@aifabrix/builder 2.10.1 → 2.20.0

package/lib/app-register.js

@@ -8,376 +8,98 @@
  * @version 2.0.0
  */
 
-const fs = require('fs').promises;
-const path = require('path');
 const chalk = require('chalk');
-const yaml = require('js-yaml');
-const { getConfig } = require('./config');
-const { authenticatedApiCall } = require('./utils/api');
-const { formatApiError } = require('./utils/api-error-handler');
 const logger = require('./utils/logger');
 const { saveLocalSecret, isLocalhost } = require('./utils/local-secrets');
 const { updateEnvTemplate } = require('./utils/env-template');
-const { getOrRefreshDeviceToken } = require('./utils/token-manager');
-const { detectAppType } = require('./utils/paths');
 const { generateEnvFile } = require('./secrets');
-const applicationSchema = require('./schema/application-schema.json');
-
-// Import createApp to auto-generate config if missing
-let createApp;
-try {
-  createApp = require('./app').createApp;
-} catch {
-  createApp = null;
-}
-
-// Extract valid enum values from application schema
-const validTypes = applicationSchema.properties.type.enum || [];
-const validRegistryModes = applicationSchema.properties.registryMode.enum || [];
-const portConstraints = {
-  minimum: applicationSchema.properties.port?.minimum || 1,
-  maximum: applicationSchema.properties.port?.maximum || 65535
-};
-
-/**
- * Validation schema for application registration
- * Validates according to application-schema.json
- */
-const registerApplicationSchema = {
-  environmentId: (val) => {
-    if (!val || val.length < 1) {
-      throw new Error('Invalid environment ID format');
-    }
-    return val;
-  },
-  key: (val) => {
-    if (!val || val.length < 1) {
-      throw new Error('Application key is required');
-    }
-    const keyPattern = applicationSchema.properties.key.pattern;
-    const keyMaxLength = applicationSchema.properties.key.maxLength || 50;
-    if (val.length > keyMaxLength) {
-      throw new Error(`Application key must be at most ${keyMaxLength} characters`);
-    }
-    if (keyPattern && !new RegExp(keyPattern).test(val)) {
-      throw new Error('Application key must contain only lowercase letters, numbers, and hyphens');
-    }
-    return val;
-  },
-  displayName: (val) => {
-    if (!val || val.length < 1) {
-      throw new Error('Display name is required');
-    }
-    const displayNameMaxLength = applicationSchema.properties.displayName.maxLength || 100;
-    if (val.length > displayNameMaxLength) {
-      throw new Error(`Display name must be at most ${displayNameMaxLength} characters`);
-    }
-    return val;
-  },
-  description: (val) => val || undefined,
-  configuration: (val) => {
-    if (!val || !val.type || !validTypes.includes(val.type)) {
-      throw new Error(`Configuration type must be one of: ${validTypes.join(', ')}`);
-    }
-    if (!val.registryMode || !validRegistryModes.includes(val.registryMode)) {
-      throw new Error(`Registry mode must be one of: ${validRegistryModes.join(', ')}`);
-    }
-    // Port validation: skip for external type (external systems don't need ports)
-    // For other types, port is required and must be valid
-    if (val.type !== 'external') {
-      if (val.port === undefined || val.port === null) {
-        throw new Error('Port is required for non-external application types');
-      }
-      if (!Number.isInteger(val.port) || val.port < portConstraints.minimum || val.port > portConstraints.maximum) {
-        throw new Error(`Port must be an integer between ${portConstraints.minimum} and ${portConstraints.maximum}`);
-      }
-    }
-    return val;
-  }
-};
+const { registerApplicationSchema, validateAppRegistrationData } = require('./utils/app-register-validator');
+const {
+  loadVariablesYaml,
+  createMinimalAppIfNeeded,
+  extractAppConfiguration
+} = require('./utils/app-register-config');
+const { checkAuthentication } = require('./utils/app-register-auth');
+const { callRegisterApi } = require('./utils/app-register-api');
+const { displayRegistrationResults, getEnvironmentPrefix } = require('./utils/app-register-display');
 
 /**
- * Load variables.yaml file for an application
- * @async
- * @param {string} appKey - Application key
- * @returns {Promise<{variables: Object, created: boolean}>} Variables and creation flag
- */
-async function loadVariablesYaml(appKey) {
-  // Detect app type and get correct path (integration or builder)
-  const { appPath } = await detectAppType(appKey);
-  const variablesPath = path.join(appPath, 'variables.yaml');
-
-  try {
-    const variablesContent = await fs.readFile(variablesPath, 'utf-8');
-    return { variables: yaml.load(variablesContent), created: false };
-  } catch (error) {
-    if (error.code === 'ENOENT') {
-      logger.log(chalk.yellow(`⚠️  variables.yaml not found for ${appKey}`));
-      logger.log(chalk.yellow('📝 Creating minimal configuration...\n'));
-      return { variables: null, created: true };
-    }
-    throw new Error(`Failed to read variables.yaml: ${error.message}`);
-  }
-}
-
-/**
- * Create minimal application configuration if needed
- * @async
- * @param {string} appKey - Application key
+ * Build registration data payload from app configuration
+ * @param {Object} appConfig - Application configuration
  * @param {Object} options - Registration options
- * @returns {Promise<Object>} Variables after creation
+ * @returns {Object} Registration data payload
  */
-async function createMinimalAppIfNeeded(appKey, options) {
-  if (!createApp) {
-    throw new Error('Cannot auto-create application: createApp function not available');
-  }
-
-  await createApp(appKey, {
-    port: options.port,
-    language: 'typescript',
-    database: false,
-    redis: false,
-    storage: false,
-    authentication: false
-  });
-
-  // Detect app type and get correct path (integration or builder)
-  const { appPath } = await detectAppType(appKey);
-  const variablesPath = path.join(appPath, 'variables.yaml');
-  const variablesContent = await fs.readFile(variablesPath, 'utf-8');
-  return yaml.load(variablesContent);
-}
-
-/**
- * Extract application configuration from variables.yaml
- * @param {Object} variables - Variables from YAML file
- * @param {string} appKey - Application key
- * @param {Object} options - Registration options
- * @returns {Object} Extracted configuration
- */
-function extractAppConfiguration(variables, appKey, options) {
-  const appKeyFromFile = variables.app?.key || appKey;
-  const displayName = variables.app?.name || options.name || appKey;
-  const description = variables.app?.description || '';
-
-  // Handle external type
-  if (variables.app?.type === 'external') {
-    return {
-      appKey: appKeyFromFile,
-      displayName,
-      description,
-      appType: 'external',
-      registryMode: 'external',
-      port: null, // External systems don't need ports
-      language: null // External systems don't need language
-    };
-  }
-
-  const appType = variables.build?.language === 'typescript' ? 'webapp' : 'service';
-  const registryMode = 'external';
-  const port = variables.build?.port || options.port || 3000;
-  const language = variables.build?.language || 'typescript';
-
-  return {
-    appKey: appKeyFromFile,
-    displayName,
-    description,
-    appType,
-    registryMode,
-    port,
-    language
+function buildRegistrationData(appConfig, options) {
+  const registrationData = {
+    key: appConfig.appKey,
+    displayName: appConfig.displayName,
+    type: appConfig.appType
   };
-}
-
-/**
- * Validate application registration data
- * @async
- * @param {Object} config - Application configuration
- * @param {string} originalAppKey - Original app key for error messages
- * @throws {Error} If validation fails
- */
-async function validateAppRegistrationData(config, originalAppKey) {
-  const missingFields = [];
-  if (!config.appKey) missingFields.push('app.key');
-  if (!config.displayName) missingFields.push('app.name');
-
-  if (missingFields.length > 0) {
-    logger.error(chalk.red('❌ Missing required fields in variables.yaml:'));
-    missingFields.forEach(field => logger.error(chalk.red(`   - ${field}`)));
-    // Detect app type to show correct path
-    const { appPath } = await detectAppType(originalAppKey);
-    const relativePath = path.relative(process.cwd(), appPath);
-    logger.error(chalk.red(`\n   Please update ${relativePath}/variables.yaml and try again.`));
-    process.exit(1);
-  }
 
-  try {
-    registerApplicationSchema.key(config.appKey);
-    registerApplicationSchema.displayName(config.displayName);
-    registerApplicationSchema.configuration({
-      type: config.appType,
-      registryMode: config.registryMode,
-      port: config.port
-    });
-  } catch (error) {
-    logger.error(chalk.red(`❌ Invalid configuration: ${error.message}`));
-    process.exit(1);
+  // Add optional fields only if they have values
+  if (appConfig.description || options.description) {
+    registrationData.description = appConfig.description || options.description;
   }
-}
-
-/**
- * Check if user is authenticated and get token
- * @async
- * @param {string} [controllerUrl] - Optional controller URL from variables.yaml
- * @param {string} [environment] - Optional environment key
- * @returns {Promise<{apiUrl: string, token: string}>} Configuration with API URL and token
- */
-async function checkAuthentication(controllerUrl, environment) {
-  const config = await getConfig();
-
-  // Try to get controller URL from parameter, config, or device tokens
-  let finalControllerUrl = controllerUrl;
-  let token = null;
 
-  // If controller URL provided, try to get device token
-  if (finalControllerUrl) {
-    const deviceToken = await getOrRefreshDeviceToken(finalControllerUrl);
-    if (deviceToken && deviceToken.token) {
-      token = deviceToken.token;
-      finalControllerUrl = deviceToken.controller;
+  // Handle external type vs non-external types differently
+  if (appConfig.appType === 'external') {
+    // For external type: include externalIntegration, exclude registryMode/port/image
+    if (appConfig.externalIntegration) {
+      registrationData.externalIntegration = appConfig.externalIntegration;
     }
-  }
+  } else {
+    // For non-external types: include registryMode, port, image
+    registrationData.registryMode = appConfig.registryMode;
 
-  // If no token yet, try to find any device token in config
-  if (!token && config.device) {
-    const deviceUrls = Object.keys(config.device);
-    if (deviceUrls.length > 0) {
-      // Use first available device token
-      finalControllerUrl = deviceUrls[0];
-      const deviceToken = await getOrRefreshDeviceToken(finalControllerUrl);
-      if (deviceToken && deviceToken.token) {
-        token = deviceToken.token;
-        finalControllerUrl = deviceToken.controller;
-      }
+    // Port is required for non-external types
+    if (appConfig.port) {
+      registrationData.port = appConfig.port;
     }
-  }
-
-  // If still no token, check for client token (requires environment and app)
-  if (!token && environment) {
-    // For app register, we don't have an app yet, so client tokens won't work
-    // This is expected - device tokens should be used for registration
-  }
 
-  if (!token || !finalControllerUrl) {
-    logger.error(chalk.red('❌ Not logged in. Run: aifabrix login'));
-    logger.error(chalk.gray('   Use device code flow: aifabrix login --method device --controller <url>'));
-    process.exit(1);
+    // Image is required for non-external types
+    if (appConfig.image) {
+      registrationData.image = appConfig.image;
+    }
   }
 
-  return {
-    apiUrl: finalControllerUrl,
-    token: token
-  };
+  return registrationData;
 }
 
 /**
- * Call registration API
+ * Save credentials to local secrets if localhost
  * @async
+ * @param {Object} responseData - Registration response data
  * @param {string} apiUrl - API URL
- * @param {string} token - Authentication token
- * @param {string} environment - Environment ID
- * @param {Object} registrationData - Registration data
- * @returns {Promise<Object>} API response
  */
-async function callRegisterApi(apiUrl, token, environment, registrationData) {
-  const response = await authenticatedApiCall(
-    `${apiUrl}/api/v1/environments/${encodeURIComponent(environment)}/applications/register`,
-    {
-      method: 'POST',
-      body: JSON.stringify(registrationData)
-    },
-    token
-  );
-
-  if (!response.success) {
-    const formattedError = response.formattedError || formatApiError(response);
-    logger.error(formattedError);
-    process.exit(1);
+async function saveLocalCredentials(responseData, apiUrl) {
+  if (!isLocalhost(apiUrl)) {
+    return;
   }
 
-  // Handle API response structure:
-  // makeApiCall returns: { success: true, data: <API response> }
-  // API response can be:
-  // 1. Direct format: { application: {...}, credentials: {...} }
-  // 2. Wrapped format: { success: true, data: { application: {...}, credentials: {...} } }
-  const apiResponse = response.data;
-  if (apiResponse && apiResponse.data && apiResponse.data.application) {
-    // Wrapped format: use apiResponse.data
-    return apiResponse.data;
-  } else if (apiResponse && apiResponse.application) {
-    // Direct format: use apiResponse directly
-    return apiResponse;
-  }
-  // Fallback: return apiResponse as-is (shouldn't happen, but handle gracefully)
-  logger.error(chalk.red('❌ Invalid response: missing application data'));
-  logger.error(chalk.gray('\nFull response for debugging:'));
-  logger.error(chalk.gray(JSON.stringify(response, null, 2)));
-  process.exit(1);
-
-}
-
-/**
- * Get environment prefix for GitHub Secrets
- * @param {string} environment - Environment key (e.g., 'dev', 'tst', 'pro', 'miso')
- * @returns {string} Uppercase prefix (e.g., 'DEV', 'TST', 'PRO', 'MISO')
- */
-function getEnvironmentPrefix(environment) {
-  if (!environment) {
-    return 'DEV';
-  }
-  // Convert to uppercase and handle common variations
-  const env = environment.toLowerCase();
-  if (env === 'dev' || env === 'development') {
-    return 'DEV';
-  }
-  if (env === 'tst' || env === 'test' || env === 'staging') {
-    return 'TST';
-  }
-  if (env === 'pro' || env === 'prod' || env === 'production') {
-    return 'PRO';
-  }
-  // For other environments (e.g., 'miso'), uppercase the entire string
-  // Use full string if 4 characters or less, otherwise use first 4 characters
-  const upper = environment.toUpperCase();
-  return upper.length <= 4 ? upper : upper.substring(0, 4);
-}
+  const registeredAppKey = responseData.application.key;
+  const clientIdKey = `${registeredAppKey}-client-idKeyVault`;
+  const clientSecretKey = `${registeredAppKey}-client-secretKeyVault`;
 
-/**
- * Display registration success and credentials
- * @param {Object} data - Registration response data
- * @param {string} apiUrl - API URL
- * @param {string} environment - Environment key
- */
-function displayRegistrationResults(data, apiUrl, environment) {
-  logger.log(chalk.green('✅ Application registered successfully!\n'));
-  logger.log(chalk.bold('📋 Application Details:'));
-  logger.log(`   ID:           ${data.application.id}`);
-  logger.log(`   Key:          ${data.application.key}`);
-  logger.log(`   Display Name: ${data.application.displayName}\n`);
+  try {
+    await saveLocalSecret(clientIdKey, responseData.credentials.clientId);
+    await saveLocalSecret(clientSecretKey, responseData.credentials.clientSecret);
 
-  logger.log(chalk.bold.yellow('🔑 CREDENTIALS (save these immediately):'));
-  logger.log(chalk.yellow(`   Client ID:     ${data.credentials.clientId}`));
-  logger.log(chalk.yellow(`   Client Secret: ${data.credentials.clientSecret}\n`));
+    // Update env.template
+    await updateEnvTemplate(registeredAppKey, clientIdKey, clientSecretKey, apiUrl);
 
-  logger.log(chalk.red('⚠️  IMPORTANT: Client Secret will not be shown again!\n'));
+    // Regenerate .env file with updated credentials
+    try {
+      await generateEnvFile(registeredAppKey, null, 'local');
+      logger.log(chalk.green('✓ .env file updated with new credentials'));
+    } catch (error) {
+      logger.warn(chalk.yellow(`⚠️  Could not regenerate .env file: ${error.message}`));
+    }
 
-  const envPrefix = getEnvironmentPrefix(environment);
-  logger.log(chalk.bold('📝 Add to GitHub Secrets:'));
-  logger.log(chalk.cyan('   Repository level:'));
-  logger.log(chalk.cyan(`     MISO_CONTROLLER_URL = ${apiUrl}`));
-  logger.log(chalk.cyan(`\n   Environment level (${environment}):`));
-  logger.log(chalk.cyan(`     ${envPrefix}_MISO_CLIENTID = ${data.credentials.clientId}`));
-  logger.log(chalk.cyan(`     ${envPrefix}_MISO_CLIENTSECRET = ${data.credentials.clientSecret}\n`));
+    logger.log(chalk.green('\n✓ Credentials saved to ~/.aifabrix/secrets.local.yaml'));
+    logger.log(chalk.green('✓ env.template updated with MISO_CLIENTID, MISO_CLIENTSECRET, and MISO_CONTROLLER_URL\n'));
+  } catch (error) {
+    logger.warn(chalk.yellow(`⚠️  Could not save credentials locally: ${error.message}`));
+  }
 }
 
 /**
@@ -396,49 +118,21 @@ async function registerApplication(appKey, options) {
 
   // Load variables.yaml
   const { variables, created } = await loadVariablesYaml(appKey);
-  let finalVariables = variables;
-
-  // Create minimal app if needed
-  if (created) {
-    finalVariables = await createMinimalAppIfNeeded(appKey, options);
-  }
+  const finalVariables = created
+    ? await createMinimalAppIfNeeded(appKey, options)
+    : variables;
 
-  // Extract configuration
-  const appConfig = extractAppConfiguration(finalVariables, appKey, options);
-
-  // Validate configuration (pass original appKey for error messages)
+  // Extract and validate configuration
+  const appConfig = await extractAppConfiguration(finalVariables, appKey, options);
   await validateAppRegistrationData(appConfig, appKey);
 
-  // Get controller URL from variables.yaml if available
+  // Authenticate and get API configuration
   const controllerUrl = finalVariables?.deployment?.controllerUrl;
-
-  // Check authentication (try device token first, supports registration flow)
   const authConfig = await checkAuthentication(controllerUrl, options.environment);
-
-  // Validate environment
   const environment = registerApplicationSchema.environmentId(options.environment);
 
-  // Prepare registration data to match OpenAPI RegisterApplicationRequest schema
-  // Schema: { key, displayName, description?, configuration: { type, registryMode, port?, image? } }
-  const registrationData = {
-    key: appConfig.appKey,
-    displayName: appConfig.displayName,
-    configuration: {
-      type: appConfig.appType,
-      registryMode: appConfig.registryMode
-    }
-  };
-
-  // Add optional fields only if they have values
-  if (appConfig.description || options.description) {
-    registrationData.description = appConfig.description || options.description;
-  }
-
-  if (appConfig.port) {
-    registrationData.configuration.port = appConfig.port;
-  }
-
   // Register application
+  const registrationData = buildRegistrationData(appConfig, options);
   const responseData = await callRegisterApi(
     authConfig.apiUrl,
     authConfig.token,
@@ -446,35 +140,8 @@ async function registerApplication(appKey, options) {
     registrationData
   );
 
-  // Save credentials to local secrets if localhost
-  if (isLocalhost(authConfig.apiUrl)) {
-    const registeredAppKey = responseData.application.key;
-    const clientIdKey = `${registeredAppKey}-client-idKeyVault`;
-    const clientSecretKey = `${registeredAppKey}-client-secretKeyVault`;
-
-    try {
-      await saveLocalSecret(clientIdKey, responseData.credentials.clientId);
-      await saveLocalSecret(clientSecretKey, responseData.credentials.clientSecret);
-
-      // Update env.template
-      await updateEnvTemplate(registeredAppKey, clientIdKey, clientSecretKey, authConfig.apiUrl);
-
-      // Regenerate .env file with updated credentials
-      try {
-        await generateEnvFile(registeredAppKey, null, 'local');
-        logger.log(chalk.green('✓ .env file updated with new credentials'));
-      } catch (error) {
-        logger.warn(chalk.yellow(`⚠️  Could not regenerate .env file: ${error.message}`));
-      }
-
-      logger.log(chalk.green('\n✓ Credentials saved to ~/.aifabrix/secrets.local.yaml'));
-      logger.log(chalk.green('✓ env.template updated with MISO_CLIENTID, MISO_CLIENTSECRET, and MISO_CONTROLLER_URL\n'));
-    } catch (error) {
-      logger.warn(chalk.yellow(`⚠️  Could not save credentials locally: ${error.message}`));
-    }
-  }
-
-  // Display results
+  // Save credentials and display results
+  await saveLocalCredentials(responseData, authConfig.apiUrl);
   displayRegistrationResults(responseData, authConfig.apiUrl, environment);
 }
 

package/lib/app-rotate-secret.js

@@ -11,7 +11,7 @@
 const chalk = require('chalk');
 const { getConfig } = require('./config');
 const { getOrRefreshDeviceToken } = require('./utils/token-manager');
-const { authenticatedApiCall } = require('./utils/api');
+const { rotateApplicationSecret } = require('./api/applications.api');
 const { formatApiError } = require('./utils/api-error-handler');
 const logger = require('./utils/logger');
 const { saveLocalSecret, isLocalhost } = require('./utils/local-secrets');
@@ -115,15 +115,9 @@ async function rotateSecret(appKey, options) {
   // Validate environment
   validateEnvironment(options.environment);
 
-  // OpenAPI spec: POST /api/v1/environments/{envKey}/applications/{appKey}/rotate-secret
-  // Path parameters: envKey, appKey (no query parameters)
-  const response = await authenticatedApiCall(
-    `${controllerUrl}/api/v1/environments/${encodeURIComponent(options.environment)}/applications/${encodeURIComponent(appKey)}/rotate-secret`,
-    {
-      method: 'POST'
-    },
-    token
-  );
+  // Use centralized API client
+  const authConfig = { type: 'bearer', token: token };
+  const response = await rotateApplicationSecret(controllerUrl, options.environment, appKey, authConfig);
 
   if (!response.success) {
     const formattedError = response.formattedError || formatApiError(response);

package/lib/commands/login.js

@@ -13,7 +13,8 @@ const inquirer = require('inquirer');
 const chalk = require('chalk');
 const ora = require('ora');
 const { setCurrentEnvironment, saveDeviceToken, saveClientToken } = require('../config');
-const { makeApiCall, initiateDeviceCodeFlow, pollDeviceCodeToken, displayDeviceCodeInfo } = require('../utils/api');
+const { getToken, initiateDeviceCodeFlow } = require('../api/auth.api');
+const { pollDeviceCodeToken, displayDeviceCodeInfo } = require('../utils/api');
 const { formatApiError } = require('../utils/api-error-handler');
 const { loadClientCredentials } = require('../utils/token-manager');
 const logger = require('../utils/logger');
@@ -187,16 +188,8 @@ async function handleCredentialsLogin(controllerUrl, appName, clientId, clientSe
     credentials = await promptForCredentials(clientId, clientSecret);
   }
 
-  // OpenAPI spec: POST /api/v1/auth/token with x-client-id and x-client-secret headers
-  // Response: { success: boolean, token: string, expiresIn: number, expiresAt: string, timestamp: string }
-  const response = await makeApiCall(`${controllerUrl}/api/v1/auth/token`, {
-    method: 'POST',
-    headers: {
-      'Content-Type': 'application/json',
-      'x-client-id': credentials.clientId,
-      'x-client-secret': credentials.clientSecret
-    }
-  });
+  // Use centralized API client for token generation
+  const response = await getToken(credentials.clientId, credentials.clientSecret, controllerUrl);
 
   if (!response.success) {
     const formattedError = response.formattedError || formatApiError(response);
@@ -346,7 +339,21 @@ async function handleDeviceCodeLogin(controllerUrl, environment, offline, scope)
   }
 
   try {
-    const deviceCodeResponse = await initiateDeviceCodeFlow(controllerUrl, envKey, requestScope);
+    // Use centralized API client for device code flow initiation
+    const deviceCodeApiResponse = await initiateDeviceCodeFlow(controllerUrl, envKey, requestScope);
+
+    // Handle API response format: { success: boolean, data: DeviceCodeResponse }
+    const apiResponse = deviceCodeApiResponse.data;
+    const deviceCodeData = apiResponse.data || apiResponse;
+
+    // Convert camelCase from API to snake_case for compatibility with existing code
+    const deviceCodeResponse = {
+      device_code: deviceCodeData.deviceCode || deviceCodeData.device_code,
+      user_code: deviceCodeData.userCode || deviceCodeData.user_code,
+      verification_uri: deviceCodeData.verificationUri || deviceCodeData.verification_uri,
+      expires_in: deviceCodeData.expiresIn || deviceCodeData.expires_in || 600,
+      interval: deviceCodeData.interval || 5
+    };
 
     displayDeviceCodeInfo(deviceCodeResponse.user_code, deviceCodeResponse.verification_uri, logger, chalk);
 

package/lib/datasource-deploy.js

@@ -12,7 +12,8 @@
 const fs = require('fs');
 const chalk = require('chalk');
 const { getDeploymentAuth } = require('./utils/token-manager');
-const { authenticatedApiCall } = require('./utils/api');
+const { getEnvironmentApplication } = require('./api/environments.api');
+const { publishDatasourceViaPipeline } = require('./api/pipeline.api');
 const { formatApiError } = require('./utils/api-error-handler');
 const logger = require('./utils/logger');
 const { validateDatasourceFile } = require('./datasource-validate');
@@ -30,18 +31,8 @@ const { validateDatasourceFile } = require('./datasource-validate');
  * @throws {Error} If dataplane URL cannot be retrieved
  */
 async function getDataplaneUrl(controllerUrl, appKey, environment, authConfig) {
-  // Call controller API to get application details
-  // Expected: GET /api/v1/environments/{env}/applications/{appKey}
-  const endpoint = `${controllerUrl}/api/v1/environments/${environment}/applications/${appKey}`;
-
-  let response;
-  if (authConfig.type === 'bearer' && authConfig.token) {
-    response = await authenticatedApiCall(endpoint, {}, authConfig.token);
-  } else {
-    // For credentials, we'd need to use a different API call method
-    // For now, use bearer token approach
-    throw new Error('Bearer token authentication required for getting dataplane URL');
-  }
+  // Call controller API to get application details using centralized API client
+  const response = await getEnvironmentApplication(controllerUrl, environment, appKey, authConfig);
 
   if (!response.success || !response.data) {
     const formattedError = response.formattedError || formatApiError(response);
@@ -129,24 +120,10 @@ async function deployDatasource(appKey, filePath, options) {
   const dataplaneUrl = await getDataplaneUrl(options.controller, appKey, options.environment, authConfig);
   logger.log(chalk.green(`✓ Dataplane URL: ${dataplaneUrl}`));
 
-  // Publish to dataplane (using publish endpoint)
+  // Publish to dataplane using pipeline workflow endpoint
   logger.log(chalk.blue('\n🚀 Publishing datasource to dataplane...'));
-  const publishEndpoint = `${dataplaneUrl}/api/v1/pipeline/${systemKey}/publish`;
-
-  // Prepare publish request - send datasource configuration directly
-  let publishResponse;
-  if (authConfig.type === 'bearer' && authConfig.token) {
-    publishResponse = await authenticatedApiCall(
-      publishEndpoint,
-      {
-        method: 'POST',
-        body: JSON.stringify(datasourceConfig)
-      },
-      authConfig.token
-    );
-  } else {
-    throw new Error('Bearer token authentication required for dataplane publish');
-  }
+
+  const publishResponse = await publishDatasourceViaPipeline(dataplaneUrl, systemKey, authConfig, datasourceConfig);
 
   if (!publishResponse.success) {
     const formattedError = publishResponse.formattedError || formatApiError(publishResponse);