Add env command for managing environments

- Add env list/get/create/delete/set/unset commands
- Add Environment types to backend
- Add migration for unique (user_id, name) constraint on environments

Author: max-lt

README.md

@@ -78,6 +78,33 @@ ow workers rm my-api
 
 Supported file types: `.js`, `.ts`, `.wasm`
 
+### Environments
+
+Manage environment variables and secrets.
+
+```bash
+# List environments
+ow env list
+
+# Get environment details
+ow env get production
+
+# Create an environment
+ow env create production -d "Production environment"
+
+# Set a variable
+ow env set production API_URL "https://api.example.com"
+
+# Set a secret (value will be masked)
+ow env set production API_KEY "secret-key" --secret
+
+# Remove a variable
+ow env unset production API_URL
+
+# Delete an environment
+ow env delete production
+```
+
 ### Database Operations
 
 Requires a `db` type alias.

migrations/19_environment_unique_name.sql

@@ -0,0 +1,2 @@
+-- Add unique constraint on environment name per user
+ALTER TABLE environments ADD CONSTRAINT environments_user_name_unique UNIQUE (user_id, name);

src/backend/api.rs

@@ -1,4 +1,7 @@
-use super::{Backend, BackendError, CreateWorkerInput, DeployInput, Deployment, Worker};
+use super::{
+    Backend, BackendError, CreateEnvironmentInput, CreateWorkerInput, DeployInput, Deployment,
+    Environment, UpdateEnvironmentInput, Worker,
+};
 use reqwest::Client;
 
 pub struct ApiBackend {
@@ -154,4 +157,128 @@ impl Backend for ApiBackend {
         let deployment: Deployment = response.json().await?;
         Ok(deployment)
     }
+
+    async fn list_environments(&self) -> Result<Vec<Environment>, BackendError> {
+        let response = self
+            .request(reqwest::Method::GET, "/environments")
+            .send()
+            .await?;
+
+        if response.status() == reqwest::StatusCode::UNAUTHORIZED {
+            return Err(BackendError::Unauthorized);
+        }
+
+        if !response.status().is_success() {
+            let text = response.text().await.unwrap_or_default();
+            return Err(BackendError::Api(text));
+        }
+
+        let environments: Vec<Environment> = response.json().await?;
+        Ok(environments)
+    }
+
+    async fn get_environment(&self, name: &str) -> Result<Environment, BackendError> {
+        let response = self
+            .request(reqwest::Method::GET, &format!("/environments/{}", name))
+            .send()
+            .await?;
+
+        if response.status() == reqwest::StatusCode::NOT_FOUND {
+            return Err(BackendError::NotFound(format!(
+                "Environment '{}' not found",
+                name
+            )));
+        }
+
+        if response.status() == reqwest::StatusCode::UNAUTHORIZED {
+            return Err(BackendError::Unauthorized);
+        }
+
+        if !response.status().is_success() {
+            let text = response.text().await.unwrap_or_default();
+            return Err(BackendError::Api(text));
+        }
+
+        let environment: Environment = response.json().await?;
+        Ok(environment)
+    }
+
+    async fn create_environment(
+        &self,
+        input: CreateEnvironmentInput,
+    ) -> Result<Environment, BackendError> {
+        let response = self
+            .request(reqwest::Method::POST, "/environments")
+            .json(&input)
+            .send()
+            .await?;
+
+        if response.status() == reqwest::StatusCode::UNAUTHORIZED {
+            return Err(BackendError::Unauthorized);
+        }
+
+        if !response.status().is_success() {
+            let text = response.text().await.unwrap_or_default();
+            return Err(BackendError::Api(text));
+        }
+
+        let environment: Environment = response.json().await?;
+        Ok(environment)
+    }
+
+    async fn update_environment(
+        &self,
+        name: &str,
+        input: UpdateEnvironmentInput,
+    ) -> Result<Environment, BackendError> {
+        let response = self
+            .request(reqwest::Method::PATCH, &format!("/environments/{}", name))
+            .json(&input)
+            .send()
+            .await?;
+
+        if response.status() == reqwest::StatusCode::NOT_FOUND {
+            return Err(BackendError::NotFound(format!(
+                "Environment '{}' not found",
+                name
+            )));
+        }
+
+        if response.status() == reqwest::StatusCode::UNAUTHORIZED {
+            return Err(BackendError::Unauthorized);
+        }
+
+        if !response.status().is_success() {
+            let text = response.text().await.unwrap_or_default();
+            return Err(BackendError::Api(text));
+        }
+
+        let environment: Environment = response.json().await?;
+        Ok(environment)
+    }
+
+    async fn delete_environment(&self, name: &str) -> Result<(), BackendError> {
+        let response = self
+            .request(reqwest::Method::DELETE, &format!("/environments/{}", name))
+            .send()
+            .await?;
+
+        if response.status() == reqwest::StatusCode::NOT_FOUND {
+            return Err(BackendError::NotFound(format!(
+                "Environment '{}' not found",
+                name
+            )));
+        }
+
+        if response.status() == reqwest::StatusCode::UNAUTHORIZED {
+            return Err(BackendError::Unauthorized);
+        }
+
+        if !response.status().is_success() {
+            let text = response.text().await.unwrap_or_default();
+            return Err(BackendError::Api(text));
+        }
+
+        Ok(())
+    }
 }

src/backend/db.rs

@@ -1,4 +1,7 @@
-use super::{Backend, BackendError, CreateWorkerInput, DeployInput, Deployment, Worker};
+use super::{
+    Backend, BackendError, CreateEnvironmentInput, CreateWorkerInput, DeployInput, Deployment,
+    Environment, UpdateEnvironmentInput, Worker,
+};
 use sha2::{Digest, Sha256};
 use sqlx::{PgPool, Row};
 
@@ -176,4 +179,41 @@ impl Backend for DbBackend {
             message: row.get("message"),
         })
     }
+
+    async fn list_environments(&self) -> Result<Vec<Environment>, BackendError> {
+        Err(BackendError::Api(
+            "Environments require API access. Use an API alias.".to_string(),
+        ))
+    }
+
+    async fn get_environment(&self, _name: &str) -> Result<Environment, BackendError> {
+        Err(BackendError::Api(
+            "Environments require API access. Use an API alias.".to_string(),
+        ))
+    }
+
+    async fn create_environment(
+        &self,
+        _input: CreateEnvironmentInput,
+    ) -> Result<Environment, BackendError> {
+        Err(BackendError::Api(
+            "Environments require API access. Use an API alias.".to_string(),
+        ))
+    }
+
+    async fn update_environment(
+        &self,
+        _name: &str,
+        _input: UpdateEnvironmentInput,
+    ) -> Result<Environment, BackendError> {
+        Err(BackendError::Api(
+            "Environments require API access. Use an API alias.".to_string(),
+        ))
+    }
+
+    async fn delete_environment(&self, _name: &str) -> Result<(), BackendError> {
+        Err(BackendError::Api(
+            "Environments require API access. Use an API alias.".to_string(),
+        ))
+    }
 }

src/backend/mock.rs

@@ -1,4 +1,7 @@
-use super::{Backend, BackendError, CreateWorkerInput, DeployInput, Deployment, Worker};
+use super::{
+    Backend, BackendError, CreateEnvironmentInput, CreateWorkerInput, DeployInput, Deployment,
+    Environment, UpdateEnvironmentInput, Worker,
+};
 use chrono::Utc;
 use sha2::{Digest, Sha256};
 use std::collections::HashMap;
@@ -8,6 +11,7 @@ use std::sync::{Arc, Mutex};
 struct MockState {
     workers: HashMap<String, Worker>,
     deployments: HashMap<String, Vec<Deployment>>,
+    environments: HashMap<String, Environment>,
 }
 
 #[derive(Default, Clone)]
@@ -154,4 +158,80 @@ impl Backend for MockBackend {
 
         Ok(deployment)
     }
+
+    async fn list_environments(&self) -> Result<Vec<Environment>, BackendError> {
+        let state = self.state.lock().unwrap();
+        let mut environments: Vec<Environment> = state.environments.values().cloned().collect();
+        environments.sort_by(|a, b| a.name.cmp(&b.name));
+        Ok(environments)
+    }
+
+    async fn get_environment(&self, name: &str) -> Result<Environment, BackendError> {
+        let state = self.state.lock().unwrap();
+        state
+            .environments
+            .get(name)
+            .cloned()
+            .ok_or_else(|| BackendError::NotFound(format!("Environment '{}' not found", name)))
+    }
+
+    async fn create_environment(
+        &self,
+        input: CreateEnvironmentInput,
+    ) -> Result<Environment, BackendError> {
+        let mut state = self.state.lock().unwrap();
+
+        if state.environments.contains_key(&input.name) {
+            return Err(BackendError::Api(format!(
+                "Environment '{}' already exists",
+                input.name
+            )));
+        }
+
+        let environment = Environment {
+            id: uuid::Uuid::new_v4().to_string(),
+            name: input.name.clone(),
+            description: input.desc,
+            values: vec![],
+            created_at: Utc::now(),
+            updated_at: Utc::now(),
+        };
+
+        state.environments.insert(input.name, environment.clone());
+        Ok(environment)
+    }
+
+    async fn update_environment(
+        &self,
+        name: &str,
+        input: UpdateEnvironmentInput,
+    ) -> Result<Environment, BackendError> {
+        let mut state = self.state.lock().unwrap();
+
+        let environment = state
+            .environments
+            .get_mut(name)
+            .ok_or_else(|| BackendError::NotFound(format!("Environment '{}' not found", name)))?;
+
+        if let Some(new_name) = input.name {
+            environment.name = new_name;
+        }
+
+        environment.updated_at = Utc::now();
+
+        Ok(environment.clone())
+    }
+
+    async fn delete_environment(&self, name: &str) -> Result<(), BackendError> {
+        let mut state = self.state.lock().unwrap();
+
+        if state.environments.remove(name).is_none() {
+            return Err(BackendError::NotFound(format!(
+                "Environment '{}' not found",
+                name
+            )));
+        }
+
+        Ok(())
+    }
 }