windmill-cli 1.505.4 → 1.507.0

package/esm/conf.js

@@ -12,7 +12,54 @@ export async function readConfigFile() {
         return {};
     }
 }
+// Default sync options - shared across the codebase to prevent duplication
+export const DEFAULT_SYNC_OPTIONS = {
+    defaultTs: 'bun',
+    includes: ['f/**'],
+    excludes: [],
+    codebases: [],
+    skipVariables: false,
+    skipResources: false,
+    skipResourceTypes: false,
+    skipSecrets: true,
+    skipScripts: false,
+    skipFlows: false,
+    skipApps: false,
+    skipFolders: false,
+    includeSchedules: false,
+    includeTriggers: false,
+    includeUsers: false,
+    includeGroups: false,
+    includeSettings: false,
+    includeKey: false
+};
 export async function mergeConfigWithConfigFile(opts) {
     const configFile = await readConfigFile();
     return Object.assign(configFile ?? {}, opts);
 }
+// Get effective settings by merging top-level settings and overrides
+export function getEffectiveSettings(config, baseUrl, workspaceId, repo) {
+    // Start with empty object - no defaults
+    let effective = {};
+    // Merge top-level settings from config (which contains user's chosen defaults)
+    Object.keys(config).forEach(key => {
+        if (key !== 'overrides' && config[key] !== undefined) {
+            effective[key] = config[key];
+        }
+    });
+    if (!config.overrides) {
+        return effective;
+    }
+    // Construct override keys using the single format
+    const workspaceKey = `${baseUrl}:${workspaceId}:*`;
+    const repoKey = `${baseUrl}:${workspaceId}:${repo}`;
+    // Apply workspace-level overrides
+    if (config.overrides[workspaceKey]) {
+        Object.assign(effective, config.overrides[workspaceKey]);
+    }
+    // Apply repository-specific overrides (overrides workspace-level)
+    if (config.overrides[repoKey]) {
+        Object.assign(effective, config.overrides[repoKey]);
+    }
+    return effective;
+}

package/esm/context.js

@@ -10,7 +10,7 @@ async function tryResolveWorkspace(opts) {
     if (cache)
         return { isError: false, value: cache };
     if (opts.workspace) {
-        const e = await getWorkspaceByName(opts.workspace);
+        const e = await getWorkspaceByName(opts.workspace, opts.configDir);
         if (!e) {
             return {
                 isError: true,
@@ -32,8 +32,37 @@ async function tryResolveWorkspace(opts) {
 export async function resolveWorkspace(opts) {
     if (opts.baseUrl) {
         if (opts.workspace && opts.token) {
+            const normalizedBaseUrl = new URL(opts.baseUrl).toString(); // add trailing slash if not present
+            // Try to find existing workspace profile by name, then by workspaceId + remote
+            if (opts.workspace) {
+                // Try by workspace name first
+                let existingWorkspace = await getWorkspaceByName(opts.workspace, opts.configDir);
+                // If not found by name, try to find by workspaceId + remote match
+                if (!existingWorkspace) {
+                    const { allWorkspaces } = await import("./workspace.js");
+                    const workspaces = await allWorkspaces(opts.configDir);
+                    const matchingWorkspaces = workspaces.filter(w => w.workspaceId === opts.workspace && w.remote === normalizedBaseUrl);
+                    // Due to uniqueness constraint, there can only be 0 or 1 match
+                    if (matchingWorkspaces.length === 1) {
+                        existingWorkspace = matchingWorkspaces[0];
+                    }
+                }
+                if (existingWorkspace) {
+                    // Validate that the base URL matches the profile's remote
+                    if (existingWorkspace.remote !== normalizedBaseUrl) {
+                        log.info(colors.red(`Base URL mismatch: --base-url is ${normalizedBaseUrl} but workspace profile "${opts.workspace}" uses ${existingWorkspace.remote}`));
+                        return dntShim.Deno.exit(-1);
+                    }
+                    // Use the existing workspace profile (preserves workspace name)
+                    return {
+                        ...existingWorkspace,
+                        token: opts.token, // Use the provided token
+                    };
+                }
+            }
+            // No existing profile found, create temporary workspace
             return {
-                remote: new URL(opts.baseUrl).toString(), // add trailing slash if not present
+                remote: normalizedBaseUrl,
                 workspaceId: opts.workspace,
                 name: opts.workspace,
                 token: opts.token,
@@ -63,16 +92,21 @@ export async function requireLogin(opts) {
     try {
         return await wmill.globalWhoami();
     }
-    catch {
+    catch (error) {
+        // Check for network errors and provide clearer messages
+        const errorMsg = error instanceof Error ? error.message : String(error);
+        if (errorMsg.includes('fetch') || errorMsg.includes('connection') || errorMsg.includes('ECONNREFUSED') || errorMsg.includes('refused')) {
+            throw new Error(`Network error: Could not connect to Windmill server at ${workspace.remote}`);
+        }
         log.info("! Could not reach API given existing credentials. Attempting to reauth...");
         const newToken = await loginInteractive(workspace.remote);
         if (!newToken) {
-            throw new Error("Could not reauth");
+            throw new Error("Unauthorized: Could not authenticate with the provided credentials");
         }
         removeWorkspace(workspace.name, false, opts);
         workspace.token = newToken;
         addWorkspace(workspace, opts);
-        setClient(token, workspace.remote.substring(0, workspace.remote.length - 1));
+        setClient(newToken, workspace.remote.substring(0, workspace.remote.length - 1));
         return await wmill.globalWhoami();
     }
 }
@@ -86,6 +120,11 @@ export async function fetchVersion(baseUrl) {
         }
     }
     const response = await fetch(new URL(new URL(baseUrl).origin + "/api/version"), { headers: requestHeaders, method: "GET" });
+    if (!response.ok) {
+        // Consume response body even on error to avoid resource leak
+        await response.text();
+        throw new Error(`Failed to fetch version: ${response.status} ${response.statusText}`);
+    }
     return await response.text();
 }
 export async function tryResolveVersion(opts) {

package/esm/gen/core/OpenAPI.js

@@ -32,7 +32,7 @@ export const OpenAPI = {
     PASSWORD: undefined,
     TOKEN: getEnv("WM_TOKEN"),
     USERNAME: undefined,
-    VERSION: '1.505.4',
+    VERSION: '1.507.0',
     WITH_CREDENTIALS: true,
     interceptors: {
         request: new Interceptors(),

package/esm/gen/services.gen.js

@@ -2332,6 +2332,25 @@ export const createAccount = (data) => {
         mediaType: 'application/json'
     });
 };
+/**
+ * connect OAuth using client credentials
+ * @param data The data for the request.
+ * @param data.client OAuth client name
+ * @param data.requestBody client credentials flow parameters
+ * @returns TokenResponse OAuth token response
+ * @throws ApiError
+ */
+export const connectClientCredentials = (data) => {
+    return __request(OpenAPI, {
+        method: 'POST',
+        url: '/oauth/connect_client_credentials/{client}',
+        path: {
+            client: data.client
+        },
+        body: data.requestBody,
+        mediaType: 'application/json'
+    });
+};
 /**
  * refresh token
  * @param data The data for the request.