feat(cli): cloud cli commands (v4)

[nathan-pichon]

What does it do?

This pull request introduces new commands to the Strapi CLI for interacting with Strapi Cloud:

• strapi login: This command allows users to log in to their Strapi Cloud application directly from the command line.
• strapi logout: This command enables users to log out of their currently authenticated Strapi Cloud session.
• strapi deploy: This command provides a streamlined way to deploy the local Strapi project directly to Strapi Cloud.
  These functionalities aim to enhance the developer experience by simplifying authentication and deployment workflows for Strapi Cloud users and providing a seamless hosting solution for Strapi CMS users.

Important Update to create-strapi-app CLI:

Previously, when creating a new Strapi project using create-strapi-app, there was no option to directly connect to a Strapi Cloud project. This pull request also introduces changes to the create-strapi-app command. Users will now be prompted during project creation if they want to create and log in to a new Strapi Cloud project. This simplifies the workflow for developers who intend to deploy their Strapi project to Strapi Cloud from the very beginning.

⚠️ As an MVP restriction, for now, only trial project can be created and managed from the deploy command ⚠️

Why is it needed?

Streamlining deployments: The deploy command automates the deployment process, allowing developers to push their local project to Strapi Cloud directly from the CLI.

How to test it?

1. Login: Use the strapi login command to authenticate with your Strapi Cloud account. You'll likely be prompted for your credentials during this process (Google / GitHub or GitLab login providers ATM).
2. Deploy: Ensure you have a local Strapi project ready, you must be able to deploy a trial project (never had any project on Strapi Cloud). Use the strapi deploy command to deploy your project to Strapi Cloud. Verify that the deployment process was completed successfully and your application is accessible on Strapi Cloud.
3. Logout: User the strapi logout command to disconnect the CLI from your Strapi Cloud account. The strapi deploy should not work after being logged out.

Related issue(s)/PR(s)

Let us know if this is related to any issue/pull request

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
contributor-docs	❌ Failed (Inspect)			May 7, 2024 10:18am

[alexandrebodin]

Overall looks good 👍

A nice improvement would be to add the "deploy" in the generate package.json script so you can run

yarn deploy, & add it in the log at the end of the creation CLI

[alexandrebodin]

side note: libraries should avoid using env vars and get that as an input param unless it's a debug env var

Considering this will be just a way to test we can live with it. @innerdvations wdyt of a specific prefix for all hardcoded env var ? STRAPI_DEBUG 🤔

[innerdvations]

That sounds fine to me. STRAPI_ will already be reserved for us, so if we want to call STRAPI_DEBUG_ the debugging prefix it won't cause any issues.

[alexandrebodin]

we use fs-extra everywhere in the codebase you could use the ensure fn directly

[alexandrebodin]

what would be the advantage ? we are not storing a pwd but just a temp access token 🤔

side note, Also this CLI could be used to automate deployment so we need to support tokens via the CLI in the CI.

[alexandrebodin]

Can we make all those file manipulation async instead ?

[alexandrebodin]

in what case would you get a forbidden considering we do not really have an authorization system ?

[alexandrebodin]

Same comment on using async fs methods instead

[alexandrebodin]

Can you add a //TODO to remove the duplicated code later with a share CLI pkg or sth

[alexandrebodin]

Should we move "loadPkg" and "logger" to strapi/utils ?

Probably beyond the scope of this PR, but yeah, I think we need a generic logger to use for all these cases outside of Strapi. We've reinvented the wheel about 10 times already.

This should definitely be part of the CLI context passed to all commands 👍 but it goes beyond that as a topic for the CLI API overall

[innerdvations]

It would allow the user control the security level on the token and keeps it encrypted.

For example, I think most systems would allow users to configure their keychain to ask for verification before the token is accessed (so, someone sitting down at their system couldn't deploy without re-entering password/fingerprint/whatever). But I think what we're doing here is still secure enough for most cases.

I do think a separation by project would be extremely helpful though, otherwise someone with multiple clients on Strapi cloud would have to log in and out between each project, or accidentally attempt to deploy a project with the wrong account (though I assume it wouldn't work).

Alternatively, a login manager to switch between them, but that's a huge feature in itself 😆

[innerdvations]

You could use mock-fs here to avoid real effects in the test runs

[alexandrebodin]

fyi we use memfs already

[innerdvations]

Oh yeah, that one, I misremembered which one we used 😆

[joshuaellis]

minor feedback

[joshuaellis]

Shall we document here what commands are available?

[alexandrebodin]

Makes me think, don't we have in the contrbiuting guide the CLI command list too ? worth it if the others are listed.

[joshuaellis]

[joshuaellis]

I think we can improve this error message, it's really vague. Do you not return a good error message from the API you can utilise?

[joshuaellis]

Should you propose using the debug flag to find more info?

[joshuaellis]

If it's 5XX should we handle it to show it's our problem not theres? at the moment it's not clear imo

[joshuaellis]

why would trying again later do anything different here?

[joshuaellis]

Should we propose individuals use the debug option to learn more about their issue?

[joshuaellis]

Why blocklist over allowlist? 🤔

[alexandrebodin]

Allowing custom user code / resources