prvng_core/nulib/lib_provisioning/utils/script-compression.nu

# Script compression utilities for secure transmission
# Compresses template path, variables, and script as a complete auditable unit

# Compress complete workflow data (template + vars + script)
export def compress-workflow [template_path: string, template_vars: record, script: string]: nothing -> record {
    # Create temporary directory
    let timestamp_hash = ((date now | format date "%Y%m%d_%H%M%S") | hash sha256 | str substring 0..8)
    let temp_dir = $"/tmp/workflow_($timestamp_hash)"
    ^mkdir -p $temp_dir

    # 1. Compress template_vars (JSON)
    let vars_file = ($temp_dir + "/vars.json")
    let vars_json = ($template_vars | to json)
    $vars_json | save -f $vars_file
    let vars_original_size = ($vars_json | str length)

    # 2. Compress script
    let script_file = ($temp_dir + "/script.sh")
    $script | save -f $script_file
    let script_original_size = ($script | str length)

    # 3. Create manifest with template_path
    let manifest_file = ($temp_dir + "/manifest.json")
    {
        template_path: $template_path
        timestamp: ((date now) | format date "%Y-%m-%d %H:%M:%S UTC")
    } | to json | save -f $manifest_file

    # 4. Combine all into single archive
    let total_original = ($vars_original_size + $script_original_size)
    let archive_file = ($temp_dir + "/workflow.tar.gz")

    ^tar -czf $archive_file -C $temp_dir manifest.json vars.json script.sh

    # 5. Encode to base64
    let tar_content = (open -r $archive_file)
    let compressed_data = ($tar_content | ^base64)

    # Get compressed size using base64 encoded output (approximation)
    let compressed_size = ($compressed_data | str length)

    # Calculate ratio
    let compression_ratio = ($compressed_size / $total_original)

    # Cleanup
    ^rm -rf $temp_dir

    {
        template_path: $template_path
        script_compressed: $compressed_data
        script_encoding: "tar+gzip+base64"
        original_size: $total_original
        compressed_size: $compressed_size
        compression_ratio: $compression_ratio
    }
}

# Decompress workflow (for verification/testing)
export def decompress-workflow [script_compressed: string]: nothing -> record {
    let timestamp_hash = ((date now | format date "%Y%m%d_%H%M%S") | hash sha256 | str substring 0..8)
    let temp_dir = $"/tmp/workflow_decompress_($timestamp_hash)"
    ^mkdir -p $temp_dir

    # Decode from base64
    let decoded = (echo $script_compressed | ^base64 -d)

    # Extract tar.gz
    echo $decoded | ^tar -xzf - -C $temp_dir

    # Read files
    let manifest = (open ($temp_dir + "/manifest.json"))
    let vars = (open ($temp_dir + "/vars.json"))
    let script = (open -r ($temp_dir + "/script.sh"))

    # Cleanup
    ^rm -rf $temp_dir

    {
        template_path: $manifest.template_path
        template_vars: $vars
        script: $script
        timestamp: $manifest.timestamp
    }
}
feat(core): three-layer DAG, unified component arch, commands-registry cache, Nushell 0.112.2 migration - DAG architecture: `dag show/validate/export` (nulib/main_provisioning/dag.nu), config loader (lib_provisioning/config/loader/dag.nu), taskserv dag-executor. Backed by schemas/lib/dag/.ncl; orchestrator emits NATS events via WorkspaceComposition::into_workflow. See ADR-020, ADR-021. - Unified Component Architecture: components/mod.nu, main_provisioning/ {components,workflow,extensions,ontoref-queries}.nu. Full workflow engine with topological sort and NATS subject emission. Blocks A-H complete (libre-daoshi). - Commands-registry: nulib/commands-registry.ncl (Nickel source, 314 lines) + JSON cache at ~/.cache/provisioning/commands-registry.json rebuilt on source change. cli/provisioning fast-path alias expansion avoids cold Nu startup. ADDING_COMMANDS.md documents new-command workflow. - Platform service manager: service-manager.nu (+573), startup.nu (+611), service-check.nu (+255); autostart/bootstrap/health/target refactored. - Nushell 0.112.2 migration: removed all try/catch and bash redirections; external commands prefixed with ^; type signatures enforced. Driven by scripts/refactor-try-catch{,-simplified}.nu. - TTY stack: removed shlib/-tty.sh; replaced by cli/tty-dispatch.sh, tty-filter.sh, tty-commands.conf. - New domain modules: images/ (golden image lifecycle), workspace/{state,sync}.nu, main_provisioning/{bootstrap,cluster-deploy,fip,state}.nu, commands/{state, build,integrations/auth,utilities/alias}.nu, platform.nu expanded (+874). - Config loader overhaul: loader/core.nu slimmed (-759), cache/core.nu refactored (-454), removed legacy loaders/file_loader.nu (-330). - Thirteen new provisioning-<domain>.nu top-level modules for bash dispatcher. - Tests: test_workspace_state.nu (+351); updates to test_oci_registry, test_services. - README + CHANGELOG updated. 2026-04-17 04:27:33 +01:00			`# Script compression utilities for secure transmission`
			`# Compresses template path, variables, and script as a complete auditable unit`

			`# Compress complete workflow data (template + vars + script)`
			`export def compress-workflow [template_path: string, template_vars: record, script: string]: nothing -> record {`
			`# Create temporary directory`
			`let timestamp_hash = ((date now \| format date "%Y%m%d_%H%M%S") \| hash sha256 \| str substring 0..8)`
			`let temp_dir = $"/tmp/workflow_($timestamp_hash)"`
			`^mkdir -p $temp_dir`

			`# 1. Compress template_vars (JSON)`
			`let vars_file = ($temp_dir + "/vars.json")`
			`let vars_json = ($template_vars \| to json)`
			`$vars_json \| save -f $vars_file`
			`let vars_original_size = ($vars_json \| str length)`

			`# 2. Compress script`
			`let script_file = ($temp_dir + "/script.sh")`
			`$script \| save -f $script_file`
			`let script_original_size = ($script \| str length)`

			`# 3. Create manifest with template_path`
			`let manifest_file = ($temp_dir + "/manifest.json")`
			`{`
			`template_path: $template_path`
			`timestamp: ((date now) \| format date "%Y-%m-%d %H:%M:%S UTC")`
			`} \| to json \| save -f $manifest_file`

			`# 4. Combine all into single archive`
			`let total_original = ($vars_original_size + $script_original_size)`
			`let archive_file = ($temp_dir + "/workflow.tar.gz")`

			`^tar -czf $archive_file -C $temp_dir manifest.json vars.json script.sh`

			`# 5. Encode to base64`
			`let tar_content = (open -r $archive_file)`
			`let compressed_data = ($tar_content \| ^base64)`

			`# Get compressed size using base64 encoded output (approximation)`
			`let compressed_size = ($compressed_data \| str length)`

			`# Calculate ratio`
			`let compression_ratio = ($compressed_size / $total_original)`

			`# Cleanup`
			`^rm -rf $temp_dir`

			`{`
			`template_path: $template_path`
			`script_compressed: $compressed_data`
			`script_encoding: "tar+gzip+base64"`
			`original_size: $total_original`
			`compressed_size: $compressed_size`
			`compression_ratio: $compression_ratio`
			`}`
			`}`

			`# Decompress workflow (for verification/testing)`
			`export def decompress-workflow [script_compressed: string]: nothing -> record {`
			`let timestamp_hash = ((date now \| format date "%Y%m%d_%H%M%S") \| hash sha256 \| str substring 0..8)`
			`let temp_dir = $"/tmp/workflow_decompress_($timestamp_hash)"`
			`^mkdir -p $temp_dir`

			`# Decode from base64`
			`let decoded = (echo $script_compressed \| ^base64 -d)`

			`# Extract tar.gz`
			`echo $decoded \| ^tar -xzf - -C $temp_dir`

			`# Read files`
			`let manifest = (open ($temp_dir + "/manifest.json"))`
			`let vars = (open ($temp_dir + "/vars.json"))`
			`let script = (open -r ($temp_dir + "/script.sh"))`

			`# Cleanup`
			`^rm -rf $temp_dir`

			`{`
			`template_path: $manifest.template_path`
			`template_vars: $vars`
			`script: $script`
			`timestamp: $manifest.timestamp`
			`}`
			`}`