feat: process execution standardisation

Standardised process execution for bin tests using `pkExec` and `pkSpawn`.

- All usage of `pkExec`/`pkSpawn` calls underlying default `WithoutShell` or override `WithShell` methods
- Combined `env` and `cwd` options into an `ExecOpts` object and added `command` and `shell` options
- Refactored `pkSpawnNs` and `pkExecNs` to use standardised methods
- Replaced all usage of `exec`/`execFile` with `spawn`

.eslintrc

@@ -33,6 +33,10 @@
       {
         "name": "global",
         "message": "Use `globalThis` instead"
+      },
+      {
+        "name": "window",
+        "message": "Use `globalThis` instead"
       }
     ],
     "require-yield": 0,

src/bin/agent/CommandStart.ts

@@ -8,7 +8,7 @@ import type PolykeyAgent from '../../PolykeyAgent';
 import type { RecoveryCode } from '../../keys/types';
 import type { PolykeyWorkerManagerInterface } from '../../workers/types';
 import path from 'path';
-import child_process from 'child_process';
+import childProcess from 'child_process';
 import process from 'process';
 import CommandPolykey from '../CommandPolykey';
 import * as binUtils from '../utils';
@@ -130,7 +130,7 @@ class CommandStart extends CommandPolykey {
           );
           stdio[2] = agentErrFile.fd;
         }
-        const agentProcess = child_process.fork(
+        const agentProcess = childProcess.fork(
           path.join(__dirname, '../polykey-agent'),
           [],
           {

tests/agent/service/notificationsSend.test.ts

@@ -26,7 +26,7 @@ import * as utilsPB from '@/proto/js/polykey/v1/utils/utils_pb';
 import * as notificationsPB from '@/proto/js/polykey/v1/notifications/notifications_pb';
 import * as nodesUtils from '@/nodes/utils';
 import * as notificationsUtils from '@/notifications/utils';
-import { expectRemoteError } from '../../utils';
+import { expectRemoteError } from '../../utils/utils';
 import { globalRootKeyPems } from '../../fixtures/globalRootKeyPems';
 
 describe('notificationsSend', () => {

tests/bin/agent/lock.test.ts

@@ -29,21 +29,19 @@ describe('lock', () => {
   testUtils.testIf(
     testUtils.isTestPlatformEmpty || testUtils.isTestPlatformDocker,
   )('lock deletes the session token', async () => {
-    await execUtils.pkStdio(
-      ['agent', 'unlock'],
-      {
+    await execUtils.pkExec(['agent', 'unlock'], {
+      env: {
         PK_NODE_PATH: agentDir,
         PK_PASSWORD: agentPassword,
       },
-      agentDir,
-    );
-    const { exitCode } = await execUtils.pkStdio(
-      ['agent', 'lock'],
-      {
+      cwd: agentDir,
+    });
+    const { exitCode } = await execUtils.pkExec(['agent', 'lock'], {
+      env: {
         PK_NODE_PATH: agentDir,
       },
-      agentDir,
-    );
+      cwd: agentDir,
+    });
     expect(exitCode).toBe(0);
     const session = await Session.createSession({
       sessionTokenPath: path.join(agentDir, config.defaults.tokenBase),
@@ -61,30 +59,23 @@ describe('lock', () => {
       mockedPrompts.mockImplementation(async (_opts: any) => {
         return { password };
       });
-      await execUtils.pkStdio(
-        ['agent', 'unlock'],
-        {
+      await execUtils.pkStdio(['agent', 'unlock'], {
+        env: {
           PK_NODE_PATH: agentDir,
           PK_PASSWORD: agentPassword,
         },
-        agentDir,
-      );
+        cwd: agentDir,
+      });
       // Session token is deleted
-      await execUtils.pkStdio(
-        ['agent', 'lock'],
-        {
-          PK_NODE_PATH: agentDir,
-        },
-        agentDir,
-      );
+      await execUtils.pkStdio(['agent', 'lock'], {
+        env: { PK_NODE_PATH: agentDir },
+        cwd: agentDir,
+      });
       // Will prompt to reauthenticate
-      await execUtils.pkStdio(
-        ['agent', 'status'],
-        {
-          PK_NODE_PATH: agentDir,
-        },
-        agentDir,
-      );
+      await execUtils.pkStdio(['agent', 'status'], {
+        env: { PK_NODE_PATH: agentDir },
+        cwd: agentDir,
+      });
       // Prompted for password 1 time
       expect(mockedPrompts.mock.calls.length).toBe(1);
       mockedPrompts.mockClear();

tests/bin/agent/lockall.test.ts

@@ -35,21 +35,17 @@ describe('lockall', () => {
   testUtils.testIf(
     testUtils.isTestPlatformEmpty || testUtils.isTestPlatformDocker,
   )('lockall deletes the session token', async () => {
-    await execUtils.pkStdio(
-      ['agent', 'unlock'],
-      {
+    await execUtils.pkExec(['agent', 'unlock'], {
+      env: {
         PK_NODE_PATH: agentDir,
         PK_PASSWORD: agentPassword,
       },
-      agentDir,
-    );
-    const { exitCode } = await execUtils.pkStdio(
-      ['agent', 'lockall'],
-      {
-        PK_NODE_PATH: agentDir,
-      },
-      agentDir,
-    );
+      cwd: agentDir,
+    });
+    const { exitCode } = await execUtils.pkExec(['agent', 'lockall'], {
+      env: { PK_NODE_PATH: agentDir },
+      cwd: agentDir,
+    });
     expect(exitCode).toBe(0);
     const session = await Session.createSession({
       sessionTokenPath: path.join(agentDir, config.defaults.tokenBase),
@@ -63,33 +59,26 @@ describe('lockall', () => {
     'lockall ensures reauthentication is required',
     async () => {
       const password = agentPassword;
-      await execUtils.pkStdio(
-        ['agent', 'unlock'],
-        {
+      await execUtils.pkStdio(['agent', 'unlock'], {
+        env: {
           PK_NODE_PATH: agentDir,
           PK_PASSWORD: agentPassword,
         },
-        agentDir,
-      );
-      await execUtils.pkStdio(
-        ['agent', 'lockall'],
-        {
-          PK_NODE_PATH: agentDir,
-        },
-        agentDir,
-      );
+        cwd: agentDir,
+      });
+      await execUtils.pkStdio(['agent', 'lockall'], {
+        env: { PK_NODE_PATH: agentDir },
+        cwd: agentDir,
+      });
       // Token is deleted, reauthentication is required
       mockedPrompts.mockClear();
       mockedPrompts.mockImplementation(async (_opts: any) => {
         return { password };
       });
-      await execUtils.pkStdio(
-        ['agent', 'status'],
-        {
-          PK_NODE_PATH: agentDir,
-        },
-        agentDir,
-      );
+      await execUtils.pkStdio(['agent', 'status'], {
+        env: { PK_NODE_PATH: agentDir },
+        cwd: agentDir,
+      });
       // Prompted for password 1 time
       expect(mockedPrompts.mock.calls.length).toBe(1);
       mockedPrompts.mockClear();
@@ -98,37 +87,37 @@ describe('lockall', () => {
   testUtils.testIf(
     testUtils.isTestPlatformEmpty || testUtils.isTestPlatformDocker,
   )('lockall causes old session tokens to fail', async () => {
-    await execUtils.pkStdio(
-      ['agent', 'unlock'],
-      {
+    await execUtils.pkExec(['agent', 'unlock'], {
+      env: {
         PK_NODE_PATH: agentDir,
         PK_PASSWORD: agentPassword,
       },
-      agentDir,
-    );
+      cwd: agentDir,
+    });
     const session = await Session.createSession({
       sessionTokenPath: path.join(agentDir, config.defaults.tokenBase),
       fs,
       logger,
     });
     const token = await session.readToken();
     await session.stop();
-    await execUtils.pkStdio(
-      ['agent', 'lockall'],
-      {
+    await execUtils.pkExec(['agent', 'lockall'], {
+      env: {
         PK_NODE_PATH: agentDir,
         PK_PASSWORD: agentPassword,
       },
-      agentDir,
-    );
+      cwd: agentDir,
+    });
     // Old token is invalid
-    const { exitCode, stderr } = await execUtils.pkStdio(
+    const { exitCode, stderr } = await execUtils.pkExec(
       ['agent', 'status', '--format', 'json'],
       {
-        PK_NODE_PATH: agentDir,
-        PK_TOKEN: token,
+        env: {
+          PK_NODE_PATH: agentDir,
+          PK_TOKEN: token,
+        },
+        cwd: agentDir,
       },
-      agentDir,
     );
     execUtils.expectProcessError(exitCode, stderr, [
       new errors.ErrorClientAuthDenied(),