@agenticmail/enterprise 0.5.97 → 0.5.99

package/dist/runtime-7XXST6JN.js

@@ -0,0 +1,49 @@
+import {
+  AgentRuntime,
+  EmailChannel,
+  FollowUpScheduler,
+  SessionManager,
+  SubAgentManager,
+  ToolRegistry,
+  callLLM,
+  createAgentRuntime,
+  createNoopHooks,
+  createRuntimeHooks,
+  estimateMessageTokens,
+  estimateTokens,
+  executeTool,
+  runAgentLoop,
+  toolsToDefinitions
+} from "./chunk-3AJ7YYAA.js";
+import "./chunk-NRF3YRF7.js";
+import "./chunk-TYW5XTOW.js";
+import "./chunk-AQH4DFYV.js";
+import "./chunk-JLSQOQ5L.js";
+import {
+  PROVIDER_REGISTRY,
+  listAllProviders,
+  resolveApiKeyForProvider,
+  resolveProvider
+} from "./chunk-67KZYSLU.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  AgentRuntime,
+  EmailChannel,
+  FollowUpScheduler,
+  PROVIDER_REGISTRY,
+  SessionManager,
+  SubAgentManager,
+  ToolRegistry,
+  callLLM,
+  createAgentRuntime,
+  createNoopHooks,
+  createRuntimeHooks,
+  estimateMessageTokens,
+  estimateTokens,
+  executeTool,
+  listAllProviders,
+  resolveApiKeyForProvider,
+  resolveProvider,
+  runAgentLoop,
+  toolsToDefinitions
+};

package/dist/runtime-Y7S2UQHD.js

@@ -0,0 +1,49 @@
+import {
+  AgentRuntime,
+  EmailChannel,
+  FollowUpScheduler,
+  SessionManager,
+  SubAgentManager,
+  ToolRegistry,
+  callLLM,
+  createAgentRuntime,
+  createNoopHooks,
+  createRuntimeHooks,
+  estimateMessageTokens,
+  estimateTokens,
+  executeTool,
+  runAgentLoop,
+  toolsToDefinitions
+} from "./chunk-7AXTPSIN.js";
+import "./chunk-NRF3YRF7.js";
+import "./chunk-TYW5XTOW.js";
+import "./chunk-AQH4DFYV.js";
+import "./chunk-JLSQOQ5L.js";
+import {
+  PROVIDER_REGISTRY,
+  listAllProviders,
+  resolveApiKeyForProvider,
+  resolveProvider
+} from "./chunk-67KZYSLU.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  AgentRuntime,
+  EmailChannel,
+  FollowUpScheduler,
+  PROVIDER_REGISTRY,
+  SessionManager,
+  SubAgentManager,
+  ToolRegistry,
+  callLLM,
+  createAgentRuntime,
+  createNoopHooks,
+  createRuntimeHooks,
+  estimateMessageTokens,
+  estimateTokens,
+  executeTool,
+  listAllProviders,
+  resolveApiKeyForProvider,
+  resolveProvider,
+  runAgentLoop,
+  toolsToDefinitions
+};

package/dist/server-73PZ4CHC.js

@@ -0,0 +1,12 @@
+import {
+  createServer
+} from "./chunk-KIFKMDHY.js";
+import "./chunk-3SMTCIR4.js";
+import "./chunk-JLSQOQ5L.js";
+import "./chunk-RO537U6H.js";
+import "./chunk-DRXMYYKN.js";
+import "./chunk-67KZYSLU.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  createServer
+};

package/dist/server-C7K5DKUM.js

@@ -0,0 +1,12 @@
+import {
+  createServer
+} from "./chunk-PC7IMFOA.js";
+import "./chunk-3SMTCIR4.js";
+import "./chunk-JLSQOQ5L.js";
+import "./chunk-RO537U6H.js";
+import "./chunk-DRXMYYKN.js";
+import "./chunk-67KZYSLU.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  createServer
+};

package/dist/setup-CFXJICEP.js

@@ -0,0 +1,20 @@
+import {
+  promptCompanyInfo,
+  promptDatabase,
+  promptDeployment,
+  promptDomain,
+  promptRegistration,
+  provision,
+  runSetupWizard
+} from "./chunk-TIV6GMQ5.js";
+import "./chunk-QDXUZP7Y.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  promptCompanyInfo,
+  promptDatabase,
+  promptDeployment,
+  promptDomain,
+  promptRegistration,
+  provision,
+  runSetupWizard
+};

package/dist/setup-IRQGAGRA.js

@@ -0,0 +1,20 @@
+import {
+  promptCompanyInfo,
+  promptDatabase,
+  promptDeployment,
+  promptDomain,
+  promptRegistration,
+  provision,
+  runSetupWizard
+} from "./chunk-7RUXEES6.js";
+import "./chunk-QDXUZP7Y.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  promptCompanyInfo,
+  promptDatabase,
+  promptDeployment,
+  promptDomain,
+  promptRegistration,
+  provision,
+  runSetupWizard
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agenticmail/enterprise",
-  "version": "0.5.97",
+  "version": "0.5.99",
   "description": "AgenticMail Enterprise — cloud-hosted AI agent identity, email, auth & compliance for organizations",
   "type": "module",
   "bin": {

package/src/engine/deployer.ts

@@ -126,7 +126,7 @@ export class DeploymentEngine {
       case 'vps':
         return this.execSSH(config, `sudo systemctl stop agenticmail-${config.name}`);
       case 'fly':
-        return this.execCommand(`fly apps destroy agenticmail-${config.name} --yes`);
+        return this.flyMachineAction(config, 'stop');
       case 'local':
         return { success: true, message: 'Local agent stopped' };
       default:
@@ -144,7 +144,7 @@ export class DeploymentEngine {
       case 'vps':
         return this.execSSH(config, `sudo systemctl restart agenticmail-${config.name}`);
       case 'fly':
-        return this.execCommand(`fly apps restart agenticmail-${config.name}`);
+        return this.flyMachineAction(config, 'restart');
       case 'local':
         return { success: true, message: 'Local agent restarted' };
       default:
@@ -191,7 +191,7 @@ export class DeploymentEngine {
       case 'vps':
         return (await this.execSSH(config, `journalctl -u agenticmail-${config.name} --no-pager -n ${lines}`)).message;
       case 'fly':
-        return (await this.execCommand(`fly logs -a agenticmail-${config.name} -n ${lines}`)).message;
+        return `Logs available at: https://fly.io/apps/${config.deployment.config.cloud?.appName || 'unknown'}/monitoring`;
       default:
         return 'Log streaming not supported for this target';
     }
@@ -382,67 +382,151 @@ export class DeploymentEngine {
     };
   }
 
+  /**
+   * Deploy agent to Fly.io using the Machines API (HTTP).
+   * No flyctl CLI needed — works from inside containers.
+   *
+   * Flow:
+   * 1. Create app (if it doesn't exist)
+   * 2. Create a Machine with the @agenticmail/enterprise Docker image
+   * 3. Set secrets (API keys, DB URL, etc.)
+   * 4. Wait for machine to start
+   */
   private async deployFly(config: AgentConfig, emit: Function): Promise<DeploymentResult> {
     const cloud = config.deployment.config.cloud;
-    if (!cloud || cloud.provider !== 'fly') throw new Error('Fly.io config missing');
-
-    const appName = cloud.appName || `agenticmail-${config.name}`;
+    if (!cloud) throw new Error('Fly.io config missing');
+
+    const apiToken = cloud.apiToken;
+    if (!apiToken) throw new Error('Fly.io API token is required');
+
+    const appName = cloud.appName || `am-agent-${config.name.toLowerCase().replace(/[^a-z0-9-]/g, '-').slice(0, 30)}`;
+    const region = cloud.region || 'iad';
+    const size = cloud.size || 'shared-cpu-1x';
+    const FLY_API = 'https://api.machines.dev/v1';
+
+    const flyFetch = async (path: string, method: string = 'GET', body?: any): Promise<any> => {
+      const res = await fetch(`${FLY_API}${path}`, {
+        method,
+        headers: {
+          'Authorization': `Bearer ${apiToken}`,
+          'Content-Type': 'application/json',
+        },
+        body: body ? JSON.stringify(body) : undefined,
+      });
+      const text = await res.text();
+      let data;
+      try { data = JSON.parse(text); } catch { data = { raw: text }; }
+      if (!res.ok) throw new Error(`Fly API ${method} ${path}: ${res.status} — ${data.error || text}`);
+      return data;
+    };
 
-    emit('provision', 'started', `Creating Fly.io app ${appName}...`);
-    await this.execCommand(`fly apps create ${appName} --org personal`, { FLY_API_TOKEN: cloud.apiToken });
-    emit('provision', 'completed', `App ${appName} created`);
+    // 1. Create app (ignore "already exists" errors)
+    emit('provision', 'started', `Creating Fly.io app "${appName}"...`);
+    try {
+      await flyFetch('/apps', 'POST', {
+        app_name: appName,
+        org_slug: cloud.org || 'personal',
+      });
+      emit('provision', 'completed', `App "${appName}" created`);
+    } catch (e: any) {
+      if (e.message.includes('already exists')) {
+        emit('provision', 'completed', `App "${appName}" already exists, reusing`);
+      } else {
+        throw e;
+      }
+    }
 
-    // Generate Dockerfile
-    emit('configure', 'started', 'Generating Dockerfile...');
-    const dockerfile = this.generateDockerfile(config);
+    // 2. Generate workspace files and encode as base64 init script
+    emit('configure', 'started', 'Preparing agent configuration...');
     const workspace = this.configGen.generateWorkspace(config);
+    const initCommands = Object.entries(workspace).map(([file, content]) => {
+      const b64 = Buffer.from(content).toString('base64');
+      return `echo "${b64}" | base64 -d > /workspace/${file}`;
+    }).join(' && ');
+
+    // Build environment variables for the agent
+    const env: Record<string, string> = {
+      NODE_ENV: 'production',
+      AGENTICMAIL_MODEL: `${config.model.provider}/${config.model.modelId}`,
+      AGENTICMAIL_AGENT_ID: config.id,
+      AGENTICMAIL_AGENT_NAME: config.displayName || config.name,
+      PORT: '3000',
+    };
+    if (config.model.thinkingLevel) env.AGENTICMAIL_THINKING = config.model.thinkingLevel;
+    emit('configure', 'completed', 'Configuration ready');
+
+    // 3. Check for existing machines — update if found, create if not
+    emit('install', 'started', 'Deploying machine...');
+    const existingMachines = await flyFetch(`/apps/${appName}/machines`);
+    const machineConfig = {
+      image: 'node:22-slim',
+      env,
+      services: [{
+        ports: [
+          { port: 443, handlers: ['tls', 'http'], force_https: true },
+          { port: 80, handlers: ['http'] },
+        ],
+        protocol: 'tcp',
+        internal_port: 3000,
+      }],
+      guest: {
+        cpu_kind: size.includes('performance') ? 'performance' : 'shared',
+        cpus: size.includes('2x') ? 2 : 1,
+        memory_mb: size.includes('2x') ? 1024 : 512,
+      },
+      init: {
+        cmd: ['sh', '-c', `mkdir -p /workspace && ${initCommands || 'true'} && npx @agenticmail/enterprise start`],
+      },
+      auto_destroy: false,
+      restart: { policy: 'always' },
+    };
 
-    // Write temp build context
-    const buildDir = `/tmp/agenticmail-build-${config.name}`;
-    await this.execCommand(`mkdir -p ${buildDir}/workspace`);
-    await this.writeFile(`${buildDir}/Dockerfile`, dockerfile);
-    for (const [file, content] of Object.entries(workspace)) {
-      await this.writeFile(`${buildDir}/workspace/${file}`, content);
+    let machineId: string;
+    if (existingMachines.length > 0) {
+      // Update existing machine
+      const existing = existingMachines[0];
+      machineId = existing.id;
+      await flyFetch(`/apps/${appName}/machines/${machineId}`, 'POST', {
+        config: machineConfig,
+        region,
+      });
+      emit('install', 'completed', `Machine ${machineId} updated`);
+    } else {
+      // Create new machine
+      const machine = await flyFetch(`/apps/${appName}/machines`, 'POST', {
+        name: `agent-${config.name.toLowerCase().replace(/[^a-z0-9-]/g, '-').slice(0, 20)}`,
+        region,
+        config: machineConfig,
+      });
+      machineId = machine.id;
+      emit('install', 'completed', `Machine ${machineId} created in ${region}`);
     }
 
-    // Write fly.toml
-    const flyToml = `
-app = "${appName}"
-primary_region = "${cloud.region || 'iad'}"
-
-[build]
-  dockerfile = "Dockerfile"
-
-[http_service]
-  internal_port = 3000
-  force_https = true
-  auto_stop_machines = true
-  auto_start_machines = true
-  min_machines_running = 1
-
-[[vm]]
-  size = "${cloud.size || 'shared-cpu-1x'}"
-  memory = "512mb"
-`;
-    await this.writeFile(`${buildDir}/fly.toml`, flyToml);
-    emit('configure', 'completed', 'Build context ready');
-
-    // Deploy
-    emit('install', 'started', 'Deploying to Fly.io (building + pushing)...');
-    const deployResult = await this.execCommand(`cd ${buildDir} && fly deploy --now`, { FLY_API_TOKEN: cloud.apiToken });
-    emit('install', deployResult.success ? 'completed' : 'failed', deployResult.message);
+    // 4. Wait for machine to start
+    emit('start', 'started', 'Waiting for machine to start...');
+    try {
+      await flyFetch(`/apps/${appName}/machines/${machineId}/wait?state=started&timeout=60`);
+      emit('start', 'completed', 'Machine is running');
+    } catch {
+      emit('start', 'completed', 'Machine starting (health check pending)');
+    }
 
-    // Cleanup
-    await this.execCommand(`rm -rf ${buildDir}`);
+    // Store deployment metadata
+    config.deployment.config.cloud = {
+      ...cloud,
+      provider: 'fly',
+      appName,
+      region,
+      size,
+    };
+    (config.deployment.config as any).flyMachineId = machineId;
+    (config.deployment.config as any).deployedAt = new Date().toISOString();
 
     const url = cloud.customDomain || `https://${appName}.fly.dev`;
-
-    if (deployResult.success) {
-      emit('complete', 'completed', `Agent live at ${url}`);
-    }
+    emit('complete', 'completed', `Agent live at ${url}`);
 
     return {
-      success: deployResult.success,
+      success: true,
       url,
       appId: appName,
       events: [],
@@ -528,29 +612,70 @@ primary_region = "${cloud.region || 'iad'}"
 
   private async getCloudStatus(config: AgentConfig, base: LiveAgentStatus): Promise<LiveAgentStatus> {
     const cloud = config.deployment.config.cloud;
-    if (!cloud) return base;
+    if (!cloud || !cloud.apiToken) return base;
 
-    const appName = cloud.appName || `agenticmail-${config.name}`;
-    const result = await this.execCommand(`fly status -a ${appName} --json`, { FLY_API_TOKEN: cloud.apiToken });
-
-    if (!result.success) return { ...base, status: 'error' };
+    const appName = cloud.appName || `am-agent-${config.name.toLowerCase().replace(/[^a-z0-9-]/g, '-').slice(0, 30)}`;
+    const FLY_API = 'https://api.machines.dev/v1';
 
     try {
-      const status = JSON.parse(result.message);
+      const res = await fetch(`${FLY_API}/apps/${appName}/machines`, {
+        headers: { 'Authorization': `Bearer ${cloud.apiToken}` },
+      });
+      if (!res.ok) return { ...base, status: 'error', healthStatus: 'unhealthy' };
+
+      const machines = await res.json() as any[];
+      if (machines.length === 0) return { ...base, status: 'stopped' };
+
+      const machine = machines[0];
+      const state = machine.state;
+      const isRunning = state === 'started' || state === 'replacing';
+
       return {
         ...base,
-        status: status.Deployed ? 'running' : 'stopped',
-        healthStatus: status.Deployed ? 'healthy' : 'unhealthy',
+        status: isRunning ? 'running' : state === 'stopped' ? 'stopped' : 'error',
+        healthStatus: isRunning ? 'healthy' : 'unhealthy',
         endpoint: `https://${appName}.fly.dev`,
-        version: status.Version?.toString(),
+        version: machine.image_ref?.tag,
+        uptime: machine.created_at ? Math.floor((Date.now() - new Date(machine.created_at).getTime()) / 1000) : undefined,
       };
     } catch {
-      return { ...base, status: 'error' };
+      return { ...base, status: 'error', healthStatus: 'unhealthy' };
     }
   }
 
   // ─── Helpers ──────────────────────────────────────────
 
+  /** Stop or restart a Fly.io machine via the Machines API */
+  private async flyMachineAction(config: AgentConfig, action: 'stop' | 'restart'): Promise<{ success: boolean; message: string }> {
+    const cloud = config.deployment.config.cloud;
+    if (!cloud || !cloud.apiToken) return { success: false, message: 'Fly.io config missing' };
+
+    const appName = cloud.appName || `am-agent-${config.name.toLowerCase().replace(/[^a-z0-9-]/g, '-').slice(0, 30)}`;
+    const FLY_API = 'https://api.machines.dev/v1';
+
+    try {
+      const res = await fetch(`${FLY_API}/apps/${appName}/machines`, {
+        headers: { 'Authorization': `Bearer ${cloud.apiToken}` },
+      });
+      if (!res.ok) return { success: false, message: `Failed to list machines: ${res.status}` };
+      const machines = await res.json() as any[];
+      if (machines.length === 0) return { success: false, message: 'No machines found' };
+
+      const machineId = machines[0].id;
+      const actionRes = await fetch(`${FLY_API}/apps/${appName}/machines/${machineId}/${action}`, {
+        method: 'POST',
+        headers: { 'Authorization': `Bearer ${cloud.apiToken}` },
+      });
+      if (!actionRes.ok) {
+        const err = await actionRes.text();
+        return { success: false, message: `${action} failed: ${err}` };
+      }
+      return { success: true, message: `Machine ${machineId} ${action}ed` };
+    } catch (e: any) {
+      return { success: false, message: e.message };
+    }
+  }
+
   private validateConfig(config: AgentConfig) {
     if (!config.name) throw new Error('Agent name is required');
     if (!config.identity.role) throw new Error('Agent role is required');

package/src/engine/lifecycle.ts

@@ -309,6 +309,9 @@ export class AgentLifecycleManager {
     await this.persistAgent(agent);
 
     try {
+      // Resolve org-level deploy credentials if agent doesn't have its own
+      await this.resolveDeployCredentials(agent);
+
       // Run deployment
       this.transition(agent, 'deploying', 'Pushing configuration', 'system');
 
@@ -916,6 +919,45 @@ export class AgentLifecycleManager {
     });
   }
 
+  /**
+   * Resolve org-level deploy credentials and merge into agent config.
+   * If the agent's deployment config is missing an API token, look up
+   * the org's deploy_credentials table for a matching target type.
+   */
+  private async resolveDeployCredentials(agent: ManagedAgent): Promise<void> {
+    const target = agent.config?.deployment?.target;
+    if (!target) return;
+
+    // Ensure deployment.config exists
+    if (!agent.config.deployment.config) agent.config.deployment.config = {} as any;
+
+    // For fly/railway, check if cloud.apiToken is already set
+    if (target === 'fly' || target === 'railway') {
+      const cloud = agent.config.deployment.config.cloud;
+      if (cloud?.apiToken) return; // Agent has its own token
+
+      // Look up org-level credentials
+      if (this.engineDb) {
+        try {
+          const orgId = agent.orgId || 'default';
+          const creds = await this.engineDb.getDeployCredentialsByType(orgId, target);
+          if (creds.length > 0) {
+            const orgCred = creds[0];
+            agent.config.deployment.config.cloud = {
+              ...agent.config.deployment.config.cloud,
+              provider: target,
+              apiToken: orgCred.config?.apiToken || orgCred.config?.token,
+              ...(orgCred.config?.region && { region: orgCred.config.region }),
+              ...(orgCred.config?.org && { org: orgCred.config.org }),
+            };
+          }
+        } catch (err) {
+          console.error('[lifecycle] Failed to resolve deploy credentials:', err);
+        }
+      }
+    }
+  }
+
   private isConfigComplete(config: AgentConfig): boolean {
     return !!(
       config.name &&