@agentuity/cli 0.0.108 → 0.0.110

package/src/cmd/dev/index.ts

@@ -371,6 +371,7 @@ export const command = createCommand({
 			// Vite stays running and handles frontend changes via HMR
 			let shouldRestart = false;
 			let gravityProcess: ProcessLike | null = null;
+			let gravityHeartbeatInterval: ReturnType<typeof setInterval> | null = null;
 			let stdinListenerRegistered = false; // Track if stdin listener is already registered
 
 			const restartServer = () => {
@@ -395,6 +396,8 @@ export const command = createCommand({
 			let cleaningUp = false;
 			// Track if shutdown was requested (SIGINT/SIGTERM) to break the main loop
 			let shutdownRequested = false;
+			// Store stdin data handler reference for cleanup
+			let stdinDataHandler: ((data: Buffer | string) => void) | null = null;
 
 			/**
 			 * Centralized cleanup function for all resources.
@@ -425,6 +428,12 @@ export const command = createCommand({
 					logger.debug('Error stopping Bun server during cleanup: %s', err);
 				}
 
+				// Stop gravity heartbeat interval
+				if (gravityHeartbeatInterval) {
+					clearInterval(gravityHeartbeatInterval);
+					gravityHeartbeatInterval = null;
+				}
+
 				// Kill gravity client with SIGTERM first, then SIGKILL as fallback
 				if (gravityProcess) {
 					logger.debug('Killing gravity process...');
@@ -479,6 +488,21 @@ export const command = createCommand({
 				if (!exitAfter) {
 					cleaningUp = false;
 				} else {
+					// Clean up stdin keyboard handler right before exiting
+					// This must happen AFTER all async cleanup to keep event loop alive
+					if (stdinListenerRegistered && process.stdin.isTTY) {
+						try {
+							if (stdinDataHandler) {
+								process.stdin.removeListener('data', stdinDataHandler);
+								stdinDataHandler = null;
+							}
+							process.stdin.setRawMode(false);
+							process.stdin.pause();
+							process.stdin.unref();
+						} catch {
+							// Ignore errors during final cleanup
+						}
+					}
 					logger.debug('Exiting with code %d', exitCode);
 					originalExit(exitCode);
 				}
@@ -497,6 +521,12 @@ export const command = createCommand({
 					logger.debug('Error stopping Bun server for restart: %s', err);
 				}
 
+				// Stop gravity heartbeat interval
+				if (gravityHeartbeatInterval) {
+					clearInterval(gravityHeartbeatInterval);
+					gravityHeartbeatInterval = null;
+				}
+
 				// Kill gravity client
 				if (gravityProcess) {
 					try {
@@ -515,23 +545,37 @@ export const command = createCommand({
 
 			// SIGINT/SIGTERM: coordinate shutdown between bundle and dev resources
 			let signalHandlersRegistered = false;
+			let exitingFromSignal = false;
 			if (!signalHandlersRegistered) {
 				signalHandlersRegistered = true;
 
-				const safeExit = async (code: number, reason?: string) => {
+				const safeExit = (code: number, reason?: string) => {
+					// Prevent multiple signal handlers from racing
+					if (exitingFromSignal) return;
+					exitingFromSignal = true;
+
 					if (reason) {
 						logger.debug('DevMode terminating (%d) due to: %s', code, reason);
 					}
 					shutdownRequested = true;
-					await cleanup(true, code);
+					// Run cleanup and ensure we wait for it to complete before exiting
+					cleanup(true, code).catch((err) => {
+						logger.debug('Cleanup error: %s', err);
+						originalExit(1);
+					});
 				};
 
 				process.on('SIGINT', () => {
-					void safeExit(0, 'SIGINT');
+					safeExit(0, 'SIGINT');
 				});
 
 				process.on('SIGTERM', () => {
-					void safeExit(0, 'SIGTERM');
+					safeExit(0, 'SIGTERM');
+				});
+
+				// Handle SIGHUP (terminal closed) - same as SIGINT
+				process.on('SIGHUP', () => {
+					safeExit(0, 'SIGHUP');
 				});
 
 				// Handle uncaught exceptions - clean up and exit rather than limping on
@@ -553,6 +597,20 @@ export const command = createCommand({
 
 			// Ensure resources are always cleaned up on exit (synchronous fallback)
 			process.on('exit', () => {
+				// Clean up stdin keyboard handler
+				if (stdinListenerRegistered && process.stdin.isTTY) {
+					try {
+						if (stdinDataHandler) {
+							process.stdin.removeListener('data', stdinDataHandler);
+						}
+						process.stdin.setRawMode(false);
+						process.stdin.pause();
+						process.stdin.unref();
+					} catch {
+						// Ignore errors during exit cleanup
+					}
+				}
+
 				// Kill gravity client with SIGKILL for immediate termination
 				if (gravityProcess && gravityProcess.exitCode === null) {
 					try {
@@ -862,6 +920,7 @@ export const command = createCommand({
 								project.projectId,
 								'--token',
 								process.env.AGENTUITY_SDK_KEY!, // set above
+								'--health-check',
 							],
 							{
 								cwd: rootDir,
@@ -881,13 +940,46 @@ export const command = createCommand({
 							});
 						}
 
-						// Log gravity output
+						// Log gravity output and detect heartbeat port
 						(async () => {
 							try {
 								if (gravityProcess?.stdout) {
 									for await (const chunk of gravityProcess.stdout) {
 										const text = new TextDecoder().decode(chunk);
-										logger.debug('[gravity] %s', text.trim());
+										const trimmed = text.trim();
+
+										// Check for heartbeat port announcement
+										const match = trimmed.match(/^HEARTBEAT_PORT=(\d+)$/m);
+										if (match) {
+											const heartbeatPort = parseInt(match[1], 10);
+											logger.debug('Gravity heartbeat port detected: %d', heartbeatPort);
+
+											// Start sending heartbeats every 5 seconds
+											if (!gravityHeartbeatInterval) {
+												const sendHeartbeat = async () => {
+													try {
+														await fetch(
+															`http://127.0.0.1:${heartbeatPort}/heartbeat`,
+															{
+																method: 'POST',
+																signal: AbortSignal.timeout(2000),
+															}
+														);
+														logger.trace('Gravity heartbeat sent');
+													} catch (err) {
+														logger.trace('Gravity heartbeat failed: %s', err);
+													}
+												};
+
+												// Send initial heartbeat immediately
+												sendHeartbeat();
+
+												// Then send every 5 seconds
+												gravityHeartbeatInterval = setInterval(sendHeartbeat, 5000);
+											}
+										} else if (trimmed) {
+											logger.debug('[gravity] %s', trimmed);
+										}
 									}
 								}
 							} catch (err) {
@@ -930,12 +1022,23 @@ export const command = createCommand({
 							console.log(tui.muted('  q') + ' - quit\n');
 						};
 
-						process.stdin.on('data', (data) => {
+						// Store handler reference for cleanup
+						stdinDataHandler = (data) => {
 							const key = data.toString();
 
-							// Handle Ctrl+C - send SIGINT to trigger graceful shutdown
-							if (key === '\u0003') {
-								process.kill(process.pid, 'SIGINT');
+							// Handle Ctrl+C or q - trigger graceful shutdown
+							if (key === '\u0003' || key === 'q') {
+								// Remove stdin listener immediately to prevent re-entrancy
+								if (stdinDataHandler) {
+									process.stdin.removeListener('data', stdinDataHandler);
+									stdinDataHandler = null;
+								}
+								// Set shutdown flag and trigger cleanup directly
+								shutdownRequested = true;
+								cleanup(true, 0).catch((err) => {
+									logger.debug('Cleanup error: %s', err);
+									originalExit(1);
+								});
 								return;
 							}
 
@@ -952,14 +1055,12 @@ export const command = createCommand({
 										centerTitle: false,
 									});
 									break;
-								case 'q':
-									void cleanup(true, 0);
-									break;
 								default:
 									process.stdout.write(data);
 									break;
 							}
-						});
+						};
+						process.stdin.on('data', stdinDataHandler);
 					}
 
 					showWelcome();

package/src/cmd/project/auth/generate.ts

@@ -0,0 +1,116 @@
+/**
+ * Generate auth schema SQL using drizzle-kit export
+ */
+
+import { z } from 'zod';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { createSubcommand } from '../../../types';
+import * as tui from '../../../tui';
+import { getCommand } from '../../../command-prefix';
+import { generateAuthSchemaSql, getGeneratedSqlDir } from './shared';
+
+export const generateSubcommand = createSubcommand({
+	name: 'generate',
+	description: 'Generate SQL schema for Agentuity Auth tables',
+	tags: ['slow'],
+	requires: { project: true },
+	examples: [
+		{
+			command: getCommand('project auth generate'),
+			description: 'Generate SQL schema and save to agentuity-auth-schema.sql',
+		},
+		{
+			command: getCommand('project auth generate --output ./migrations/auth.sql'),
+			description: 'Generate schema to a custom path',
+		},
+		{
+			command: getCommand('project auth generate --output -'),
+			description: 'Output SQL to stdout',
+		},
+	],
+	schema: {
+		options: z.object({
+			output: z
+				.string()
+				.optional()
+				.describe(
+					'Output path for generated SQL (default: ./agentuity-auth-schema.sql). Use "-" for stdout.'
+				),
+		}),
+		response: z.object({
+			success: z.boolean().describe('Whether generation succeeded'),
+			outputPath: z.string().optional().describe('Path where SQL was written'),
+		}),
+	},
+
+	async handler(ctx) {
+		const { logger, opts, projectDir, options } = ctx;
+		const explicitOutput = opts?.output as string | undefined;
+		const toStdout = explicitOutput === '-';
+		const isJson = options?.json === true;
+
+		if (!toStdout && !isJson) {
+			tui.newline();
+			tui.info(tui.bold('Agentuity Auth Schema Generation'));
+			tui.newline();
+		}
+
+		try {
+			const sql = isJson
+				? await generateAuthSchemaSql(projectDir)
+				: await tui.spinner({
+						message: 'Generating auth schema SQL from Drizzle schema',
+						clearOnSuccess: true,
+						callback: () => generateAuthSchemaSql(projectDir),
+					});
+
+			if (toStdout) {
+				console.log(sql);
+				return { success: true };
+			}
+
+			let outputPath: string;
+			let displayPath: string;
+
+			if (explicitOutput) {
+				outputPath = path.resolve(projectDir, explicitOutput);
+				displayPath = explicitOutput;
+			} else {
+				const sqlOutputDir = await getGeneratedSqlDir(projectDir);
+				const sqlFileName = 'agentuity-auth-schema.sql';
+				outputPath = path.join(sqlOutputDir, sqlFileName);
+				displayPath =
+					sqlOutputDir === projectDir ? sqlFileName : path.relative(projectDir, outputPath);
+			}
+
+			fs.writeFileSync(outputPath, sql);
+
+			if (!isJson) {
+				tui.success(`Auth schema SQL saved to ${tui.bold(displayPath)}`);
+				tui.newline();
+				tui.info('Next steps:');
+				console.log('  1. Review the generated SQL file');
+				console.log('  2. Run the SQL against your database');
+				console.log(`     ${tui.muted('Or use: agentuity project auth init')}`);
+				tui.newline();
+			}
+
+			return { success: true, outputPath };
+		} catch (error) {
+			logger.error('Schema generation failed', { error });
+
+			if (!isJson) {
+				tui.error(
+					`Schema generation failed: ${error instanceof Error ? error.message : 'Unknown error'}`
+				);
+				tui.newline();
+				tui.info('Make sure you have:');
+				console.log('  1. @agentuity/auth installed as a dependency');
+				console.log('  2. drizzle-kit available (installed with @agentuity/auth)');
+			}
+
+			return { success: false };
+		}
+	},
+});

package/src/cmd/project/auth/index.ts

@@ -0,0 +1,21 @@
+import { createCommand } from '../../../types';
+import { initSubcommand } from './init';
+import { generateSubcommand } from './generate';
+import { getCommand } from '../../../command-prefix';
+
+export const authCommand = createCommand({
+	name: 'auth',
+	description: 'Manage project authentication (Agentuity Auth)',
+	tags: ['slow', 'requires-auth'],
+	examples: [
+		{
+			command: getCommand('project auth init'),
+			description: 'Set up Agentuity Auth for an existing project',
+		},
+		{
+			command: getCommand('project auth generate'),
+			description: 'Generate SQL schema for auth tables',
+		},
+	],
+	subcommands: [initSubcommand, generateSubcommand],
+});

package/src/cmd/project/auth/init.ts

@@ -0,0 +1,263 @@
+import { z } from 'zod';
+import { createSubcommand } from '../../../types';
+import * as tui from '../../../tui';
+import { getCommand } from '../../../command-prefix';
+import {
+	selectOrCreateDatabase,
+	ensureAuthDependencies,
+	runAuthMigrations,
+	generateAuthFileContent,
+	printIntegrationExamples,
+	detectOrmSetup,
+	generateAuthSchemaSql,
+	getGeneratedSqlDir,
+} from './shared';
+import enquirer from 'enquirer';
+import * as fs from 'fs';
+import * as path from 'path';
+
+export const initSubcommand = createSubcommand({
+	name: 'init',
+	description: 'Set up Agentuity Auth for your project',
+	tags: ['mutating', 'slow', 'requires-auth'],
+	requires: { auth: true, org: true, region: true },
+	idempotent: false,
+	examples: [
+		{
+			command: getCommand('project auth init'),
+			description: 'Set up Agentuity Auth with database selection',
+		},
+	],
+	schema: {
+		options: z.object({
+			skipMigrations: z
+				.boolean()
+				.optional()
+				.describe(
+					'Skip running database migrations (run `agentuity project auth generate` later)'
+				),
+		}),
+		response: z.object({
+			success: z.boolean().describe('Whether setup succeeded'),
+			database: z.string().optional().describe('Database name used'),
+			authFileCreated: z.boolean().describe('Whether auth.ts was created'),
+			migrationsRun: z.boolean().describe('Whether migrations were run'),
+		}),
+	},
+
+	async handler(ctx) {
+		const { logger, opts, auth, orgId, region } = ctx;
+
+		tui.newline();
+		tui.info(tui.bold('Agentuity Auth Setup'));
+		tui.newline();
+		tui.info('This will:');
+		console.log('  • Ensure you have a Postgres database configured');
+		console.log('  • Install @agentuity/auth');
+		console.log('  • Run database migrations to create auth tables');
+		console.log('  • Show you how to wire auth into your API and UI');
+		tui.newline();
+
+		const projectDir = process.cwd();
+
+		// Check for package.json
+		const packageJsonPath = path.join(projectDir, 'package.json');
+		if (!fs.existsSync(packageJsonPath)) {
+			tui.fatal('No package.json found. Run this command from your project root.');
+		}
+
+		// Step 1: Check for DATABASE_URL or select/create database
+		let databaseUrl = process.env.DATABASE_URL;
+
+		if (!databaseUrl) {
+			// Check .env file
+			const envPath = path.join(projectDir, '.env');
+			if (fs.existsSync(envPath)) {
+				const envContent = fs.readFileSync(envPath, 'utf-8');
+				const match = envContent.match(/^DATABASE_URL=(.+)$/m);
+				if (match) {
+					databaseUrl = match[1].trim().replace(/^["']|["']$/g, '');
+				}
+			}
+		}
+
+		// Show database picker (with existing as first option if configured)
+		const dbInfo = await selectOrCreateDatabase({
+			logger,
+			auth,
+			orgId,
+			region,
+			existingUrl: databaseUrl,
+		});
+
+		const databaseName = dbInfo.name;
+
+		// Update .env with database URL
+		const envPath = path.join(projectDir, '.env');
+		let envContent = '';
+
+		if (fs.existsSync(envPath)) {
+			envContent = fs.readFileSync(envPath, 'utf-8');
+			if (!envContent.endsWith('\n') && envContent.length > 0) {
+				envContent += '\n';
+			}
+		}
+
+		// Check if DATABASE_URL already exists
+		const hasDatabaseUrl = envContent.match(/^DATABASE_URL=/m);
+
+		if (dbInfo.url !== databaseUrl || !hasDatabaseUrl) {
+			if (hasDatabaseUrl) {
+				// DATABASE_URL exists, use AUTH_DATABASE_URL instead
+				envContent += `AUTH_DATABASE_URL="${dbInfo.url}"\n`;
+				fs.writeFileSync(envPath, envContent);
+				tui.success('AUTH_DATABASE_URL added to .env');
+				tui.warning(
+					`DATABASE_URL already exists. Update your ${tui.bold('src/auth.ts')} to use AUTH_DATABASE_URL.`
+				);
+			} else {
+				envContent += `DATABASE_URL="${dbInfo.url}"\n`;
+				fs.writeFileSync(envPath, envContent);
+				tui.success('DATABASE_URL added to .env');
+			}
+		} else {
+			tui.success(`Using database: ${databaseName}`);
+		}
+
+		// Add AGENTUITY_AUTH_SECRET if not present
+		// Re-read envContent to get latest state
+		envContent = fs.existsSync(envPath) ? fs.readFileSync(envPath, 'utf-8') : '';
+		if (!envContent.endsWith('\n') && envContent.length > 0) {
+			envContent += '\n';
+		}
+
+		const hasAuthSecret =
+			envContent.match(/^AGENTUITY_AUTH_SECRET=/m) || envContent.match(/^BETTER_AUTH_SECRET=/m);
+		if (!hasAuthSecret) {
+			const devSecret = `dev-${crypto.randomUUID()}-CHANGE-ME`;
+			envContent += `AGENTUITY_AUTH_SECRET="${devSecret}"\n`;
+			fs.writeFileSync(envPath, envContent);
+			tui.success('AGENTUITY_AUTH_SECRET added to .env (development default)');
+			tui.warning(
+				`Replace ${tui.bold('AGENTUITY_AUTH_SECRET')} with a secure value before deploying.`
+			);
+			tui.info(`Generate one with: ${tui.muted('openssl rand -hex 32')}`);
+		}
+
+		// Step 2: Install dependencies
+		tui.newline();
+		await ensureAuthDependencies({ projectDir, logger });
+
+		// Step 3: Generate auth.ts if it doesn't exist
+		const authFilePath = path.join(projectDir, 'src', 'auth.ts');
+		let authFileCreated = false;
+
+		if (fs.existsSync(authFilePath)) {
+			tui.info('src/auth.ts already exists, skipping generation');
+		} else {
+			const { createFile } = await enquirer.prompt<{ createFile: boolean }>({
+				type: 'confirm',
+				name: 'createFile',
+				message: 'Create src/auth.ts with default configuration?',
+				initial: true,
+			});
+
+			if (createFile) {
+				// Ensure src directory exists
+				const srcDir = path.join(projectDir, 'src');
+				if (!fs.existsSync(srcDir)) {
+					fs.mkdirSync(srcDir, { recursive: true });
+				}
+
+				fs.writeFileSync(authFilePath, generateAuthFileContent());
+				tui.success('Created src/auth.ts');
+				authFileCreated = true;
+			}
+		}
+
+		// Step 4: Run migrations (ORM-aware)
+		let migrationsRun = false;
+
+		if (opts.skipMigrations) {
+			tui.info('Skipping migrations (run `agentuity project auth generate` later)');
+		} else if (databaseName) {
+			tui.newline();
+
+			const ormSetup = await detectOrmSetup(projectDir);
+
+			if (ormSetup === 'drizzle') {
+				tui.info(tui.bold('Drizzle detected in your project.'));
+				tui.newline();
+				console.log(
+					'  Since you manage your own Drizzle schema, add authSchema to your schema:'
+				);
+				tui.newline();
+				console.log(tui.muted("    import * as authSchema from '@agentuity/auth/schema';"));
+				console.log(tui.muted('    export const schema = { ...authSchema, ...yourSchema };'));
+				tui.newline();
+				console.log('  Then run migrations:');
+				console.log(tui.muted('    bunx drizzle-kit push'));
+				tui.newline();
+			} else if (ormSetup === 'prisma') {
+				tui.info(tui.bold('Prisma detected in your project.'));
+				tui.newline();
+
+				const sql = await tui.spinner({
+					message: 'Preparing auth database schema...',
+					clearOnSuccess: true,
+					callback: () => generateAuthSchemaSql(projectDir),
+				});
+
+				const sqlOutputDir = await getGeneratedSqlDir(projectDir);
+				const sqlFileName = 'agentuity-auth-schema.sql';
+				const sqlFilePath = path.join(sqlOutputDir, sqlFileName);
+				const relativePath =
+					sqlOutputDir === projectDir ? sqlFileName : path.relative(projectDir, sqlFilePath);
+				fs.writeFileSync(sqlFilePath, sql);
+				tui.success(`Auth schema SQL saved to ${tui.bold(relativePath)}`);
+				tui.newline();
+				console.log('  Run this SQL against your database to create auth tables.');
+				tui.newline();
+			} else {
+				const { runMigrations } = await enquirer.prompt<{ runMigrations: boolean }>({
+					type: 'confirm',
+					name: 'runMigrations',
+					message: 'Run database migrations now? (idempotent, safe to re-run)',
+					initial: true,
+				});
+
+				if (runMigrations) {
+					const sql = await tui.spinner({
+						message: 'Preparing auth database schema...',
+						clearOnSuccess: true,
+						callback: () => generateAuthSchemaSql(projectDir),
+					});
+
+					await runAuthMigrations({
+						logger,
+						auth,
+						orgId,
+						region,
+						databaseName,
+						sql,
+					});
+					migrationsRun = true;
+				}
+			}
+		} else {
+			tui.warning(
+				'Could not determine database name. Run `agentuity project auth generate` manually.'
+			);
+		}
+
+		// Step 5: Print integration examples
+		printIntegrationExamples();
+
+		return {
+			success: true,
+			database: databaseName,
+			authFileCreated,
+			migrationsRun,
+		};
+	},
+});