diff --git a/readme.md b/readme.md index de88c11..5f2029d 100644 --- a/readme.md +++ b/readme.md @@ -1,6 +1,10 @@ # @serve.zone/api -Type-safe API client for Cloudly and the serve.zone control plane. +`@serve.zone/api` is the TypeScript client for Cloudly, the serve.zone control plane. It wraps the shared `@serve.zone/interfaces` contracts with a `CloudlyApiClient` that can authenticate, open a TypedSocket connection, receive server-pushed events, and call Cloudly management APIs from services, automation, and CLI-style tools. + +## Issue Reporting and Security + +For reporting bugs, issues, or security vulnerabilities, please visit [community.foss.global/](https://community.foss.global/). This is the central community hub for all issue reporting. Developers who sign and comply with our contribution agreement and go through identification can also get a [code.foss.global/](https://code.foss.global/) account to submit Pull Requests directly. ## Install @@ -8,27 +12,175 @@ Type-safe API client for Cloudly and the serve.zone control plane. pnpm add @serve.zone/api ``` -## Usage +## What It Provides + +The package exports one public entry point: + +```typescript +import { CloudlyApiClient } from '@serve.zone/api'; +``` + +`CloudlyApiClient` provides: + +- A TypedSocket client connected to Cloudly. +- A local `TypedRouter` for Cloudly-to-client callbacks. +- Identity helpers for token-based machine clients and username/password admin login. +- Domain-focused API groups for clusters, services, images, registries, secrets, platform bindings, backups, settings, tasks, domains, DNS, and deployments. +- RxJS subjects for pushed cluster config updates and server actions. + +## Quick Start ```typescript import { CloudlyApiClient } from '@serve.zone/api'; -const client = new CloudlyApiClient({ - registerAs: 'api', +const cloudly = new CloudlyApiClient({ + registerAs: 'cli', cloudlyUrl: 'https://cloudly.example.com:443', }); -await client.start(); +await cloudly.start(); -const identity = await client.getIdentityByToken('service-token', { +await cloudly.loginWithUsernameAndPassword( + process.env.CLOUDLY_USERNAME!, + process.env.CLOUDLY_PASSWORD! +); + +const services = await cloudly.services.getServices(); + +for (const service of services) { + console.log(service.id, service.data.name, service.data.imageVersion); +} +``` + +`cloudlyUrl` defaults to `process.env.CLOUDLY_URL` and then `https://cloudly.layer.io:443` when not supplied. + +## Authentication + +Use `loginWithUsernameAndPassword()` for human/admin-style sessions. It talks to Cloudly's HTTP TypedRequest endpoint and stores the returned identity on the client. + +```typescript +const identity = await cloudly.loginWithUsernameAndPassword('admin@example.com', 'password'); +console.log(identity.role); +``` + +Use `getIdentityByToken()` for machine clients that already have a Cloudly token or jump code. This path uses the active TypedSocket connection, so call `start()` first. + +```typescript +const identity = await cloudly.getIdentityByToken(process.env.CLOUDLY_TOKEN!, { tagConnection: true, statefullIdentity: true, }); - -const clusterConfig = await client.getClusterConfigFromCloudlyByIdentity(identity); ``` -## Notes +Most API groups use `cloudly.identity` automatically. Pass identities explicitly only for methods that expose an identity argument. -- The client uses TypedSocket for WebSocket RPC and TypedRequest for HTTP fallback in selected methods. -- Shared contracts are provided by `@serve.zone/interfaces`. +## API Groups + +The client exposes focused groups instead of one large method list: + +| Group | Purpose | +| --- | --- | +| `cluster` | Create, list, fetch, and update Cloudly clusters. | +| `services` | Create, list, fetch, update, delete, and inspect service registry targets. | +| `deployments` | List, create, update, restart, scale, and delete deployment records. | +| `image` | Create image records, list images, and push or pull image versions. | +| `externalRegistry` | Manage external container registries and verify registry access. | +| `secretbundle` and `secretgroup` | Manage service-owned and shared secret groupings. | +| `platform` | Read capabilities, provider configs, desired state, and service bindings. | +| `backup` | Create, list, fetch, and restore service backups. | +| `settings` | Read and update masked Cloudly settings and test provider connectivity. | +| `tasks` | List tasks, inspect executions, trigger jobs, and cancel executions. | +| `domains` and `dns` | Manage domain inventory, verification, DNS entries, and zones. | + +Example service workflow: + +```typescript +const service = await cloudly.services.createService({ + name: 'api', + description: 'Public API service', + imageId: 'image-api', + imageVersion: '1.0.0', + environment: { + NODE_ENV: 'production', + }, + secretBundleId: 'secretbundle-api', + serviceCategory: 'workload', + deploymentStrategy: 'limited-replicas', + scaleFactor: 2, + balancingStrategy: 'round-robin', + ports: { + web: 3000, + }, + domains: [ + { + name: 'api', + protocol: 'https', + }, + ], + deploymentIds: [], +}); + +const registryTarget = await service.getRegistryTarget('latest'); +``` + +Example platform-binding workflow: + +```typescript +const capabilities = await cloudly.platform.getPlatformCapabilities(); +const emailBindings = await cloudly.platform.getPlatformBindings({ + capability: 'email', +}); + +console.log(capabilities.capabilities, emailBindings.bindings); +``` + +## Server-Pushed Events + +Cloudly can call back into connected clients through the client's local `TypedRouter`. Two callback streams are exposed as RxJS subjects: + +```typescript +cloudly.configUpdateSubject.subscribe((configUpdate) => { + console.log('received cluster config update', configUpdate.configData.id); +}); + +cloudly.serverActionSubject.subscribe((serverAction) => { + console.log('received server action', serverAction.actionName); +}); +``` + +This is why long-running clients such as Coreflow register over TypedSocket instead of using one-off HTTP requests only. + +## Transport Notes + +The client is WebSocket-first. Some newer management methods include HTTP TypedRequest fallback through `/typedrequest`, but many model methods still require an active `typedsocketClient`. For reliable behavior, call `start()` before using API groups unless the method explicitly documents HTTP-only behavior, such as `loginWithUsernameAndPassword()`. + +## Development + +```bash +pnpm install +pnpm run build +pnpm test +``` + +The package is authored as ESM TypeScript and built with `tsbuild tsfolders --allowimplicitany`. + +## License and Legal Information + +This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](./license) file. + +**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file. + +### Trademarks + +This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH or third parties, and are not included within the scope of the MIT license granted herein. + +Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines or the guidelines of the respective third-party owners, and any usage must be approved in writing. Third-party trademarks used herein are the property of their respective owners and used only in a descriptive manner, e.g. for an implementation of an API or similar. + +### Company Information + +Task Venture Capital GmbH +Registered at District Court Bremen HRB 35230 HB, Germany + +For any legal inquiries or further information, please contact us via email at hello@task.vc. + +By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.