mosaicstack/stack
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

Compare commits

base: mosaicstack:feat/mosaic-forge-cli-v2
Branches Tags
mosaicstack:main mosaicstack:release/mosaic-v0.0.29 mosaicstack:fix/installer-idempotent-creds mosaicstack:feat/framework-superpowers-enforcement mosaicstack:feat/install-ux-intent mosaicstack:feat/install-ux-polish mosaicstack:docs/iuv-m01-complete mosaicstack:fix/build-vitest-allowdefault mosaicstack:fix/bootstrap-hotfix mosaicstack:docs/install-ux-v2-scaffold mosaicstack:release/mosaic-v0.0.25 mosaicstack:docs/iuh-mission-complete mosaicstack:feat/unified-first-run mosaicstack:docs/iuh-m02-complete mosaicstack:feat/wizard-remediation mosaicstack:feat/mosaic-macp-cli mosaicstack:fix/gateway-token-recovery-review mosaicstack:feat/mosaic-auth-cli mosaicstack:feat/mosaic-forge-cli-v2 mosaicstack:feat/mosaic-storage-cli mosaicstack:feat/mosaic-memory-cli mosaicstack:feat/gateway-token-recovery mosaicstack:feat/mosaic-forge-cli mosaicstack:feat/mosaic-config-command mosaicstack:feat/mosaic-queue-cli mosaicstack:feat/mosaic-brain-cli mosaicstack:feat/mosaic-help-alphabetize mosaicstack:docs/gateway-token-recovery-plan mosaicstack:chore/bump-mosaic-0.0.21 mosaicstack:fix/populate-known-packages-list mosaicstack:fix/publish-loud-errors mosaicstack:fix/gitea-org-rename mosaicstack:fix/gateway-install-ux mosaicstack:fix/rename-mosaic-scope-391 mosaicstack:fix/db-memory-queue-publish-drift mosaicstack:fix/updater-wrapper-gitea-387 mosaicstack:fix/config-package-version-drift mosaicstack:fix/updater-mosaic-package-382 mosaicstack:fix/merge-cli-into-mosaic mosaicstack:fix/metapackage-cli-dep mosaicstack:chore/bump-cli-mosaic-0.0.16 mosaicstack:fix/gateway-deprecation-warnings mosaicstack:fix/gateway-install-prefix-eacces mosaicstack:chore/gateway-default-port-14242 mosaicstack:fix/gateway-scoped-registry mosaicstack:fix/gateway-install-registry mosaicstack:chore/bump-0.0.11 mosaicstack:feat/gateway-local-tier mosaicstack:feat/task-1775219952-fix-add-build-tools-to-ci-install-step-for-better-sqlite3 mosaicstack:fix/pnpm-build-scripts mosaicstack:fix/storage-sqlite-ci mosaicstack:feat/storage-abstraction mosaicstack:fix/idempotent-init
mosaicstack:mosaic-v0.0.29 mosaicstack:mosaic-v0.0.28 mosaicstack:mosaic-v0.0.27 mosaicstack:mosaic-v0.0.26 mosaicstack:mosaic-v0.0.25 mosaicstack:mosaic-v0.0.24 mosaicstack:v0.2.0 mosaicstack:v0.1.0 mosaicstack:v0.0.8 mosaicstack:v0.0.7 mosaicstack:v0.0.6 mosaicstack:v0.0.5 mosaicstack:v0.0.4
..
compare: mosaicstack:006b7352c7d6f12b958a9ee4f7b1bcf91df10929
Branches Tags
mosaicstack:main mosaicstack:release/mosaic-v0.0.29 mosaicstack:fix/installer-idempotent-creds mosaicstack:feat/framework-superpowers-enforcement mosaicstack:feat/install-ux-intent mosaicstack:feat/install-ux-polish mosaicstack:docs/iuv-m01-complete mosaicstack:fix/build-vitest-allowdefault mosaicstack:fix/bootstrap-hotfix mosaicstack:docs/install-ux-v2-scaffold mosaicstack:release/mosaic-v0.0.25 mosaicstack:docs/iuh-mission-complete mosaicstack:feat/unified-first-run mosaicstack:docs/iuh-m02-complete mosaicstack:feat/wizard-remediation mosaicstack:feat/mosaic-macp-cli mosaicstack:fix/gateway-token-recovery-review mosaicstack:feat/mosaic-auth-cli mosaicstack:feat/mosaic-forge-cli-v2 mosaicstack:feat/mosaic-storage-cli mosaicstack:feat/mosaic-memory-cli mosaicstack:feat/gateway-token-recovery mosaicstack:feat/mosaic-forge-cli mosaicstack:feat/mosaic-config-command mosaicstack:feat/mosaic-queue-cli mosaicstack:feat/mosaic-brain-cli mosaicstack:feat/mosaic-help-alphabetize mosaicstack:docs/gateway-token-recovery-plan mosaicstack:chore/bump-mosaic-0.0.21 mosaicstack:fix/populate-known-packages-list mosaicstack:fix/publish-loud-errors mosaicstack:fix/gitea-org-rename mosaicstack:fix/gateway-install-ux mosaicstack:fix/rename-mosaic-scope-391 mosaicstack:fix/db-memory-queue-publish-drift mosaicstack:fix/updater-wrapper-gitea-387 mosaicstack:fix/config-package-version-drift mosaicstack:fix/updater-mosaic-package-382 mosaicstack:fix/merge-cli-into-mosaic mosaicstack:fix/metapackage-cli-dep mosaicstack:chore/bump-cli-mosaic-0.0.16 mosaicstack:fix/gateway-deprecation-warnings mosaicstack:fix/gateway-install-prefix-eacces mosaicstack:chore/gateway-default-port-14242 mosaicstack:fix/gateway-scoped-registry mosaicstack:fix/gateway-install-registry mosaicstack:chore/bump-0.0.11 mosaicstack:feat/gateway-local-tier mosaicstack:feat/task-1775219952-fix-add-build-tools-to-ci-install-step-for-better-sqlite3 mosaicstack:fix/pnpm-build-scripts mosaicstack:fix/storage-sqlite-ci mosaicstack:feat/storage-abstraction mosaicstack:fix/idempotent-init
mosaicstack:mosaic-v0.0.29 mosaicstack:mosaic-v0.0.28 mosaicstack:mosaic-v0.0.27 mosaicstack:mosaic-v0.0.26 mosaicstack:mosaic-v0.0.25 mosaicstack:mosaic-v0.0.24 mosaicstack:v0.2.0 mosaicstack:v0.1.0 mosaicstack:v0.0.8 mosaicstack:v0.0.7 mosaicstack:v0.0.6 mosaicstack:v0.0.5 mosaicstack:v0.0.4

1 Commits
feat/mosai ... 006b7352c7

Author SHA1 Message Date
Jarvis
006b7352c7 feat(forge): add registerForgeCommand for mosaic forge CLI surface
Some checks failed
ci/woodpecker/pr/ci Pipeline failed
Details
ci/woodpecker/push/ci Pipeline failed
Details 
Adds mosaic forge run|status|resume|personas list subcommands to
@mosaicstack/forge, wires registerForgeCommand into the root mosaic CLI,
and ships a smoke test asserting command structure. Ref CU-05-01
cli-unification-20260404.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-05 00:45:25 -05:00
24 changed files with 5 additions and 2041 deletions
Expand all files Collapse all files

1
packages/log/package.json
View File

@@ -23,7 +23,6 @@
},
"dependencies": {
"@mosaicstack/db": "workspace:*",
"commander": "^13.0.0",
"drizzle-orm": "^0.45.1"
},
"devDependencies": {

68
packages/log/src/cli.spec.ts
View File

@@ -1,68 +0,0 @@
import { Command } from 'commander';
import { describe, it, expect } from 'vitest';
import { registerLogCommand } from './cli.js';
function buildTestProgram(): Command {
const program = new Command('mosaic');
program.exitOverride(); // prevent process.exit in tests
registerLogCommand(program);
return program;
}
describe('registerLogCommand', () => {
it('registers a "log" subcommand on the parent', () => {
const program = buildTestProgram();
const names = program.commands.map((c) => c.name());
expect(names).toContain('log');
});
it('log command has tail, search, export, and level subcommands', () => {
const program = buildTestProgram();
const logCmd = program.commands.find((c) => c.name() === 'log');
expect(logCmd).toBeDefined();
const subNames = logCmd!.commands.map((c) => c.name());
expect(subNames).toContain('tail');
expect(subNames).toContain('search');
expect(subNames).toContain('export');
expect(subNames).toContain('level');
});
it('tail subcommand has expected options', () => {
const program = buildTestProgram();
const logCmd = program.commands.find((c) => c.name() === 'log')!;
const tailCmd = logCmd.commands.find((c) => c.name() === 'tail')!;
const optionNames = tailCmd.options.map((o) => o.long);
expect(optionNames).toContain('--agent');
expect(optionNames).toContain('--level');
expect(optionNames).toContain('--category');
expect(optionNames).toContain('--tier');
expect(optionNames).toContain('--limit');
expect(optionNames).toContain('--db');
});
it('search subcommand accepts a positional query argument', () => {
const program = buildTestProgram();
const logCmd = program.commands.find((c) => c.name() === 'log')!;
const searchCmd = logCmd.commands.find((c) => c.name() === 'search')!;
// Commander stores positional args in _args
const argNames = searchCmd.registeredArguments.map((a) => a.name());
expect(argNames).toContain('query');
});
it('export subcommand accepts a positional path argument', () => {
const program = buildTestProgram();
const logCmd = program.commands.find((c) => c.name() === 'log')!;
const exportCmd = logCmd.commands.find((c) => c.name() === 'export')!;
const argNames = exportCmd.registeredArguments.map((a) => a.name());
expect(argNames).toContain('path');
});
it('level subcommand accepts a positional level argument', () => {
const program = buildTestProgram();
const logCmd = program.commands.find((c) => c.name() === 'log')!;
const levelCmd = logCmd.commands.find((c) => c.name() === 'level')!;
const argNames = levelCmd.registeredArguments.map((a) => a.name());
expect(argNames).toContain('level');
});
});

177
packages/log/src/cli.ts
View File

@@ -1,177 +0,0 @@
import { writeFileSync } from 'node:fs';
import type { Command } from 'commander';
import type { LogCategory, LogLevel, LogTier } from './agent-logs.js';
interface FilterOptions {
agent?: string;
level?: string;
category?: string;
tier?: string;
limit?: string;
db?: string;
}
function parseLimit(raw: string | undefined, defaultVal = 50): number {
if (!raw) return defaultVal;
const n = parseInt(raw, 10);
return Number.isFinite(n) && n > 0 ? n : defaultVal;
}
function buildQuery(opts: FilterOptions) {
return {
...(opts.agent ? { sessionId: opts.agent } : {}),
...(opts.level ? { level: opts.level as LogLevel } : {}),
...(opts.category ? { category: opts.category as LogCategory } : {}),
...(opts.tier ? { tier: opts.tier as LogTier } : {}),
limit: parseLimit(opts.limit),
};
}
async function openDb(connectionString: string) {
const { createDb } = await import('@mosaicstack/db');
return createDb(connectionString);
}
function resolveConnectionString(opts: FilterOptions): string | undefined {
return opts.db ?? process.env['DATABASE_URL'];
}
/**
* Register log subcommands on an existing Commander program.
* This avoids cross-package Commander version mismatches by using the
* caller's Command instance directly.
*/
export function registerLogCommand(parent: Command): void {
const log = parent.command('log').description('Query and manage agent logs');
// ─── tail ───────────────────────────────────────────────────────────────
log
.command('tail')
.description('Tail recent agent logs')
.option('--agent <id>', 'Filter by agent/session ID')
.option('--level <level>', 'Filter by log level (debug|info|warn|error)')
.option('--category <cat>', 'Filter by category (decision|tool_use|learning|error|general)')
.option('--tier <tier>', 'Filter by tier (hot|warm|cold)')
.option('--limit <n>', 'Number of logs to return (default 50)', '50')
.option('--db <connection-string>', 'Database connection string (or set DATABASE_URL)')
.action(async (opts: FilterOptions) => {
const connStr = resolveConnectionString(opts);
if (!connStr) {
console.error('Database connection required: use --db or set DATABASE_URL');
process.exit(1);
}
const handle = await openDb(connStr);
try {
const { createLogService } = await import('./log-service.js');
const svc = createLogService(handle.db);
const query = buildQuery(opts);
const logs = await svc.logs.query(query);
if (logs.length === 0) {
console.log('No logs found.');
return;
}
for (const entry of logs) {
const ts = new Date(entry.createdAt).toISOString();
console.log(`[${ts}] [${entry.level}] [${entry.category}] ${entry.content}`);
}
} finally {
await handle.close();
}
});
// ─── search ─────────────────────────────────────────────────────────────
log
.command('search <query>')
.description('Full-text search over agent logs')
.option('--agent <id>', 'Filter by agent/session ID')
.option('--level <level>', 'Filter by log level (debug|info|warn|error)')
.option('--category <cat>', 'Filter by category (decision|tool_use|learning|error|general)')
.option('--tier <tier>', 'Filter by tier (hot|warm|cold)')
.option('--limit <n>', 'Number of logs to return (default 50)', '50')
.option('--db <connection-string>', 'Database connection string (or set DATABASE_URL)')
.action(async (query: string, opts: FilterOptions) => {
const connStr = resolveConnectionString(opts);
if (!connStr) {
console.error('Database connection required: use --db or set DATABASE_URL');
process.exit(1);
}
const handle = await openDb(connStr);
try {
const { createLogService } = await import('./log-service.js');
const svc = createLogService(handle.db);
const baseQuery = buildQuery(opts);
const logs = await svc.logs.query(baseQuery);
const lowerQ = query.toLowerCase();
const matched = logs.filter(
(e) =>
e.content.toLowerCase().includes(lowerQ) ||
(e.metadata != null && JSON.stringify(e.metadata).toLowerCase().includes(lowerQ)),
);
if (matched.length === 0) {
console.log('No matching logs found.');
return;
}
for (const entry of matched) {
const ts = new Date(entry.createdAt).toISOString();
console.log(`[${ts}] [${entry.level}] [${entry.category}] ${entry.content}`);
}
} finally {
await handle.close();
}
});
// ─── export ─────────────────────────────────────────────────────────────
log
.command('export <path>')
.description('Export matching logs to an NDJSON file')
.option('--agent <id>', 'Filter by agent/session ID')
.option('--level <level>', 'Filter by log level (debug|info|warn|error)')
.option('--category <cat>', 'Filter by category (decision|tool_use|learning|error|general)')
.option('--tier <tier>', 'Filter by tier (hot|warm|cold)')
.option('--limit <n>', 'Number of logs to export (default 50)', '50')
.option('--db <connection-string>', 'Database connection string (or set DATABASE_URL)')
.action(async (outputPath: string, opts: FilterOptions) => {
const connStr = resolveConnectionString(opts);
if (!connStr) {
console.error('Database connection required: use --db or set DATABASE_URL');
process.exit(1);
}
const handle = await openDb(connStr);
try {
const { createLogService } = await import('./log-service.js');
const svc = createLogService(handle.db);
const query = buildQuery(opts);
const logs = await svc.logs.query(query);
const ndjson = logs.map((e) => JSON.stringify(e)).join('\n');
writeFileSync(outputPath, ndjson, 'utf8');
console.log(`Exported ${logs.length} log(s) to ${outputPath}`);
} finally {
await handle.close();
}
});
// ─── level ──────────────────────────────────────────────────────────────
log
.command('level <level>')
.description('Set runtime log level for the connected log service')
.action((level: string) => {
void level;
console.log(
'Runtime log level adjustment is not supported in current mode (DB-backed log service).',
);
process.exitCode = 0;
});
}

1
packages/log/src/index.ts
View File

@@ -9,4 +9,3 @@ export {
type LogTier,
type LogQuery,
} from './agent-logs.js';
export { registerLogCommand } from './cli.js';

1
packages/memory/package.json
View File

@@ -25,7 +25,6 @@
"@mosaicstack/db": "workspace:*",
"@mosaicstack/storage": "workspace:*",
"@mosaicstack/types": "workspace:*",
"commander": "^13.0.0",
"drizzle-orm": "^0.45.1"
},
"devDependencies": {

63
packages/memory/src/cli.spec.ts
View File

@@ -1,63 +0,0 @@
import { describe, it, expect } from 'vitest';
import { Command } from 'commander';
import { registerMemoryCommand } from './cli.js';
/**
* Smoke test — only verifies command wiring.
* Does NOT open a database connection.
*/
describe('registerMemoryCommand', () => {
function buildProgram(): Command {
const program = new Command('mosaic');
program.exitOverride(); // prevent process.exit during tests
registerMemoryCommand(program);
return program;
}
it('registers a "memory" subcommand', () => {
const program = buildProgram();
const memory = program.commands.find((c) => c.name() === 'memory');
expect(memory).toBeDefined();
});
it('registers "memory search"', () => {
const program = buildProgram();
const memory = program.commands.find((c) => c.name() === 'memory')!;
const search = memory.commands.find((c) => c.name() === 'search');
expect(search).toBeDefined();
});
it('registers "memory stats"', () => {
const program = buildProgram();
const memory = program.commands.find((c) => c.name() === 'memory')!;
const stats = memory.commands.find((c) => c.name() === 'stats');
expect(stats).toBeDefined();
});
it('registers "memory insights list"', () => {
const program = buildProgram();
const memory = program.commands.find((c) => c.name() === 'memory')!;
const insights = memory.commands.find((c) => c.name() === 'insights');
expect(insights).toBeDefined();
const list = insights!.commands.find((c) => c.name() === 'list');
expect(list).toBeDefined();
});
it('registers "memory preferences list"', () => {
const program = buildProgram();
const memory = program.commands.find((c) => c.name() === 'memory')!;
const preferences = memory.commands.find((c) => c.name() === 'preferences');
expect(preferences).toBeDefined();
const list = preferences!.commands.find((c) => c.name() === 'list');
expect(list).toBeDefined();
});
it('"memory search" has --limit and --agent options', () => {
const program = buildProgram();
const memory = program.commands.find((c) => c.name() === 'memory')!;
const search = memory.commands.find((c) => c.name() === 'search')!;
const optNames = search.options.map((o) => o.long);
expect(optNames).toContain('--limit');
expect(optNames).toContain('--agent');
});
});

179
packages/memory/src/cli.ts
View File

@@ -1,179 +0,0 @@
import type { Command } from 'commander';
import type { MemoryAdapter } from './types.js';
/**
* Build and return a connected MemoryAdapter from a connection string or
* the MEMORY_DB_URL / DATABASE_URL environment variable.
*
* For pgvector (postgres://...) the connection string is injected into
* DATABASE_URL so that PgVectorAdapter's internal createDb() picks it up.
*
* Throws with a human-readable message if no connection info is available.
*/
async function resolveAdapter(dbOption: string | undefined): Promise<MemoryAdapter> {
const connStr = dbOption ?? process.env['MEMORY_DB_URL'] ?? process.env['DATABASE_URL'];
if (!connStr) {
throw new Error(
'No database connection string provided. ' +
'Pass --db <connection-string> or set MEMORY_DB_URL / DATABASE_URL.',
);
}
// Lazy imports so the module loads cleanly without a live DB during smoke tests.
const { createMemoryAdapter, registerMemoryAdapter } = await import('./factory.js');
if (connStr.startsWith('postgres') || connStr.startsWith('pg')) {
// PgVectorAdapter reads DATABASE_URL via createDb() — inject it here.
process.env['DATABASE_URL'] = connStr;
const { PgVectorAdapter } = await import('./adapters/pgvector.js');
registerMemoryAdapter('pgvector', (cfg) => new PgVectorAdapter(cfg as never));
return createMemoryAdapter({ type: 'pgvector' });
}
// Keyword adapter backed by pglite storage; treat connStr as a data directory.
const { KeywordAdapter } = await import('./adapters/keyword.js');
const { createStorageAdapter, registerStorageAdapter } = await import('@mosaicstack/storage');
const { PgliteAdapter } = await import('@mosaicstack/storage');
registerStorageAdapter('pglite', (cfg) => new PgliteAdapter(cfg as never));
const storage = createStorageAdapter({ type: 'pglite', dataDir: connStr });
registerMemoryAdapter('keyword', (cfg) => new KeywordAdapter(cfg as never));
return createMemoryAdapter({ type: 'keyword', storage });
}
/**
* Register `memory` subcommands on an existing Commander program.
* Follows the registerQualityRails pattern from @mosaicstack/quality-rails.
*/
export function registerMemoryCommand(parent: Command): void {
const memory = parent.command('memory').description('Inspect and query the Mosaic memory layer');
// ── memory search <query> ──────────────────────────────────────────────
memory
.command('search <query>')
.description('Semantic search over insights')
.option('--db <connection-string>', 'Database connection string (or set MEMORY_DB_URL)')
.option('--limit <n>', 'Maximum number of results', '10')
.option('--agent <id>', 'Filter by agent / user ID')
.action(async (query: string, opts: { db?: string; limit: string; agent?: string }) => {
let adapter: MemoryAdapter | undefined;
try {
adapter = await resolveAdapter(opts.db);
const limit = parseInt(opts.limit, 10);
const userId = opts.agent ?? 'system';
const results = await adapter.searchInsights(userId, query, { limit });
if (results.length === 0) {
console.log('No insights found.');
} else {
for (const r of results) {
console.log(`[${r.id}] (score=${r.score.toFixed(3)}) ${r.content}`);
}
}
} catch (err) {
console.error(`Error: ${err instanceof Error ? err.message : String(err)}`);
process.exitCode = 1;
} finally {
await adapter?.close();
}
});
// ── memory stats ──────────────────────────────────────────────────────
memory
.command('stats')
.description('Print memory tier info: adapter type, insight count, preference count')
.option('--db <connection-string>', 'Database connection string (or set MEMORY_DB_URL)')
.option('--agent <id>', 'User / agent ID scope for counts', 'system')
.action(async (opts: { db?: string; agent: string }) => {
let adapter: MemoryAdapter | undefined;
try {
adapter = await resolveAdapter(opts.db);
const adapterType = adapter.name;
const insightCount = await adapter
.searchInsights(opts.agent, '', { limit: 100000 })
.then((r) => r.length)
.catch(() => -1);
const prefCount = await adapter
.listPreferences(opts.agent)
.then((r) => r.length)
.catch(() => -1);
console.log(`adapter: ${adapterType}`);
console.log(`insights: ${insightCount === -1 ? 'unavailable' : String(insightCount)}`);
console.log(`preferences: ${prefCount === -1 ? 'unavailable' : String(prefCount)}`);
} catch (err) {
console.error(`Error: ${err instanceof Error ? err.message : String(err)}`);
process.exitCode = 1;
} finally {
await adapter?.close();
}
});
// ── memory insights ───────────────────────────────────────────────────
const insightsCmd = memory.command('insights').description('Manage insights');
insightsCmd
.command('list')
.description('List recent insights')
.option('--db <connection-string>', 'Database connection string (or set MEMORY_DB_URL)')
.option('--limit <n>', 'Maximum number of results', '20')
.option('--agent <id>', 'User / agent ID scope', 'system')
.action(async (opts: { db?: string; limit: string; agent: string }) => {
let adapter: MemoryAdapter | undefined;
try {
adapter = await resolveAdapter(opts.db);
const limit = parseInt(opts.limit, 10);
const results = await adapter.searchInsights(opts.agent, '', { limit });
if (results.length === 0) {
console.log('No insights found.');
} else {
for (const r of results) {
console.log(`[${r.id}] ${r.content}`);
}
}
} catch (err) {
console.error(`Error: ${err instanceof Error ? err.message : String(err)}`);
process.exitCode = 1;
} finally {
await adapter?.close();
}
});
// ── memory preferences ────────────────────────────────────────────────
const prefsCmd = memory.command('preferences').description('Manage stored preferences');
prefsCmd
.command('list')
.description('List stored preferences')
.option('--db <connection-string>', 'Database connection string (or set MEMORY_DB_URL)')
.option('--agent <id>', 'User / agent ID scope', 'system')
.option('--category <cat>', 'Filter by category')
.action(async (opts: { db?: string; agent: string; category?: string }) => {
let adapter: MemoryAdapter | undefined;
try {
adapter = await resolveAdapter(opts.db);
const prefs = await adapter.listPreferences(opts.agent, opts.category);
if (prefs.length === 0) {
console.log('No preferences found.');
} else {
for (const p of prefs) {
console.log(`[${p.category}] ${p.key} = ${JSON.stringify(p.value)}`);
}
}
} catch (err) {
console.error(`Error: ${err instanceof Error ? err.message : String(err)}`);
process.exitCode = 1;
} finally {
await adapter?.close();
}
});
}

1
packages/memory/src/index.ts
View File

@@ -1,5 +1,4 @@
export { createMemory, type Memory } from './memory.js';
export { registerMemoryCommand } from './cli.js';
export {
createPreferencesRepo,
type PreferencesRepo,

3
packages/mosaic/package.json
View File

@@ -30,13 +30,10 @@
"@mosaicstack/brain": "workspace:*",
"@mosaicstack/config": "workspace:*",
"@mosaicstack/forge": "workspace:*",
"@mosaicstack/log": "workspace:*",
"@mosaicstack/macp": "workspace:*",
"@mosaicstack/memory": "workspace:*",
"@mosaicstack/prdy": "workspace:*",
"@mosaicstack/quality-rails": "workspace:*",
"@mosaicstack/queue": "workspace:*",
"@mosaicstack/storage": "workspace:*",
"@mosaicstack/types": "workspace:*",
"@clack/prompts": "^0.9.1",
"commander": "^13.0.0",

20
packages/mosaic/src/cli.ts
View File

@@ -4,17 +4,13 @@ import { createRequire } from 'module';
import { Command } from 'commander';
import { registerBrainCommand } from '@mosaicstack/brain';
import { registerForgeCommand } from '@mosaicstack/forge';
import { registerLogCommand } from '@mosaicstack/log';
import { registerMemoryCommand } from '@mosaicstack/memory';
import { registerQualityRails } from '@mosaicstack/quality-rails';
import { registerQueueCommand } from '@mosaicstack/queue';
import { registerStorageCommand } from '@mosaicstack/storage';
import { registerAgentCommand } from './commands/agent.js';
import { registerConfigCommand } from './commands/config.js';
import { registerMissionCommand } from './commands/mission.js';
// prdy is registered via launch.ts
import { registerLaunchCommands } from './commands/launch.js';
import { registerAuthCommand } from './commands/auth.js';
import { registerGatewayCommand } from './commands/gateway.js';
import {
backgroundUpdateCheck,
@@ -329,10 +325,6 @@ sessionsCmd
}
});
// ─── auth ────────────────────────────────────────────────────────────────
registerAuthCommand(program);
// ─── gateway ──────────────────────────────────────────────────────────
registerGatewayCommand(program);
@@ -361,22 +353,10 @@ registerForgeCommand(program);
registerQualityRails(program);
// ─── log ─────────────────────────────────────────────────────────────────
registerLogCommand(program);
// ─── memory ──────────────────────────────────────────────────────────────
registerMemoryCommand(program);
// ─── queue ───────────────────────────────────────────────────────────────
registerQueueCommand(program);
// ─── storage ─────────────────────────────────────────────────────────────
registerStorageCommand(program);
// ─── update ─────────────────────────────────────────────────────────────
program

114
packages/mosaic/src/commands/auth.spec.ts
View File

@@ -1,114 +0,0 @@
import { describe, it, expect, vi, beforeEach } from 'vitest';
import { Command } from 'commander';
// ─── Mocks ──────────────────────────────────────────────────────────────────
// These mocks prevent any real disk/network access during tests.
vi.mock('./gateway/login.js', () => ({
getGatewayUrl: vi.fn().mockReturnValue('http://localhost:14242'),
}));
vi.mock('./gateway/token-ops.js', () => ({
requireSession: vi.fn().mockResolvedValue('better-auth.session_token=test'),
}));
// Global fetch is never called in smoke tests (no actions invoked).
import { registerAuthCommand } from './auth.js';
// ─── Helpers ─────────────────────────────────────────────────────────────────
function buildTestProgram(): Command {
const program = new Command('mosaic').exitOverride();
registerAuthCommand(program);
return program;
}
function findCommand(program: Command, ...path: string[]): Command | undefined {
let current: Command = program;
for (const name of path) {
const found = current.commands.find((c) => c.name() === name);
if (!found) return undefined;
current = found;
}
return current;
}
// ─── Tests ───────────────────────────────────────────────────────────────────
describe('registerAuthCommand', () => {
let program: Command;
beforeEach(() => {
vi.clearAllMocks();
program = buildTestProgram();
});
it('registers the top-level auth command', () => {
const authCmd = findCommand(program, 'auth');
expect(authCmd).toBeDefined();
expect(authCmd?.name()).toBe('auth');
});
describe('auth users', () => {
it('registers the users subcommand', () => {
const usersCmd = findCommand(program, 'auth', 'users');
expect(usersCmd).toBeDefined();
});
it('registers users list with --limit flag', () => {
const listCmd = findCommand(program, 'auth', 'users', 'list');
expect(listCmd).toBeDefined();
const limitOpt = listCmd?.options.find((o) => o.long === '--limit');
expect(limitOpt).toBeDefined();
});
it('registers users create', () => {
const createCmd = findCommand(program, 'auth', 'users', 'create');
expect(createCmd).toBeDefined();
});
it('registers users delete with --yes flag', () => {
const deleteCmd = findCommand(program, 'auth', 'users', 'delete');
expect(deleteCmd).toBeDefined();
const yesOpt = deleteCmd?.options.find((o) => o.long === '--yes');
expect(yesOpt).toBeDefined();
});
});
describe('auth sso', () => {
it('registers the sso subcommand', () => {
const ssoCmd = findCommand(program, 'auth', 'sso');
expect(ssoCmd).toBeDefined();
});
it('registers sso list', () => {
const listCmd = findCommand(program, 'auth', 'sso', 'list');
expect(listCmd).toBeDefined();
});
it('registers sso test', () => {
const testCmd = findCommand(program, 'auth', 'sso', 'test');
expect(testCmd).toBeDefined();
});
});
describe('auth sessions', () => {
it('registers the sessions subcommand', () => {
const sessCmd = findCommand(program, 'auth', 'sessions');
expect(sessCmd).toBeDefined();
});
it('registers sessions list', () => {
const listCmd = findCommand(program, 'auth', 'sessions', 'list');
expect(listCmd).toBeDefined();
});
});
it('all top-level auth subcommand names are correct', () => {
const authCmd = findCommand(program, 'auth');
expect(authCmd).toBeDefined();
const names = authCmd!.commands.map((c) => c.name()).sort();
expect(names).toEqual(['sessions', 'sso', 'users']);
});
});

331
packages/mosaic/src/commands/auth.ts
View File

@@ -1,331 +0,0 @@
import type { Command } from 'commander';
import { getGatewayUrl } from './gateway/login.js';
import { requireSession } from './gateway/token-ops.js';
// ─── Types ───────────────────────────────────────────────────────────────────
interface UserDto {
id: string;
name: string;
email: string;
role: string;
banned: boolean;
banReason: string | null;
createdAt: string;
updatedAt: string;
}
interface UserListDto {
users: UserDto[];
total: number;
}
// ─── HTTP helpers ────────────────────────────────────────────────────────────
async function adminGet<T>(gatewayUrl: string, cookie: string, path: string): Promise<T> {
let res: Response;
try {
res = await fetch(`${gatewayUrl}${path}`, {
headers: { Cookie: cookie, Origin: gatewayUrl },
});
} catch (err) {
console.error(
`Could not reach gateway at ${gatewayUrl}: ${err instanceof Error ? err.message : String(err)}`,
);
process.exit(1);
}
if (res.status === 401 || res.status === 403) {
console.error(`Session rejected by the gateway (${res.status.toString()}).`);
console.error('Run: mosaic gateway login');
process.exit(2);
}
if (!res.ok) {
const body = await res.text().catch(() => '');
console.error(`Gateway returned error (${res.status.toString()}): ${body.slice(0, 200)}`);
process.exit(3);
}
return res.json() as Promise<T>;
}
async function adminPost<T>(
gatewayUrl: string,
cookie: string,
path: string,
body: unknown,
): Promise<T> {
let res: Response;
try {
res = await fetch(`${gatewayUrl}${path}`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
Cookie: cookie,
Origin: gatewayUrl,
},
body: JSON.stringify(body),
});
} catch (err) {
console.error(
`Could not reach gateway at ${gatewayUrl}: ${err instanceof Error ? err.message : String(err)}`,
);
process.exit(1);
}
if (res.status === 401 || res.status === 403) {
console.error(`Session rejected by the gateway (${res.status.toString()}).`);
console.error('Run: mosaic gateway login');
process.exit(2);
}
if (!res.ok) {
const body = await res.text().catch(() => '');
console.error(`Gateway returned error (${res.status.toString()}): ${body.slice(0, 200)}`);
process.exit(3);
}
return res.json() as Promise<T>;
}
async function adminDelete(gatewayUrl: string, cookie: string, path: string): Promise<void> {
let res: Response;
try {
res = await fetch(`${gatewayUrl}${path}`, {
method: 'DELETE',
headers: { Cookie: cookie, Origin: gatewayUrl },
});
} catch (err) {
console.error(
`Could not reach gateway at ${gatewayUrl}: ${err instanceof Error ? err.message : String(err)}`,
);
process.exit(1);
}
if (res.status === 401 || res.status === 403) {
console.error(`Session rejected by the gateway (${res.status.toString()}).`);
console.error('Run: mosaic gateway login');
process.exit(2);
}
if (!res.ok && res.status !== 204) {
const body = await res.text().catch(() => '');
console.error(`Gateway returned error (${res.status.toString()}): ${body.slice(0, 200)}`);
process.exit(3);
}
}
// ─── Formatters ──────────────────────────────────────────────────────────────
function printUser(u: UserDto): void {
console.log(` ID: ${u.id}`);
console.log(` Name: ${u.name}`);
console.log(` Email: ${u.email}`);
console.log(` Role: ${u.role}`);
console.log(` Banned: ${u.banned ? `yes (${u.banReason ?? 'no reason'})` : 'no'}`);
console.log(` Created: ${new Date(u.createdAt).toLocaleString()}`);
console.log('');
}
// ─── Register function ───────────────────────────────────────────────────────
/**
* Register `mosaic auth` subcommands on an existing Commander program.
*
* Location rationale: placed in packages/mosaic rather than packages/auth because
* the CLI needs session helpers (loadSession, validateSession, requireSession)
* and gateway URL resolution (getGatewayUrl) that live in packages/mosaic.
* Keeping packages/auth as a pure server-side library avoids adding commander
* and CLI tooling as dependencies there.
*/
export function registerAuthCommand(parent: Command): void {
const auth = parent
.command('auth')
.description('Manage gateway authentication, users, SSO providers, and sessions')
.configureHelp({ sortSubcommands: true })
.action(() => {
auth.outputHelp();
});
// ─── users ──────────────────────────────────────────────────────────────
const users = auth
.command('users')
.description('Manage gateway users')
.configureHelp({ sortSubcommands: true })
.action(() => {
users.outputHelp();
});
users
.command('list')
.description('List all users on the gateway')
.option('-g, --gateway <url>', 'Gateway URL')
.option('-l, --limit <n>', 'Maximum number of users to display', '100')
.action(async (opts: { gateway?: string; limit: string }) => {
const url = getGatewayUrl(opts.gateway);
const cookie = await requireSession(url);
const limit = parseInt(opts.limit, 10);
const result = await adminGet<UserListDto>(url, cookie, '/api/admin/users');
const subset = result.users.slice(0, limit);
if (subset.length === 0) {
console.log('No users found.');
return;
}
console.log(`Users (${subset.length.toString()} of ${result.total.toString()}):\n`);
for (const u of subset) {
printUser(u);
}
});
users
.command('create')
.description('Create a new gateway user (interactive prompts)')
.option('-g, --gateway <url>', 'Gateway URL')
.action(async (opts: { gateway?: string }) => {
const url = getGatewayUrl(opts.gateway);
const cookie = await requireSession(url);
const {
text,
password: clackPassword,
select,
intro,
outro,
isCancel,
} = await import('@clack/prompts');
intro('Create a new Mosaic gateway user');
const name = await text({ message: 'Full name:', placeholder: 'Jane Doe' });
if (isCancel(name)) {
outro('Cancelled.');
process.exit(0);
}
const email = await text({ message: 'Email:', placeholder: 'jane@example.com' });
if (isCancel(email)) {
outro('Cancelled.');
process.exit(0);
}
const pw = await clackPassword({ message: 'Password:' });
if (isCancel(pw)) {
outro('Cancelled.');
process.exit(0);
}
const role = await select({
message: 'Role:',
options: [
{ value: 'member', label: 'member' },
{ value: 'admin', label: 'admin' },
],
});
if (isCancel(role)) {
outro('Cancelled.');
process.exit(0);
}
const created = await adminPost<UserDto>(url, cookie, '/api/admin/users', {
name: name as string,
email: email as string,
password: pw as string,
role: role as string,
});
outro(`User created: ${created.email} (${created.id})`);
});
users
.command('delete <id>')
.description('Delete a gateway user by ID')
.option('-g, --gateway <url>', 'Gateway URL')
.option('-y, --yes', 'Skip confirmation prompt')
.action(async (id: string, opts: { gateway?: string; yes?: boolean }) => {
const url = getGatewayUrl(opts.gateway);
const cookie = await requireSession(url);
if (!opts.yes) {
const { confirm, isCancel } = await import('@clack/prompts');
const confirmed = await confirm({
message: `Delete user ${id}? This cannot be undone.`,
});
if (isCancel(confirmed) || !confirmed) {
console.log('Aborted.');
process.exit(0);
}
}
await adminDelete(url, cookie, `/api/admin/users/${id}`);
console.log(`User ${id} deleted.`);
});
// ─── sso ────────────────────────────────────────────────────────────────
const sso = auth
.command('sso')
.description('Manage SSO provider configuration')
.configureHelp({ sortSubcommands: true })
.action(() => {
sso.outputHelp();
});
sso
.command('list')
.description('List configured SSO providers (reads gateway discovery endpoint if available)')
.option('-g, --gateway <url>', 'Gateway URL')
.action(async (opts: { gateway?: string }) => {
// The admin SSO discovery endpoint is not yet wired server-side.
// The buildSsoDiscovery helper in @mosaicstack/auth reads env-vars on the
// server; there is no GET /api/admin/sso endpoint in apps/gateway/src/admin/.
// Stub until a gateway admin route is wired.
console.log(
'not yet wired — admin endpoint missing (GET /api/admin/sso not implemented server-side)',
);
console.log(
'Hint: SSO providers are configured via environment variables (AUTHENTIK_*, WORKOS_*, KEYCLOAK_*).',
);
// Suppress unused variable warning
void opts;
});
sso
.command('test <provider>')
.description('Smoke-test a configured SSO provider')
.option('-g, --gateway <url>', 'Gateway URL')
.action(async (provider: string, opts: { gateway?: string }) => {
// No server-side SSO smoke-test endpoint exists yet.
console.log(
`not yet wired — admin endpoint missing (POST /api/admin/sso/${provider}/test not implemented server-side)`,
);
void opts;
});
// ─── sessions ────────────────────────────────────────────────────────────
const authSessions = auth
.command('sessions')
.description('Manage BetterAuth user sessions stored on the gateway')
.configureHelp({ sortSubcommands: true })
.action(() => {
authSessions.outputHelp();
});
authSessions
.command('list')
.description('List active user sessions')
.option('-g, --gateway <url>', 'Gateway URL')
.action(async (opts: { gateway?: string }) => {
// No GET /api/admin/auth-sessions endpoint exists in apps/gateway/src/admin/.
// Stub until a gateway admin route is wired.
console.log(
'not yet wired — admin endpoint missing (GET /api/admin/auth-sessions not implemented server-side)',
);
void opts;
});
}

40
packages/mosaic/src/commands/gateway.ts
View File

@@ -6,7 +6,6 @@ import {
stopDaemon,
waitForHealth,
} from './gateway/daemon.js';
import { getGatewayUrl } from './gateway/login.js';
interface GatewayParentOpts {
host: string;
@@ -120,28 +119,9 @@ export function registerGatewayCommand(program: Command): void {
await runStatus(opts);
});
// ─── login ──────────────────────────────────────────────────────────────
gw.command('login')
.description('Sign in to the gateway (defaults to URL from meta.json)')
.option('-g, --gateway <url>', 'Gateway URL (overrides meta.json)')
.option('-e, --email <email>', 'Email address')
.option('-p, --password <password>', 'Password')
.action(async (cmdOpts: { gateway?: string; email?: string; password?: string }) => {
const { runLogin } = await import('./gateway/login.js');
const url = getGatewayUrl(cmdOpts.gateway);
try {
await runLogin({ gatewayUrl: url, email: cmdOpts.email, password: cmdOpts.password });
} catch (err) {
console.error(err instanceof Error ? err.message : String(err));
process.exit(1);
}
});
// ─── config ─────────────────────────────────────────────────────────────
const configCmd = gw
.command('config')
gw.command('config')
.description('View or modify gateway configuration')
.option('--set <KEY=VALUE>', 'Set a configuration value')
.option('--unset <KEY>', 'Remove a configuration key')
@@ -151,24 +131,6 @@ export function registerGatewayCommand(program: Command): void {
await runConfig(cmdOpts);
});
configCmd
.command('rotate-token')
.description('Mint a new admin token using the stored BetterAuth session')
.option('-g, --gateway <url>', 'Gateway URL (overrides meta.json)')
.action(async (cmdOpts: { gateway?: string }) => {
const { runRotateToken } = await import('./gateway/token-ops.js');
await runRotateToken(cmdOpts.gateway);
});
configCmd
.command('recover-token')
.description('Recover an admin token — prompts for login if no valid session exists')
.option('-g, --gateway <url>', 'Gateway URL (overrides meta.json)')
.action(async (cmdOpts: { gateway?: string }) => {
const { runRecoverToken } = await import('./gateway/token-ops.js');
await runRecoverToken(cmdOpts.gateway);
});
// ─── logs ───────────────────────────────────────────────────────────────
gw.command('logs')

28
packages/mosaic/src/commands/gateway/install.ts
View File

@@ -388,32 +388,10 @@ async function bootstrapFirstUser(
if (!status.needsSetup) {
if (meta.adminToken) {
console.log('Admin user already exists (token on file).');
return;
} else {
console.log('Admin user already exists — skipping setup.');
console.log('(No admin token on file — sign in via the web UI to manage tokens.)');
}
// Admin user exists but no token — offer inline recovery when interactive.
console.log('Admin user already exists but no admin token is on file.');
if (process.stdin.isTTY) {
const answer = (await prompt(rl, 'Run token recovery now? [Y/n] ')).trim().toLowerCase();
if (answer === '' || answer === 'y' || answer === 'yes') {
console.log();
try {
const { ensureSession, mintAdminToken, persistToken } = await import('./token-ops.js');
const cookie = await ensureSession(baseUrl);
const label = `CLI recovery token (${new Date().toISOString().slice(0, 16).replace('T', ' ')})`;
const minted = await mintAdminToken(baseUrl, cookie, label);
persistToken(baseUrl, minted);
} catch (err) {
console.error(
`Token recovery failed: ${err instanceof Error ? err.message : String(err)}`,
);
}
return;
}
}
console.log('No admin token on file. Run: mosaic gateway config recover-token');
return;
}
} catch {

87
packages/mosaic/src/commands/gateway/login.spec.ts
View File

@@ -1,87 +0,0 @@
import { describe, it, expect, vi, beforeEach } from 'vitest';
// Mock auth module
vi.mock('../../auth.js', () => ({
signIn: vi.fn(),
saveSession: vi.fn(),
}));
// Mock daemon to avoid file-system reads
vi.mock('./daemon.js', () => ({
readMeta: vi.fn().mockReturnValue({
host: 'localhost',
port: 14242,
version: '1.0.0',
installedAt: '',
entryPoint: '',
}),
}));
import { runLogin, getGatewayUrl } from './login.js';
import { signIn, saveSession } from '../../auth.js';
import { readMeta } from './daemon.js';
const mockSignIn = vi.mocked(signIn);
const mockSaveSession = vi.mocked(saveSession);
const mockReadMeta = vi.mocked(readMeta);
describe('getGatewayUrl', () => {
it('returns override URL when provided', () => {
expect(getGatewayUrl('http://my-gateway:9999')).toBe('http://my-gateway:9999');
});
it('builds URL from meta.json when no override given', () => {
mockReadMeta.mockReturnValueOnce({
host: 'myhost',
port: 8080,
version: '1.0.0',
installedAt: '',
entryPoint: '',
});
expect(getGatewayUrl()).toBe('http://myhost:8080');
});
it('falls back to default when meta is null', () => {
mockReadMeta.mockReturnValueOnce(null);
expect(getGatewayUrl()).toBe('http://localhost:14242');
});
});
describe('runLogin', () => {
const consoleLogSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
beforeEach(() => {
vi.clearAllMocks();
});
it('calls signIn and saveSession on success', async () => {
const fakeAuth = {
cookie: 'better-auth.session_token=abc',
userId: 'u1',
email: 'admin@test.com',
};
mockSignIn.mockResolvedValueOnce(fakeAuth);
await runLogin({
gatewayUrl: 'http://localhost:14242',
email: 'admin@test.com',
password: 'password123',
});
expect(mockSignIn).toHaveBeenCalledWith(
'http://localhost:14242',
'admin@test.com',
'password123',
);
expect(mockSaveSession).toHaveBeenCalledWith('http://localhost:14242', fakeAuth);
expect(consoleLogSpy).toHaveBeenCalledWith(expect.stringContaining('admin@test.com'));
});
it('propagates signIn errors', async () => {
mockSignIn.mockRejectedValueOnce(new Error('Sign-in failed (401): invalid credentials'));
await expect(
runLogin({ gatewayUrl: 'http://localhost:14242', email: 'bad@test.com', password: 'wrong' }),
).rejects.toThrow('Sign-in failed (401)');
});
});

39
packages/mosaic/src/commands/gateway/login.ts
View File

@@ -1,39 +0,0 @@
import { createInterface } from 'node:readline';
import { signIn, saveSession } from '../../auth.js';
import { readMeta } from './daemon.js';
/**
* Shared login helper used by both `mosaic login` and `mosaic gateway login`.
* Prompts for email/password if not supplied, signs in, and persists the session.
*/
export async function runLogin(opts: {
gatewayUrl: string;
email?: string;
password?: string;
}): Promise<void> {
let email = opts.email;
let password = opts.password;
if (!email || !password) {
const rl = createInterface({ input: process.stdin, output: process.stdout });
const ask = (q: string): Promise<string> => new Promise((resolve) => rl.question(q, resolve));
if (!email) email = await ask('Email: ');
if (!password) password = await ask('Password: ');
rl.close();
}
const auth = await signIn(opts.gatewayUrl, email, password);
saveSession(opts.gatewayUrl, auth);
console.log(`Signed in as ${auth.email} (${opts.gatewayUrl})`);
}
/**
* Derive the gateway base URL from meta.json with a fallback.
*/
export function getGatewayUrl(overrideUrl?: string): string {
if (overrideUrl) return overrideUrl;
const meta = readMeta();
if (meta) return `http://${meta.host}:${meta.port.toString()}`;
return 'http://localhost:14242';
}

176
packages/mosaic/src/commands/gateway/recover-token.spec.ts
View File

@@ -1,176 +0,0 @@
import { describe, it, expect, vi, beforeEach } from 'vitest';
// ─── Mocks ──────────────────────────────────────────────────────────────────
vi.mock('../../auth.js', () => ({
loadSession: vi.fn(),
validateSession: vi.fn(),
signIn: vi.fn(),
saveSession: vi.fn(),
}));
vi.mock('./daemon.js', () => ({
readMeta: vi.fn(),
writeMeta: vi.fn(),
}));
vi.mock('./login.js', () => ({
getGatewayUrl: vi.fn().mockReturnValue('http://localhost:14242'),
}));
// Mock readline so tests don't block on stdin
vi.mock('node:readline', () => ({
createInterface: vi.fn().mockReturnValue({
question: vi.fn((_q: string, cb: (a: string) => void) => cb('test-input')),
close: vi.fn(),
}),
}));
const mockFetch = vi.fn();
vi.stubGlobal('fetch', mockFetch);
import { runRecoverToken, ensureSession } from './token-ops.js';
import { loadSession, validateSession, signIn, saveSession } from '../../auth.js';
import { readMeta, writeMeta } from './daemon.js';
const mockLoadSession = vi.mocked(loadSession);
const mockValidateSession = vi.mocked(validateSession);
const mockSignIn = vi.mocked(signIn);
const mockSaveSession = vi.mocked(saveSession);
const mockReadMeta = vi.mocked(readMeta);
const mockWriteMeta = vi.mocked(writeMeta);
const baseUrl = 'http://localhost:14242';
const fakeCookie = 'better-auth.session_token=sess123';
const fakeToken = {
id: 'tok-1',
label: 'CLI recovery token (2026-04-04 12:00)',
plaintext: 'abcdef1234567890',
};
const fakeMeta = {
version: '1.0.0',
installedAt: '',
entryPoint: '',
host: 'localhost',
port: 14242,
};
describe('ensureSession', () => {
beforeEach(() => {
vi.clearAllMocks();
vi.spyOn(console, 'log').mockImplementation(() => {});
});
it('returns cookie from stored session when valid', async () => {
mockLoadSession.mockReturnValueOnce({ cookie: fakeCookie, userId: 'u1', email: 'a@b.com' });
mockValidateSession.mockResolvedValueOnce(true);
const cookie = await ensureSession(baseUrl);
expect(cookie).toBe(fakeCookie);
expect(mockSignIn).not.toHaveBeenCalled();
});
it('prompts for credentials and signs in when stored session is invalid', async () => {
mockLoadSession.mockReturnValueOnce({ cookie: 'old-cookie', userId: 'u1', email: 'a@b.com' });
mockValidateSession.mockResolvedValueOnce(false);
const newAuth = { cookie: fakeCookie, userId: 'u2', email: 'a@b.com' };
mockSignIn.mockResolvedValueOnce(newAuth);
const cookie = await ensureSession(baseUrl);
expect(cookie).toBe(fakeCookie);
expect(mockSaveSession).toHaveBeenCalledWith(baseUrl, newAuth);
});
it('prompts for credentials when no session exists', async () => {
mockLoadSession.mockReturnValueOnce(null);
const newAuth = { cookie: fakeCookie, userId: 'u2', email: 'a@b.com' };
mockSignIn.mockResolvedValueOnce(newAuth);
const cookie = await ensureSession(baseUrl);
expect(cookie).toBe(fakeCookie);
expect(mockSignIn).toHaveBeenCalled();
});
it('exits non-zero when signIn fails', async () => {
mockLoadSession.mockReturnValueOnce(null);
mockSignIn.mockRejectedValueOnce(new Error('Sign-in failed (401): bad creds'));
const processExitSpy = vi
.spyOn(process, 'exit')
.mockImplementation((_code?: number | string | null | undefined) => {
throw new Error(`process.exit(${String(_code)})`);
});
const consoleErrorSpy = vi.spyOn(console, 'error').mockImplementation(() => {});
await expect(ensureSession(baseUrl)).rejects.toThrow('process.exit(2)');
expect(processExitSpy).toHaveBeenCalledWith(2);
processExitSpy.mockRestore();
consoleErrorSpy.mockRestore();
});
});
describe('runRecoverToken', () => {
beforeEach(() => {
vi.clearAllMocks();
vi.spyOn(console, 'log').mockImplementation(() => {});
vi.spyOn(console, 'error').mockImplementation(() => {});
});
it('prompts for login, mints a token, and persists it when no session exists', async () => {
mockLoadSession.mockReturnValueOnce(null);
const newAuth = { cookie: fakeCookie, userId: 'u2', email: 'admin@test.com' };
mockSignIn.mockResolvedValueOnce(newAuth);
mockReadMeta.mockReturnValue(fakeMeta);
mockFetch.mockResolvedValueOnce({
ok: true,
status: 200,
json: async () => fakeToken,
});
await runRecoverToken();
expect(mockSignIn).toHaveBeenCalled();
expect(mockFetch).toHaveBeenCalledWith(
`${baseUrl}/api/admin/tokens`,
expect.objectContaining({ method: 'POST' }),
);
expect(mockWriteMeta).toHaveBeenCalledWith(
expect.objectContaining({ adminToken: fakeToken.plaintext }),
);
});
it('skips login when a valid session exists and mints a recovery token', async () => {
mockLoadSession.mockReturnValueOnce({ cookie: fakeCookie, userId: 'u1', email: 'a@b.com' });
mockValidateSession.mockResolvedValueOnce(true);
mockReadMeta.mockReturnValue(fakeMeta);
mockFetch.mockResolvedValueOnce({
ok: true,
status: 200,
json: async () => fakeToken,
});
await runRecoverToken();
expect(mockSignIn).not.toHaveBeenCalled();
expect(mockWriteMeta).toHaveBeenCalledWith(
expect.objectContaining({ adminToken: fakeToken.plaintext }),
);
});
it('uses label containing "recovery token"', async () => {
mockLoadSession.mockReturnValueOnce({ cookie: fakeCookie, userId: 'u1', email: 'a@b.com' });
mockValidateSession.mockResolvedValueOnce(true);
mockReadMeta.mockReturnValue(fakeMeta);
mockFetch.mockResolvedValueOnce({
ok: true,
status: 200,
json: async () => fakeToken,
});
await runRecoverToken();
const call = mockFetch.mock.calls[0] as [string, RequestInit];
const body = JSON.parse(call[1].body as string) as { label: string };
expect(body.label).toMatch(/CLI recovery token/);
});
});

205
packages/mosaic/src/commands/gateway/rotate-token.spec.ts
View File

@@ -1,205 +0,0 @@
import { describe, it, expect, vi, beforeEach } from 'vitest';
// ─── Mocks ──────────────────────────────────────────────────────────────────
vi.mock('../../auth.js', () => ({
loadSession: vi.fn(),
validateSession: vi.fn(),
signIn: vi.fn(),
saveSession: vi.fn(),
}));
vi.mock('./daemon.js', () => ({
readMeta: vi.fn(),
writeMeta: vi.fn(),
}));
vi.mock('./login.js', () => ({
getGatewayUrl: vi.fn().mockReturnValue('http://localhost:14242'),
}));
// Mock global fetch
const mockFetch = vi.fn();
vi.stubGlobal('fetch', mockFetch);
import { runRotateToken, mintAdminToken, persistToken } from './token-ops.js';
import { loadSession, validateSession } from '../../auth.js';
import { readMeta, writeMeta } from './daemon.js';
const mockLoadSession = vi.mocked(loadSession);
const mockValidateSession = vi.mocked(validateSession);
const mockReadMeta = vi.mocked(readMeta);
const mockWriteMeta = vi.mocked(writeMeta);
const baseUrl = 'http://localhost:14242';
const fakeCookie = 'better-auth.session_token=sess123';
const fakeToken = {
id: 'tok-1',
label: 'CLI rotated token (2026-04-04)',
plaintext: 'abcdef1234567890',
};
const fakeMeta = {
version: '1.0.0',
installedAt: '',
entryPoint: '',
host: 'localhost',
port: 14242,
};
describe('mintAdminToken', () => {
beforeEach(() => {
vi.clearAllMocks();
});
it('calls the admin tokens endpoint with the session cookie and returns the token', async () => {
mockFetch.mockResolvedValueOnce({
ok: true,
status: 200,
json: async () => fakeToken,
});
const result = await mintAdminToken(baseUrl, fakeCookie, fakeToken.label);
expect(mockFetch).toHaveBeenCalledWith(
`${baseUrl}/api/admin/tokens`,
expect.objectContaining({
method: 'POST',
headers: expect.objectContaining({ Cookie: fakeCookie }),
}),
);
expect(result).toEqual(fakeToken);
});
it('exits 2 on 401 from the server', async () => {
mockFetch.mockResolvedValueOnce({ ok: false, status: 401, text: async () => 'Unauthorized' });
const processExitSpy = vi
.spyOn(process, 'exit')
.mockImplementation((_code?: number | string | null | undefined) => {
throw new Error(`process.exit(${String(_code)})`);
});
await expect(mintAdminToken(baseUrl, fakeCookie, 'label')).rejects.toThrow('process.exit(2)');
expect(processExitSpy).toHaveBeenCalledWith(2);
processExitSpy.mockRestore();
});
it('exits 2 on 403 from the server', async () => {
mockFetch.mockResolvedValueOnce({ ok: false, status: 403, text: async () => 'Forbidden' });
const processExitSpy = vi
.spyOn(process, 'exit')
.mockImplementation((_code?: number | string | null | undefined) => {
throw new Error(`process.exit(${String(_code)})`);
});
await expect(mintAdminToken(baseUrl, fakeCookie, 'label')).rejects.toThrow('process.exit(2)');
expect(processExitSpy).toHaveBeenCalledWith(2);
processExitSpy.mockRestore();
});
it('exits 3 on other non-ok status', async () => {
mockFetch.mockResolvedValueOnce({ ok: false, status: 500, text: async () => 'Internal Error' });
const processExitSpy = vi
.spyOn(process, 'exit')
.mockImplementation((_code?: number | string | null | undefined) => {
throw new Error(`process.exit(${String(_code)})`);
});
await expect(mintAdminToken(baseUrl, fakeCookie, 'label')).rejects.toThrow('process.exit(3)');
expect(processExitSpy).toHaveBeenCalledWith(3);
processExitSpy.mockRestore();
});
it('exits 1 on network error', async () => {
mockFetch.mockRejectedValueOnce(new Error('connection refused'));
const processExitSpy = vi
.spyOn(process, 'exit')
.mockImplementation((_code?: number | string | null | undefined) => {
throw new Error(`process.exit(${String(_code)})`);
});
await expect(mintAdminToken(baseUrl, fakeCookie, 'label')).rejects.toThrow('process.exit(1)');
expect(processExitSpy).toHaveBeenCalledWith(1);
processExitSpy.mockRestore();
});
});
describe('persistToken', () => {
beforeEach(() => {
vi.clearAllMocks();
});
it('writes the new token to meta.json', () => {
mockReadMeta.mockReturnValueOnce(fakeMeta);
const consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
persistToken(baseUrl, fakeToken);
expect(mockWriteMeta).toHaveBeenCalledWith(
expect.objectContaining({ adminToken: fakeToken.plaintext }),
);
consoleSpy.mockRestore();
});
it('prints a masked preview of the token', () => {
mockReadMeta.mockReturnValueOnce(fakeMeta);
const consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
persistToken(baseUrl, fakeToken);
const allOutput = consoleSpy.mock.calls.map((c) => c.join(' ')).join('\n');
expect(allOutput).toContain('abcdef12...');
consoleSpy.mockRestore();
});
});
describe('runRotateToken', () => {
beforeEach(() => {
vi.clearAllMocks();
vi.spyOn(console, 'error').mockImplementation(() => {});
vi.spyOn(console, 'log').mockImplementation(() => {});
});
it('exits 2 when there is no stored session', async () => {
mockLoadSession.mockReturnValueOnce(null);
const processExitSpy = vi
.spyOn(process, 'exit')
.mockImplementation((_code?: number | string | null | undefined) => {
throw new Error(`process.exit(${String(_code)})`);
});
await expect(runRotateToken()).rejects.toThrow('process.exit(2)');
expect(processExitSpy).toHaveBeenCalledWith(2);
processExitSpy.mockRestore();
});
it('exits 2 when session is invalid', async () => {
mockLoadSession.mockReturnValueOnce({ cookie: fakeCookie, userId: 'u1', email: 'a@b.com' });
mockValidateSession.mockResolvedValueOnce(false);
const processExitSpy = vi
.spyOn(process, 'exit')
.mockImplementation((_code?: number | string | null | undefined) => {
throw new Error(`process.exit(${String(_code)})`);
});
await expect(runRotateToken()).rejects.toThrow('process.exit(2)');
expect(processExitSpy).toHaveBeenCalledWith(2);
processExitSpy.mockRestore();
});
it('mints and persists a new token when session is valid', async () => {
mockLoadSession.mockReturnValueOnce({ cookie: fakeCookie, userId: 'u1', email: 'a@b.com' });
mockValidateSession.mockResolvedValueOnce(true);
mockReadMeta.mockReturnValue(fakeMeta);
mockFetch.mockResolvedValueOnce({
ok: true,
status: 200,
json: async () => fakeToken,
});
await runRotateToken();
expect(mockWriteMeta).toHaveBeenCalledWith(
expect.objectContaining({ adminToken: fakeToken.plaintext }),
);
});
});

149
packages/mosaic/src/commands/gateway/token-ops.ts
View File

@@ -1,149 +0,0 @@
import { createInterface } from 'node:readline';
import { loadSession, validateSession, signIn, saveSession } from '../../auth.js';
import { readMeta, writeMeta } from './daemon.js';
import { getGatewayUrl } from './login.js';
interface MintedToken {
id: string;
label: string;
plaintext: string;
}
/**
* Call POST /api/admin/tokens with the session cookie and return the minted token.
* Exits the process on network or auth errors.
*/
export async function mintAdminToken(
gatewayUrl: string,
cookie: string,
label: string,
): Promise<MintedToken> {
let res: Response;
try {
res = await fetch(`${gatewayUrl}/api/admin/tokens`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
Cookie: cookie,
Origin: gatewayUrl,
},
body: JSON.stringify({ label, scope: 'admin' }),
});
} catch (err) {
console.error(
`Could not reach gateway at ${gatewayUrl}: ${err instanceof Error ? err.message : String(err)}`,
);
process.exit(1);
}
if (res.status === 401 || res.status === 403) {
console.error(
`Session rejected by the gateway (${res.status.toString()}) — your session may be expired.`,
);
console.error('Run: mosaic gateway login');
process.exit(2);
}
if (!res.ok) {
const body = await res.text().catch(() => '');
console.error(
`Gateway rejected token creation (${res.status.toString()}): ${body.slice(0, 200)}`,
);
process.exit(3);
}
const data = (await res.json()) as { id: string; label: string; plaintext: string };
return { id: data.id, label: data.label, plaintext: data.plaintext };
}
/**
* Persist the new token into meta.json and print the confirmation banner.
*/
export function persistToken(gatewayUrl: string, minted: MintedToken): void {
const meta = readMeta() ?? {
version: 'unknown',
installedAt: new Date().toISOString(),
entryPoint: '',
host: new URL(gatewayUrl).hostname,
port: parseInt(new URL(gatewayUrl).port || '14242', 10),
};
writeMeta({ ...meta, adminToken: minted.plaintext });
const preview = `${minted.plaintext.slice(0, 8)}...`;
console.log();
console.log(`Token minted: ${minted.label}`);
console.log(`Preview: ${preview}`);
console.log('Token saved to meta.json. Use it with admin endpoints.');
}
/**
* Require a valid session for the given gateway URL.
* Returns the session cookie or exits if not authenticated.
*/
export async function requireSession(gatewayUrl: string): Promise<string> {
const session = loadSession(gatewayUrl);
if (session) {
const valid = await validateSession(gatewayUrl, session.cookie);
if (valid) return session.cookie;
}
console.error('Not signed in or session expired.');
console.error('Run: mosaic gateway login');
process.exit(2);
}
/**
* Ensure a valid session for the gateway, prompting for credentials if needed.
* On sign-in failure, prints the error and exits non-zero.
* Returns the session cookie.
*/
export async function ensureSession(gatewayUrl: string): Promise<string> {
// Try the stored session first
const session = loadSession(gatewayUrl);
if (session) {
const valid = await validateSession(gatewayUrl, session.cookie);
if (valid) return session.cookie;
console.log('Stored session is invalid or expired. Please sign in again.');
} else {
console.log(`No session found for ${gatewayUrl}. Please sign in.`);
}
// Prompt for credentials
const rl = createInterface({ input: process.stdin, output: process.stdout });
const ask = (q: string): Promise<string> => new Promise((resolve) => rl.question(q, resolve));
const email = (await ask('Email: ')).trim();
const password = (await ask('Password: ')).trim();
rl.close();
const auth = await signIn(gatewayUrl, email, password).catch((err: unknown) => {
console.error(err instanceof Error ? err.message : String(err));
process.exit(2);
});
saveSession(gatewayUrl, auth);
console.log(`Signed in as ${auth.email}`);
return auth.cookie;
}
/**
* `mosaic gateway config rotate-token` — requires an existing valid session.
*/
export async function runRotateToken(gatewayUrl?: string): Promise<void> {
const url = getGatewayUrl(gatewayUrl);
const cookie = await requireSession(url);
const label = `CLI rotated token (${new Date().toISOString().slice(0, 10)})`;
const minted = await mintAdminToken(url, cookie, label);
persistToken(url, minted);
}
/**
* `mosaic gateway config recover-token` — prompts for login if no session exists.
*/
export async function runRecoverToken(gatewayUrl?: string): Promise<void> {
const url = getGatewayUrl(gatewayUrl);
const cookie = await ensureSession(url);
const label = `CLI recovery token (${new Date().toISOString().slice(0, 16).replace('T', ' ')})`;
const minted = await mintAdminToken(url, cookie, label);
persistToken(url, minted);
}

3
packages/storage/package.json
View File

@@ -23,8 +23,7 @@
"dependencies": {
"@electric-sql/pglite": "^0.2.17",
"@mosaicstack/db": "workspace:^",
"@mosaicstack/types": "workspace:*",
"commander": "^13.0.0"
"@mosaicstack/types": "workspace:*"
},
"devDependencies": {
"typescript": "^5.8.0",

85
packages/storage/src/cli.spec.ts
View File

@@ -1,85 +0,0 @@
import { describe, it, expect } from 'vitest';
import { Command } from 'commander';
import { registerStorageCommand } from './cli.js';
describe('registerStorageCommand', () => {
function buildProgram(): Command {
const program = new Command();
program.exitOverride(); // prevent process.exit in tests
registerStorageCommand(program);
return program;
}
it('registers a "storage" command on the parent', () => {
const program = buildProgram();
const storageCmd = program.commands.find((c) => c.name() === 'storage');
expect(storageCmd).toBeDefined();
});
it('registers "storage status" subcommand', () => {
const program = buildProgram();
const storageCmd = program.commands.find((c) => c.name() === 'storage')!;
const statusCmd = storageCmd.commands.find((c) => c.name() === 'status');
expect(statusCmd).toBeDefined();
});
it('registers "storage tier" subcommand group', () => {
const program = buildProgram();
const storageCmd = program.commands.find((c) => c.name() === 'storage')!;
const tierCmd = storageCmd.commands.find((c) => c.name() === 'tier');
expect(tierCmd).toBeDefined();
});
it('registers "storage tier show" subcommand', () => {
const program = buildProgram();
const storageCmd = program.commands.find((c) => c.name() === 'storage')!;
const tierCmd = storageCmd.commands.find((c) => c.name() === 'tier')!;
const showCmd = tierCmd.commands.find((c) => c.name() === 'show');
expect(showCmd).toBeDefined();
});
it('registers "storage tier switch" subcommand', () => {
const program = buildProgram();
const storageCmd = program.commands.find((c) => c.name() === 'storage')!;
const tierCmd = storageCmd.commands.find((c) => c.name() === 'tier')!;
const switchCmd = tierCmd.commands.find((c) => c.name() === 'switch');
expect(switchCmd).toBeDefined();
});
it('registers "storage export" subcommand', () => {
const program = buildProgram();
const storageCmd = program.commands.find((c) => c.name() === 'storage')!;
const exportCmd = storageCmd.commands.find((c) => c.name() === 'export');
expect(exportCmd).toBeDefined();
});
it('registers "storage import" subcommand', () => {
const program = buildProgram();
const storageCmd = program.commands.find((c) => c.name() === 'storage')!;
const importCmd = storageCmd.commands.find((c) => c.name() === 'import');
expect(importCmd).toBeDefined();
});
it('registers "storage migrate" subcommand', () => {
const program = buildProgram();
const storageCmd = program.commands.find((c) => c.name() === 'storage')!;
const migrateCmd = storageCmd.commands.find((c) => c.name() === 'migrate');
expect(migrateCmd).toBeDefined();
});
it('has all required subcommands in a single assertion', () => {
const program = buildProgram();
const storageCmd = program.commands.find((c) => c.name() === 'storage')!;
const topLevel = storageCmd.commands.map((c) => c.name());
expect(topLevel).toContain('status');
expect(topLevel).toContain('tier');
expect(topLevel).toContain('export');
expect(topLevel).toContain('import');
expect(topLevel).toContain('migrate');
const tierCmd = storageCmd.commands.find((c) => c.name() === 'tier')!;
const tierSubcmds = tierCmd.commands.map((c) => c.name());
expect(tierSubcmds).toContain('show');
expect(tierSubcmds).toContain('switch');
});
});

256
packages/storage/src/cli.ts
View File

@@ -1,256 +0,0 @@
import type { Command } from 'commander';
/**
* Reads the DATABASE_URL environment variable and redacts the password portion.
*/
function redactedConnectionString(): string | null {
const url = process.env['DATABASE_URL'];
if (!url) return null;
try {
const parsed = new URL(url);
if (parsed.password) {
parsed.password = '***';
}
return parsed.toString();
} catch {
// Not a valid URL — redact anything that looks like :password@
return url.replace(/:([^@/]+)@/, ':***@');
}
}
/**
* Determine the active storage tier from the environment.
* Looks at DATABASE_URL; if absent or set to a pglite path, treats tier as pglite.
*/
function activeTier(): 'postgres' | 'pglite' {
const url = process.env['DATABASE_URL'];
if (url && url.startsWith('postgres')) return 'postgres';
return 'pglite';
}
/**
* Return a human-readable config source description.
*/
function configSource(): string {
if (process.env['DATABASE_URL']) return 'env:DATABASE_URL';
const pgliteDir = process.env['PGLITE_DATA_DIR'];
if (pgliteDir) return `env:PGLITE_DATA_DIR (${pgliteDir})`;
return 'default (no DATABASE_URL set)';
}
/**
* Register storage subcommands on an existing Commander program.
* Follows the registerQualityRails pattern — uses the caller's Command
* instance to avoid cross-package Commander version mismatches.
*/
export function registerStorageCommand(parent: Command): void {
const storage = parent
.command('storage')
.description('Inspect and manage Mosaic storage configuration');
// ── storage status ───────────────────────────────────────────────────────
storage
.command('status')
.description('Show the configured storage tier and whether the adapter is reachable')
.action(async () => {
const tier = activeTier();
const source = configSource();
const connStr = tier === 'postgres' ? redactedConnectionString() : null;
console.log(`[storage] tier: ${tier}`);
console.log(`[storage] config source: ${source}`);
if (tier === 'postgres' && connStr) {
console.log(`[storage] connection: ${connStr}`);
try {
const { createDb, sql } = await import('@mosaicstack/db');
const url = process.env['DATABASE_URL'] ?? '';
const handle = createDb(url);
await handle.db.execute(sql`SELECT 1`);
await handle.close();
console.log('[storage] reachable: yes');
} catch (err) {
console.log(
`[storage] reachable: no (${err instanceof Error ? err.message : String(err)})`,
);
}
} else {
const dataDir = process.env['PGLITE_DATA_DIR'] ?? ':memory:';
console.log(`[storage] data dir: ${dataDir}`);
console.log('[storage] reachable: pglite is always local — no network check needed');
}
});
// ── storage tier ─────────────────────────────────────────────────────────
const tier = storage.command('tier').description('Inspect or switch the storage tier');
tier
.command('show')
.description('Print the active storage tier and its config source')
.action(() => {
const activeTierValue = activeTier();
const source = configSource();
console.log(`[storage] active tier: ${activeTierValue}`);
console.log(`[storage] config source: ${source}`);
});
tier
.command('switch <tier>')
.description('Switch storage tier between pglite and postgres')
.action((newTier: string) => {
const validTiers = ['pglite', 'postgres'];
if (!validTiers.includes(newTier)) {
console.error(
`[storage] unknown tier: ${newTier}. Valid options: ${validTiers.join(', ')}`,
);
process.exitCode = 1;
return;
}
console.log(`[storage] tier switch requested: ${newTier}`);
console.log('');
console.log('Mosaic storage tier is controlled by environment variables.');
console.log('Automatic config-file mutation is not supported — set the variable manually.');
console.log('');
if (newTier === 'postgres') {
console.log('To switch to postgres:');
console.log(' 1. Set DATABASE_URL in your environment or .env file:');
console.log(' export DATABASE_URL="postgresql://user:pass@localhost:5432/mosaic"');
console.log(' 2. Run migrations:');
console.log(' pnpm --filter @mosaicstack/db db:migrate');
console.log(' 3. Restart the gateway.');
} else {
console.log('To switch to pglite:');
console.log(' 1. Unset DATABASE_URL (or set it to a pglite path):');
console.log(' unset DATABASE_URL');
console.log(' # optionally: export PGLITE_DATA_DIR=/path/to/pglite/data');
console.log(' 2. Restart the gateway.');
console.log(' Note: pglite uses an in-process database — no migrations needed.');
}
});
// ── storage export ───────────────────────────────────────────────────────
storage
.command('export <path>')
.description('Dump the active storage contents to a file')
.action((outputPath: string) => {
const currentTier = activeTier();
if (currentTier === 'postgres') {
const redacted = redactedConnectionString() ?? '<DATABASE_URL>';
console.log('[storage] export for postgres tier');
console.log('');
console.log('postgres export is not yet wired in the CLI — use pg_dump directly:');
console.log('');
console.log(` pg_dump "${redacted}" > ${outputPath}`);
console.log('');
console.log('Or with Docker:');
console.log(
` docker exec <postgres-container> pg_dump -U <user> <dbname> > ${outputPath}`,
);
process.exitCode = 0;
} else {
const dataDir = process.env['PGLITE_DATA_DIR'];
console.log('[storage] export for pglite tier');
console.log('');
console.log(
'pglite export is not yet wired in the CLI — copy the data directory directly:',
);
console.log('');
if (dataDir) {
console.log(` cp -r ${dataDir} ${outputPath}`);
} else {
console.log(
' PGLITE_DATA_DIR is not set; the database is in-memory and cannot be exported.',
);
console.log(' Set PGLITE_DATA_DIR to a persistent path before running export.');
}
process.exitCode = 0;
}
});
// ── storage import ───────────────────────────────────────────────────────
storage
.command('import <path>')
.description('Restore storage contents from a previously exported file')
.action((inputPath: string) => {
const currentTier = activeTier();
if (currentTier === 'postgres') {
const redacted = redactedConnectionString() ?? '<DATABASE_URL>';
console.log('[storage] import for postgres tier');
console.log('');
console.log('postgres import is not yet wired in the CLI — use psql directly:');
console.log('');
console.log(` psql "${redacted}" < ${inputPath}`);
process.exitCode = 0;
} else {
const dataDir = process.env['PGLITE_DATA_DIR'];
console.log('[storage] import for pglite tier');
console.log('');
console.log(
'pglite import is not yet wired in the CLI — restore the data directory directly:',
);
console.log('');
if (dataDir) {
console.log(` rm -rf ${dataDir} && cp -r ${inputPath} ${dataDir}`);
console.log(' Then restart the gateway.');
} else {
console.log(
' PGLITE_DATA_DIR is not set; set it to a persistent path before running import.',
);
}
process.exitCode = 0;
}
});
// ── storage migrate ──────────────────────────────────────────────────────
storage
.command('migrate')
.description(
'Run database migrations (thin wrapper — delegates to pnpm db:migrate or prints the command)',
)
.option('--run', 'Actually execute the migration command via shell')
.action(async (opts: { run?: boolean }) => {
const currentTier = activeTier();
if (currentTier === 'pglite') {
console.log('[storage] pglite tier detected');
console.log(
'pglite runs schema setup automatically on first connection via adapter.migrate().',
);
console.log('No separate migration step is required.');
return;
}
const migrateCmd = 'pnpm --filter @mosaicstack/db db:migrate';
console.log('[storage] postgres tier detected');
console.log(`Migration command: ${migrateCmd}`);
console.log('');
if (opts.run) {
console.log('Running migrations...');
const { execSync } = await import('node:child_process');
try {
execSync(migrateCmd, { stdio: 'inherit' });
console.log('[storage] migrations complete.');
} catch (err) {
console.error(
`[storage] migration failed: ${err instanceof Error ? err.message : String(err)}`,
);
process.exitCode = 1;
}
} else {
console.log('To run migrations, execute:');
console.log(` ${migrateCmd}`);
console.log('');
console.log('Or pass --run to have this command execute it for you.');
}
});
}

1
packages/storage/src/index.ts
View File

@@ -2,7 +2,6 @@ export type { StorageAdapter, StorageConfig } from './types.js';
export { createStorageAdapter, registerStorageAdapter } from './factory.js';
export { PostgresAdapter } from './adapters/postgres.js';
export { PgliteAdapter } from './adapters/pglite.js';
export { registerStorageCommand } from './cli.js';
import { registerStorageAdapter } from './factory.js';
import { PostgresAdapter } from './adapters/postgres.js';

18
pnpm-lock.yaml generated
View File

@@ -407,9 +407,6 @@ importers:
'@mosaicstack/db':
specifier: workspace:*
version: link:../db
commander:
specifier: ^13.0.0
version: 13.1.0
drizzle-orm:
specifier: ^0.45.1
version: 0.45.1(@electric-sql/pglite@0.2.17)(@opentelemetry/api@1.9.0)(@types/better-sqlite3@7.6.13)(@types/pg@8.15.6)(better-sqlite3@12.8.0)(kysely@0.28.11)(postgres@3.4.8)
@@ -447,9 +444,6 @@ importers:
'@mosaicstack/types':
specifier: workspace:*
version: link:../types
commander:
specifier: ^13.0.0
version: 13.1.0
drizzle-orm:
specifier: ^0.45.1
version: 0.45.1(@electric-sql/pglite@0.2.17)(@opentelemetry/api@1.9.0)(@types/better-sqlite3@7.6.13)(@types/pg@8.15.6)(better-sqlite3@12.8.0)(kysely@0.28.11)(postgres@3.4.8)
@@ -475,15 +469,9 @@ importers:
'@mosaicstack/forge':
specifier: workspace:*
version: link:../forge
'@mosaicstack/log':
specifier: workspace:*
version: link:../log
'@mosaicstack/macp':
specifier: workspace:*
version: link:../macp
'@mosaicstack/memory':
specifier: workspace:*
version: link:../memory
'@mosaicstack/prdy':
specifier: workspace:*
version: link:../prdy
@@ -493,9 +481,6 @@ importers:
'@mosaicstack/queue':
specifier: workspace:*
version: link:../queue
'@mosaicstack/storage':
specifier: workspace:*
version: link:../storage
'@mosaicstack/types':
specifier: workspace:*
version: link:../types
@@ -617,9 +602,6 @@ importers:
'@mosaicstack/types':
specifier: workspace:*
version: link:../types
commander:
specifier: ^13.0.0
version: 13.1.0
devDependencies:
typescript:
specifier: ^5.8.0