local;10.1.2.3=foo.remote,bar.remote").',
   )
   .option('--copy', 'Copies the runner output to the clipboard (supported by: generate-pass, template-deploy-local).')
+  .option(
+    '--skip-full-build',
+    'Skip client bundle rebuild; triggers pull-bundle in container startup (supported by: sync, template-deploy).',
+  )
+  .option(
+    '--pull-bundle',
+    'Explicitly download the pre-built client bundle from Cloudinary inside the container (supported by: sync, template-deploy). Use together with --skip-full-build.',
+  )
   .description('Runs specified scripts using various runners.')
   .action(Underpost.run.callback);
 
 program
   .command('lxd')
   .option('--init', 'Initializes LXD on the current machine via preseed.')
-  .option('--reset', 'Removes the LXD snap and purges all data.')
+  .option('--reset', 'SAFE complete reset: cleans all VMs (proxy devices first), profiles, networks, then removes LXD snap.')
   .option('--install', 'Installs the LXD snap.')
   .option('--dev', 'Use local paths instead of the global npm installation.')
   .option('--create-virtual-network', 'Creates the lxdbr0 bridge network.')
@@ -676,7 +702,7 @@ program
   .option('--control', 'Initialize the target VM as a K3s control plane node.')
   .option('--worker', 'Initialize the target VM as a K3s worker node.')
   .option('--create-vm <vm-name>', 'Copy the LXC launch command for a new K3s VM to the clipboard.')
-  .option('--delete-vm <vm-name>', 'Stop and delete the specified VM.')
+  .option('--delete-vm <vm-name>', 'SAFELY stop and delete VM (removes proxy devices first, then stops, then deletes). Safe to re-run.')
   .option('--init-vm <vm-name>', 'Run k3s-node-setup.sh on the specified VM (use with --control or --worker).')
   .option('--info-vm <vm-name>', 'Display full configuration and status for the specified VM.')
   .option('--test <vm-name>', 'Run connectivity and health checks on the specified VM.')
@@ -684,13 +710,11 @@ program
   .option(
     '--join-node <nodes>',
     'Join a K3s worker to a control plane. Standalone format: "workerName,controlName". ' +
-      'When used with --init-vm --worker, provide just the control node name for auto-join.',
+    'When used with --init-vm --worker, provide just the control node name for auto-join.',
   )
   .option('--expose <vm-name:ports>', 'Proxy host ports to a VM (e.g., "k3s-control:80,443").')
   .option('--delete-expose <vm-name:ports>', 'Remove proxied ports from a VM (e.g., "k3s-control:80,443").')
-  .option('--workflow-id <workflow-id>', 'Workflow ID to execute via runWorkflow.')
-  .option('--vm-id <vm-name>', 'Target VM name for workflow execution.')
-  .option('--deploy-id <deploy-id>', 'Deployment ID context for workflow execution.')
+  .option('--bootstrap-engine <vm-name>', 'Replicate /home/dd/engine source into the VM after init completes.')
   .option('--namespace <namespace>', 'Kubernetes namespace context (defaults to "default").')
   .description('Manages LXD virtual machines as K3s nodes (control plane or workers).')
   .action(Underpost.lxd.callback);
@@ -793,7 +817,7 @@ program
   .option(
     '--ci-push <deploy-id>',
     'Local equivalent of engine-*.ci.yml: builds dd-{deploy-id} and pushes to the engine-{deploy-id} repository. ' +
-      'Accepts the suffix (e.g., "cyberia"), "dd-cyberia", or "engine-cyberia".',
+    'Accepts the suffix (e.g., "cyberia"), "dd-cyberia", or "engine-cyberia".',
   )
   .option(
     '--message <message>',
@@ -803,6 +827,10 @@ program
     '--pwa-build',
     'Runs the pwa-microservices-template update flow: always re-clones, syncs engine sources, installs, builds, and pushes.',
   )
+  .option(
+    '--dry-run',
+    'For --build: previews version-bump changes (per-file substitution counts) without writing files or running downstream commands.',
+  )
   .description('Release orchestrator for building new versions and deploying releases of the Underpost CLI.')
   .action(async (version, options) => {
     if (options.build) return Underpost.release.build(version, options);

package/src/cli/ipfs.js

@@ -131,12 +131,10 @@ class UnderpostIPFS {
       // Apply UDP buffer sysctl on every Kind node so QUIC (used by IPFS) can reach the
       // recommended 7.5 MB buffer size. Kind nodes are containers and do NOT inherit the
       // host sysctl values, so this must be set via docker exec on each node directly.
-      if (!options.kubeadm && !options.k3s) {
-        logger.info('Applying UDP buffer sysctl on Kind nodes');
-        shellExec(
-          `for node in $(kind get nodes); do docker exec $node sysctl -w net.core.rmem_max=7500000 net.core.wmem_max=7500000; done`,
-        );
-      }
+      shellExec(
+        `sudo sysctl -w net.core.rmem_max=7500000
+sudo sysctl -w net.core.wmem_max=7500000`,
+      );
 
       shellExec(`kubectl apply -f ${underpostRoot}/manifests/ipfs/storage-class.yaml`);
       shellExec(`kubectl apply -k ${underpostRoot}/manifests/ipfs -n ${options.namespace}`);

package/src/cli/kubectl.js

@@ -47,9 +47,12 @@ class UnderpostKubectl {
      * @memberof UnderpostKubectl
      */
     get(deployId, kindType = 'pods', namespace = '') {
+      // Existence-check style: a missing kubectl context, a non-existent
+      // namespace, or no pods matching the filter must return an empty
+      // list (not throw). silentOnError keeps the legacy contract.
       const raw = shellExec(
         `sudo kubectl get ${kindType}${namespace ? ` -n ${namespace}` : ` --all-namespaces`} -o wide`,
-        { stdout: true, disableLog: true, silent: true },
+        { stdout: true, disableLog: true, silent: true, silentOnError: true },
       );
 
       const heads = raw