refactor: rename cli-v2 → cli, archive legacy cli, plus broker-side grants + auto-migrate
- apps/cli/ is now the canonical CLI (was apps/cli-v2/). - apps/cli/ legacy v0 archived as branch 'legacy-cli-archive' and tag 'cli-v0-legacy-final' before deletion; git history preserves it too. - .github/workflows/release-cli.yml paths updated. - pnpm-lock.yaml regenerated. Broker-side peer-grant enforcement (spec: 2026-04-15-per-peer-capabilities): - 0020_peer-grants.sql adds peer_grants jsonb + GIN index on mesh.member. - handleSend in broker fetches recipient grant maps once per send, drops messages silently when sender lacks the required capability. - POST /cli/mesh/:slug/grants to update from CLI; broker_messages_dropped_by_grant_total metric. - CLI grant/revoke/block now mirror to broker via syncToBroker. Auto-migrate on broker startup: - apps/broker/src/migrate.ts runs drizzle migrate with pg_advisory_lock before the HTTP server binds. Exits non-zero on failure so Coolify healthcheck fails closed. - Dockerfile copies packages/db/migrations into /app/migrations. - postgres 3.4.5 added as direct broker dep. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Alejandro Gutiérrez
59
apps/cli/build.ts
Normal file
59
apps/cli/build.ts
Normal file
@@ -0,0 +1,59 @@
|
||||
import { statSync } from "node:fs";
|
||||
import { gzipSync } from "node:zlib";
|
||||
|
||||
const MAX_GZIPPED_BYTES = 1.2 * 1024 * 1024; // 1.2 MB
|
||||
|
||||
// Inject the version from package.json at build time so VERSION can never
|
||||
// drift from what's published. Bun's `define` is a source-text replacement,
|
||||
// equivalent to `--define` in esbuild / a webpack DefinePlugin.
|
||||
const pkgVersion = ((await Bun.file("package.json").json()) as { version: string }).version;
|
||||
|
||||
const result = await Bun.build({
|
||||
entrypoints: [
|
||||
"src/entrypoints/cli.ts",
|
||||
"src/entrypoints/mcp.ts",
|
||||
],
|
||||
outdir: "dist/entrypoints",
|
||||
target: "node",
|
||||
format: "esm",
|
||||
splitting: false,
|
||||
sourcemap: "external",
|
||||
define: {
|
||||
__CLAUDEMESH_VERSION__: JSON.stringify(pkgVersion),
|
||||
},
|
||||
external: [
|
||||
"libsodium-wrappers",
|
||||
"ws",
|
||||
"@modelcontextprotocol/sdk",
|
||||
],
|
||||
});
|
||||
|
||||
if (!result.success) {
|
||||
console.error("Build failed:");
|
||||
for (const log of result.logs) {
|
||||
console.error(log);
|
||||
}
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
for (const output of result.outputs) {
|
||||
const raw = statSync(output.path).size;
|
||||
const gz = gzipSync(await Bun.file(output.path).arrayBuffer()).byteLength;
|
||||
const label = output.path.replace(process.cwd() + "/", "");
|
||||
console.log(` ${label} ${(raw / 1024).toFixed(0)} KB (${(gz / 1024).toFixed(0)} KB gzipped)`);
|
||||
|
||||
if (gz > MAX_GZIPPED_BYTES) {
|
||||
console.error(`\n ERROR: ${label} exceeds 1.2 MB gzipped ceiling (${(gz / 1024).toFixed(0)} KB)`);
|
||||
process.exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
const { chmodSync, readFileSync, writeFileSync } = await import("node:fs");
|
||||
const cliPath = "dist/entrypoints/cli.js";
|
||||
const cliContent = readFileSync(cliPath, "utf-8");
|
||||
if (!cliContent.startsWith("#!")) {
|
||||
writeFileSync(cliPath, "#!/usr/bin/env node\n" + cliContent);
|
||||
}
|
||||
chmodSync(cliPath, 0o755);
|
||||
|
||||
console.log("\nBuild complete.");
|
||||
Reference in New Issue
Block a user