@aifabrix/builder 2.31.1 → 2.32.2

package/lib/utils/env-copy.js

@@ -13,7 +13,7 @@ const path = require('path');
 const yaml = require('js-yaml');
 const chalk = require('chalk');
 const logger = require('./logger');
-const config = require('../config');
+const config = require('../core/config');
 const devConfig = require('../utils/dev-config');
 const { rewriteInfraEndpoints } = require('./env-endpoints');
 const { buildEnvVarMap } = require('./env-map');
@@ -126,23 +126,26 @@ function updateLocalhostUrls(envContent, baseAppPort, appPort) {
  * @param {Object} envVars - Existing env vars map
  * @returns {Object} Updated env vars map
  */
-function extractEnvVarsFromContent(envContent, envVars) {
-  const redisHostMatch = envContent.match(/^REDIS_HOST\s*=\s*([^\r\n$]+)/m);
-  const redisPortMatch = envContent.match(/^REDIS_PORT\s*=\s*([^\r\n$]+)/m);
-  const dbHostMatch = envContent.match(/^DB_HOST\s*=\s*([^\r\n$]+)/m);
-  const dbPortMatch = envContent.match(/^DB_PORT\s*=\s*([^\r\n$]+)/m);
-  if (redisHostMatch && redisHostMatch[1] && !redisHostMatch[1].includes('${')) {
-    envVars.REDIS_HOST = redisHostMatch[1].trim();
-  }
-  if (redisPortMatch && redisPortMatch[1] && !redisPortMatch[1].includes('${')) {
-    envVars.REDIS_PORT = redisPortMatch[1].trim();
-  }
-  if (dbHostMatch && dbHostMatch[1] && !dbHostMatch[1].includes('${')) {
-    envVars.DB_HOST = dbHostMatch[1].trim();
-  }
-  if (dbPortMatch && dbPortMatch[1] && !dbPortMatch[1].includes('${')) {
-    envVars.DB_PORT = dbPortMatch[1].trim();
+/**
+ * Extracts a single environment variable from content
+ * @function extractSingleEnvVar
+ * @param {string} envContent - Environment file content
+ * @param {string} varName - Variable name
+ * @param {Object} envVars - Environment variables object
+ */
+function extractSingleEnvVar(envContent, varName, envVars) {
+  const pattern = new RegExp(`^${varName}\\s*=\\s*([^\\r\\n$]+)`, 'm');
+  const match = envContent.match(pattern);
+  if (match && match[1] && !match[1].includes('${')) {
+    envVars[varName] = match[1].trim();
   }
+}
+
+function extractEnvVarsFromContent(envContent, envVars) {
+  extractSingleEnvVar(envContent, 'REDIS_HOST', envVars);
+  extractSingleEnvVar(envContent, 'REDIS_PORT', envVars);
+  extractSingleEnvVar(envContent, 'DB_HOST', envVars);
+  extractSingleEnvVar(envContent, 'DB_PORT', envVars);
   return envVars;
 }
 
@@ -205,7 +208,7 @@ async function processEnvVariables(envPath, variablesPath, appName, secretsPath)
 
   // Regenerate .env file with env=local instead of copying docker-generated file
   if (appName) {
-    const { generateEnvContent } = require('../secrets');
+    const { generateEnvContent } = require('../core/secrets');
     const localEnvContent = await generateEnvContent(appName, secretsPath, 'local', false);
     fs.writeFileSync(outputPath, localEnvContent, { mode: 0o600 });
     logger.log(chalk.green(`✓ Generated local .env at: ${variables.build.envOutputPath}`));

package/lib/utils/env-endpoints.js

@@ -11,7 +11,7 @@
 const fs = require('fs');
 const path = require('path');
 const yaml = require('js-yaml');
-const config = require('../config');
+const config = require('../core/config');
 const devConfig = require('../utils/dev-config');
 const { loadEnvConfig } = require('./env-config-loader');
 
@@ -75,22 +75,58 @@ function getLocalhostOverride(context) {
  * @param {Object} [devPorts] - Optional devPorts object with pre-adjusted ports
  * @returns {Promise<number>} Service port with developer-id adjustment (for local context only)
  */
-async function getServicePort(portKey, serviceName, hosts, context, devPorts) {
-  // If devPorts provided, use it (already has developer-id adjustment)
-  if (devPorts && typeof devPorts[serviceName] === 'number') {
-    return devPorts[serviceName];
-  }
-
-  // Get base port from config
-  let basePort = null;
+/**
+ * Gets base port from config or fallback
+ * @function getBasePortFromConfig
+ * @param {string} portKey - Port key
+ * @param {string} serviceName - Service name
+ * @param {Object} hosts - Hosts configuration
+ * @returns {number|null} Base port or null
+ */
+function getBasePortFromConfig(portKey, serviceName, hosts) {
   if (hosts[portKey] !== undefined && hosts[portKey] !== null) {
     const portVal = typeof hosts[portKey] === 'number' ? hosts[portKey] : parseInt(hosts[portKey], 10);
     if (!Number.isNaN(portVal)) {
-      basePort = portVal;
+      return portVal;
     }
   }
 
   // Last resort fallback to devConfig (only if not in config)
+  const basePorts = devConfig.getBasePorts();
+  return basePorts[serviceName] || null;
+}
+
+/**
+ * Applies developer-id adjustment to port
+ * @async
+ * @function applyDeveloperIdAdjustment
+ * @param {number} basePort - Base port
+ * @returns {Promise<number>} Adjusted port
+ */
+async function applyDeveloperIdAdjustment(basePort) {
+  try {
+    const devId = await config.getDeveloperId();
+    let devIdNum = 0;
+    if (devId !== null && devId !== undefined) {
+      const parsed = parseInt(devId, 10);
+      if (!Number.isNaN(parsed)) {
+        devIdNum = parsed;
+      }
+    }
+    return devIdNum === 0 ? basePort : (basePort + (devIdNum * 100));
+  } catch {
+    return basePort;
+  }
+}
+
+async function getServicePort(portKey, serviceName, hosts, context, devPorts) {
+  // If devPorts provided, use it (already has developer-id adjustment)
+  if (devPorts && typeof devPorts[serviceName] === 'number') {
+    return devPorts[serviceName];
+  }
+
+  // Get base port from config
+  let basePort = getBasePortFromConfig(portKey, serviceName, hosts);
   if (basePort === null || basePort === undefined) {
     const basePorts = devConfig.getBasePorts();
     basePort = basePorts[serviceName];
@@ -98,19 +134,7 @@ async function getServicePort(portKey, serviceName, hosts, context, devPorts) {
 
   // Apply developer-id adjustment only for local context
   if (context === 'local') {
-    try {
-      const devId = await config.getDeveloperId();
-      let devIdNum = 0;
-      if (devId !== null && devId !== undefined) {
-        const parsed = parseInt(devId, 10);
-        if (!Number.isNaN(parsed)) {
-          devIdNum = parsed;
-        }
-      }
-      return devIdNum === 0 ? basePort : (basePort + (devIdNum * 100));
-    } catch {
-      return basePort;
-    }
+    return await applyDeveloperIdAdjustment(basePort);
   }
 
   // For docker context, return base port without adjustment
@@ -144,9 +168,14 @@ function getServiceHost(host, context, defaultHost, localhostOverride) {
  * @param {number} dbPort - Database port
  * @returns {string} Updated content
  */
-function updateEndpointVariables(envContent, redisHost, redisPort, dbHost, dbPort) {
-  let updated = envContent;
-
+/**
+ * Updates Redis-related variables
+ * @function updateRedisVariables
+ * @param {string} updated - Current content
+ * @param {string} redisHost - Redis host
+ * @returns {string} Updated content
+ */
+function updateRedisVariables(updated, redisHost) {
   // Update REDIS_URL if present
   if (/^REDIS_URL\s*=.*$/m.test(updated)) {
     updated = updated.replace(
@@ -156,31 +185,31 @@ function updateEndpointVariables(envContent, redisHost, redisPort, dbHost, dbPor
   }
 
   // Update REDIS_HOST if present
-  // If the original has host:port pattern, use ${VAR} references
-  // Otherwise, just set the host value
   if (/^REDIS_HOST\s*=.*$/m.test(updated)) {
     const hostPortMatch = updated.match(/^REDIS_HOST\s*=\s*([a-zA-Z0-9_.-]+):\d+$/m);
     const hasPortPattern = !!hostPortMatch;
     if (hasPortPattern) {
-      // Original had host:port pattern, use ${VAR} references
       updated = updated.replace(
         /^REDIS_HOST\s*=\s*.*$/m,
         'REDIS_HOST=${REDIS_HOST}:${REDIS_PORT}'
       );
     } else {
-      // Just host, set actual value
       updated = updated.replace(/^REDIS_HOST\s*=\s*.*$/m, `REDIS_HOST=${redisHost}`);
     }
   }
 
-  // Update REDIS_PORT if present
-  if (/^REDIS_PORT\s*=.*$/m.test(updated)) {
-    updated = updated.replace(
-      /^REDIS_PORT\s*=\s*.*$/m,
-      `REDIS_PORT=${redisPort}`
-    );
-  }
+  return updated;
+}
 
+/**
+ * Updates database host/port variables
+ * @function updateDatabaseVariables
+ * @param {string} updated - Current content
+ * @param {string} dbHost - Database host
+ * @param {number} dbPort - Database port
+ * @returns {string} Updated content
+ */
+function updateDatabaseVariables(updated, dbHost, dbPort) {
   // Update DB_HOST if present
   if (/^DB_HOST\s*=.*$/m.test(updated)) {
     updated = updated.replace(/^DB_HOST\s*=\s*.*$/m, `DB_HOST=${dbHost}`);
@@ -188,58 +217,77 @@ function updateEndpointVariables(envContent, redisHost, redisPort, dbHost, dbPor
 
   // Update DB_PORT if present
   if (/^DB_PORT\s*=.*$/m.test(updated)) {
-    updated = updated.replace(
-      /^DB_PORT\s*=\s*.*$/m,
-      `DB_PORT=${dbPort}`
-    );
+    updated = updated.replace(/^DB_PORT\s*=\s*.*$/m, `DB_PORT=${dbPort}`);
+  }
+
+  // Update DATABASE_PORT if present
+  if (/^DATABASE_PORT\s*=.*$/m.test(updated)) {
+    updated = updated.replace(/^DATABASE_PORT\s*=\s*.*$/m, `DATABASE_PORT=${dbPort}`);
   }
 
-  // Update DATABASE_URL and other database URL variables (postgresql:// or postgres:// URLs)
-  // Handles DATABASE_URL, DATABASELOG_URL, and any other *_URL variables with postgresql:// or postgres://
-  // First, collect all matches to avoid issues with modifying string during iteration
+  return updated;
+}
+
+/**
+ * Updates database URL variables
+ * @function updateDatabaseUrlVariables
+ * @param {string} updated - Current content
+ * @returns {string} Updated content
+ */
+function updateDatabaseUrlVariables(updated) {
   const dbUrlPattern = /^(DATABASE[^=]*_URL)\s*=\s*(postgresql?:\/\/)([^:]+):([^@]+)@([^:/]+):(\d+)(\/[^\s]*)?/gm;
   const matches = [];
   let dbUrlMatch;
-  // Reset regex lastIndex to ensure we start from beginning
   dbUrlPattern.lastIndex = 0;
   while ((dbUrlMatch = dbUrlPattern.exec(updated)) !== null) {
     matches.push({
-      varName: dbUrlMatch[1], // DATABASE_URL, DATABASELOG_URL, etc.
-      protocol: dbUrlMatch[2], // postgresql:// or postgres://
-      user: dbUrlMatch[3], // username
-      password: dbUrlMatch[4], // password
-      path: dbUrlMatch[7] || '' // /database path
+      varName: dbUrlMatch[1],
+      protocol: dbUrlMatch[2],
+      user: dbUrlMatch[3],
+      password: dbUrlMatch[4],
+      path: dbUrlMatch[7] || ''
     });
   }
-  // Now apply all replacements
   for (const match of matches) {
     updated = updated.replace(
       new RegExp(`^${match.varName}\\s*=\\s*.*$`, 'm'),
       `${match.varName}=${match.protocol}${match.user}:${match.password}@\${DB_HOST}:\${DB_PORT}${match.path}`
     );
   }
+  return updated;
+}
 
-  // Update DATABASE_PORT if present (some templates use DATABASE_PORT instead of DB_PORT)
-  if (/^DATABASE_PORT\s*=.*$/m.test(updated)) {
-    updated = updated.replace(
-      /^DATABASE_PORT\s*=\s*.*$/m,
-      `DATABASE_PORT=${dbPort}`
-    );
-  }
-
-  // Update Keycloak database variables if present
-  // KC_DB_URL_HOST is used by Keycloak to connect to the database
+/**
+ * Updates Keycloak database variables
+ * @function updateKeycloakVariables
+ * @param {string} updated - Current content
+ * @param {string} dbHost - Database host
+ * @param {number} dbPort - Database port
+ * @returns {string} Updated content
+ */
+function updateKeycloakVariables(updated, dbHost, dbPort) {
   if (/^KC_DB_URL_HOST\s*=.*$/m.test(updated)) {
     updated = updated.replace(/^KC_DB_URL_HOST\s*=\s*.*$/m, `KC_DB_URL_HOST=${dbHost}`);
   }
-
-  // KC_DB_URL_PORT is used by Keycloak for database port
   if (/^KC_DB_URL_PORT\s*=.*$/m.test(updated)) {
-    updated = updated.replace(
-      /^KC_DB_URL_PORT\s*=\s*.*$/m,
-      `KC_DB_URL_PORT=${dbPort}`
-    );
+    updated = updated.replace(/^KC_DB_URL_PORT\s*=\s*.*$/m, `KC_DB_URL_PORT=${dbPort}`);
   }
+  return updated;
+}
+
+function updateEndpointVariables(envContent, redisHost, redisPort, dbHost, dbPort) {
+  let updated = envContent;
+
+  updated = updateRedisVariables(updated, redisHost);
+
+  // Update REDIS_PORT if present
+  if (/^REDIS_PORT\s*=.*$/m.test(updated)) {
+    updated = updated.replace(/^REDIS_PORT\s*=\s*.*$/m, `REDIS_PORT=${redisPort}`);
+  }
+
+  updated = updateDatabaseVariables(updated, dbHost, dbPort);
+  updated = updateDatabaseUrlVariables(updated);
+  updated = updateKeycloakVariables(updated, dbHost, dbPort);
 
   return updated;
 }

package/lib/utils/env-map.js

@@ -12,7 +12,7 @@ const fs = require('fs');
 const path = require('path');
 const yaml = require('js-yaml');
 const { loadEnvConfig } = require('./env-config-loader');
-const config = require('../config');
+const config = require('../core/config');
 
 /**
  * Load base environment variables from env-config.yaml
@@ -246,19 +246,18 @@ function calculateDockerPublicPorts(result, devIdNum) {
     // Match any variable ending with _PORT (e.g., MISO_PORT, KEYCLOAK_PORT, DB_PORT)
     if (/_PORT$/.test(key) && !/_PUBLIC_PORT$/.test(key)) {
       const publicPortKey = key.replace(/_PORT$/, '_PUBLIC_PORT');
-      // Skip if public port already exists (allow manual override)
-      if (result[publicPortKey] === undefined) {
-        let portVal;
-        if (typeof value === 'string') {
-          portVal = parseInt(value, 10);
-        } else if (typeof value === 'number') {
-          portVal = value;
-        } else {
-          continue;
-        }
-        if (!Number.isNaN(portVal)) {
-          result[publicPortKey] = String(portVal + (devIdNum * 100));
-        }
+      // Always recalculate public port based on base port, even if manually set
+      // This ensures developer-id offset is always applied correctly
+      let portVal;
+      if (typeof value === 'string') {
+        portVal = parseInt(value, 10);
+      } else if (typeof value === 'number') {
+        portVal = value;
+      } else {
+        continue;
+      }
+      if (!Number.isNaN(portVal)) {
+        result[publicPortKey] = String(portVal + (devIdNum * 100));
       }
     }
   }

package/lib/utils/env-ports.js

@@ -10,7 +10,7 @@
 
 const fs = require('fs');
 const yaml = require('js-yaml');
-const config = require('../config');
+const config = require('../core/config');
 
 /**
  * Update PORT in the container's .env file to use variables.port (+offset)
@@ -18,37 +18,57 @@ const config = require('../config');
  * @param {string} envPath - Path to .env
  * @param {string} variablesPath - Path to variables.yaml
  */
+/**
+ * Gets developer ID from environment variable or config file
+ * @function getDeveloperIdFromEnvOrConfig
+ * @returns {number} Developer ID number
+ */
+function getDeveloperIdFromEnvOrConfig() {
+  const devIdRaw = process.env.AIFABRIX_DEVELOPERID;
+  if (devIdRaw && /^[0-9]+$/.test(devIdRaw)) {
+    return parseInt(devIdRaw, 10);
+  }
+
+  try {
+    const cfgPath = config && config.CONFIG_FILE ? config.CONFIG_FILE : null;
+    if (cfgPath && fs.existsSync(cfgPath)) {
+      const cfgContent = fs.readFileSync(cfgPath, 'utf8');
+      const cfg = yaml.load(cfgContent) || {};
+      const raw = cfg['developer-id'];
+      if (typeof raw === 'number') {
+        return raw;
+      }
+      if (typeof raw === 'string' && /^[0-9]+$/.test(raw)) {
+        return parseInt(raw, 10);
+      }
+    }
+  } catch {
+    // ignore, will use 0
+  }
+
+  return 0;
+}
+
+/**
+ * Calculates port with developer ID adjustment
+ * @function calculatePortWithDevId
+ * @param {number} basePort - Base port
+ * @param {number} devIdNum - Developer ID number
+ * @returns {number} Adjusted port
+ */
+function calculatePortWithDevId(basePort, devIdNum) {
+  return devIdNum > 0 ? (basePort + devIdNum * 100) : basePort;
+}
+
 function updateContainerPortInEnvFile(envPath, variablesPath) {
   if (!fs.existsSync(variablesPath)) {
     return;
   }
   const variablesContent = fs.readFileSync(variablesPath, 'utf8');
   const variables = yaml.load(variablesContent);
-  // Base port from variables
   const basePort = variables?.port || 3000;
-  // Determine developer-id (prefer env var for sync context, fallback to config file)
-  let devIdNum = 0;
-  const devIdRaw = process.env.AIFABRIX_DEVELOPERID;
-  if (devIdRaw && /^[0-9]+$/.test(devIdRaw)) {
-    devIdNum = parseInt(devIdRaw, 10);
-  } else {
-    try {
-      const cfgPath = config && config.CONFIG_FILE ? config.CONFIG_FILE : null;
-      if (cfgPath && fs.existsSync(cfgPath)) {
-        const cfgContent = fs.readFileSync(cfgPath, 'utf8');
-        const cfg = yaml.load(cfgContent) || {};
-        const raw = cfg['developer-id'];
-        if (typeof raw === 'number') {
-          devIdNum = raw;
-        } else if (typeof raw === 'string' && /^[0-9]+$/.test(raw)) {
-          devIdNum = parseInt(raw, 10);
-        }
-      }
-    } catch {
-      // ignore, will use 0
-    }
-  }
-  const port = devIdNum > 0 ? (basePort + devIdNum * 100) : basePort;
+  const devIdNum = getDeveloperIdFromEnvOrConfig();
+  const port = calculatePortWithDevId(basePort, devIdNum);
   let envContent = fs.readFileSync(envPath, 'utf8');
   envContent = envContent.replace(/^PORT\s*=\s*.*$/m, `PORT=${port}`);
   fs.writeFileSync(envPath, envContent, { mode: 0o600 });

package/lib/utils/env-template.js

@@ -24,6 +24,85 @@ const logger = require('../utils/logger');
  *   Note: This parameter is accepted for compatibility but the template format http://${MISO_HOST}:${MISO_PORT} is used instead
  * @returns {Promise<void>} Resolves when template is updated
  */
+/**
+ * Checks which MISO entries exist in content
+ * @function checkMisoEntries
+ * @param {string} content - File content
+ * @returns {Object} Object with boolean flags for each entry
+ */
+function checkMisoEntries(content) {
+  return {
+    hasClientId: /^MISO_CLIENTID\s*=/m.test(content),
+    hasClientSecret: /^MISO_CLIENTSECRET\s*=/m.test(content),
+    hasControllerUrl: /^MISO_CONTROLLER_URL\s*=/m.test(content)
+  };
+}
+
+/**
+ * Updates existing MISO entries
+ * @function updateExistingMisoEntries
+ * @param {string} content - File content
+ * @param {string} clientIdKey - Client ID key
+ * @param {string} clientSecretKey - Client secret key
+ * @param {Object} entries - Entry flags
+ * @returns {string} Updated content
+ */
+function updateExistingMisoEntries(content, clientIdKey, clientSecretKey, entries) {
+  if (entries.hasClientId) {
+    content = content.replace(/^MISO_CLIENTID\s*=.*$/m, `MISO_CLIENTID=kv://${clientIdKey}`);
+  }
+  if (entries.hasClientSecret) {
+    content = content.replace(/^MISO_CLIENTSECRET\s*=.*$/m, `MISO_CLIENTSECRET=kv://${clientSecretKey}`);
+  }
+  if (entries.hasControllerUrl) {
+    content = content.replace(/^MISO_CONTROLLER_URL\s*=.*$/m, 'MISO_CONTROLLER_URL=http://${MISO_HOST}:${MISO_PORT}');
+  }
+  return content;
+}
+
+/**
+ * Builds missing MISO entries
+ * @function buildMissingMisoEntries
+ * @param {string} clientIdKey - Client ID key
+ * @param {string} clientSecretKey - Client secret key
+ * @param {Object} entries - Entry flags
+ * @returns {string[]} Array of missing entries
+ */
+function buildMissingMisoEntries(clientIdKey, clientSecretKey, entries) {
+  const missingEntries = [];
+  if (!entries.hasClientId) {
+    missingEntries.push(`MISO_CLIENTID=kv://${clientIdKey}`);
+  }
+  if (!entries.hasClientSecret) {
+    missingEntries.push(`MISO_CLIENTSECRET=kv://${clientSecretKey}`);
+  }
+  if (!entries.hasControllerUrl) {
+    missingEntries.push('MISO_CONTROLLER_URL=http://${MISO_HOST}:${MISO_PORT}');
+  }
+  return missingEntries;
+}
+
+/**
+ * Inserts MISO section into content
+ * @function insertMisoSection
+ * @param {string} content - File content
+ * @param {string[]} missingEntries - Missing entries to add
+ * @returns {string} Updated content
+ */
+function insertMisoSection(content, missingEntries) {
+  const misoSection = `# MISO Application Client Credentials (per application)
+${missingEntries.join('\n')}
+`;
+
+  const lastSectionMatch = content.match(/# =+.*$/gm);
+  if (lastSectionMatch && lastSectionMatch.length > 0) {
+    const lastSectionIndex = content.lastIndexOf(lastSectionMatch[lastSectionMatch.length - 1]);
+    const insertIndex = content.indexOf('\n', lastSectionIndex) + 1;
+    return content.slice(0, insertIndex) + '\n' + misoSection + content.slice(insertIndex);
+  }
+  return content + '\n' + misoSection;
+}
+
 async function updateEnvTemplate(appKey, clientIdKey, clientSecretKey, _controllerUrl) {
   const envTemplatePath = path.join(process.cwd(), 'builder', appKey, 'env.template');
 
@@ -35,50 +114,13 @@ async function updateEnvTemplate(appKey, clientIdKey, clientSecretKey, _controll
   try {
     let content = await fs.readFile(envTemplatePath, 'utf8');
 
-    // Check if entries already exist
-    const hasClientId = /^MISO_CLIENTID\s*=/m.test(content);
-    const hasClientSecret = /^MISO_CLIENTSECRET\s*=/m.test(content);
-    const hasControllerUrl = /^MISO_CONTROLLER_URL\s*=/m.test(content);
-
-    // Update existing entries
-    if (hasClientId) {
-      content = content.replace(/^MISO_CLIENTID\s*=.*$/m, `MISO_CLIENTID=kv://${clientIdKey}`);
-    }
-
-    if (hasClientSecret) {
-      content = content.replace(/^MISO_CLIENTSECRET\s*=.*$/m, `MISO_CLIENTSECRET=kv://${clientSecretKey}`);
-    }
-
-    if (hasControllerUrl) {
-      content = content.replace(/^MISO_CONTROLLER_URL\s*=.*$/m, 'MISO_CONTROLLER_URL=http://${MISO_HOST}:${MISO_PORT}');
-    }
+    const entries = checkMisoEntries(content);
+    content = updateExistingMisoEntries(content, clientIdKey, clientSecretKey, entries);
 
     // Add missing entries
-    if (!hasClientId || !hasClientSecret || !hasControllerUrl) {
-      const missingEntries = [];
-      if (!hasClientId) {
-        missingEntries.push(`MISO_CLIENTID=kv://${clientIdKey}`);
-      }
-      if (!hasClientSecret) {
-        missingEntries.push(`MISO_CLIENTSECRET=kv://${clientSecretKey}`);
-      }
-      if (!hasControllerUrl) {
-        missingEntries.push('MISO_CONTROLLER_URL=http://${MISO_HOST}:${MISO_PORT}');
-      }
-
-      const misoSection = `# MISO Application Client Credentials (per application)
-${missingEntries.join('\n')}
-`;
-
-      // Try to find a good place to insert (after last section or at end)
-      const lastSectionMatch = content.match(/# =+.*$/gm);
-      if (lastSectionMatch && lastSectionMatch.length > 0) {
-        const lastSectionIndex = content.lastIndexOf(lastSectionMatch[lastSectionMatch.length - 1]);
-        const insertIndex = content.indexOf('\n', lastSectionIndex) + 1;
-        content = content.slice(0, insertIndex) + '\n' + misoSection + content.slice(insertIndex);
-      } else {
-        content = content + '\n' + misoSection;
-      }
+    if (!entries.hasClientId || !entries.hasClientSecret || !entries.hasControllerUrl) {
+      const missingEntries = buildMissingMisoEntries(clientIdKey, clientSecretKey, entries);
+      content = insertMisoSection(content, missingEntries);
     }
 
     await fs.writeFile(envTemplatePath, content, 'utf8');

package/lib/utils/error-formatter.js

@@ -17,21 +17,38 @@
  * @returns {string} Formatted error message
  */
 function formatSingleError(error) {
-  const path = error.instancePath ? error.instancePath.slice(1) : 'root';
+  // Handle empty or missing instancePath - use 'Configuration' for root level errors
+  const instancePath = error.instancePath || '';
+  const path = instancePath ? instancePath.slice(1) : '';
   const field = path ? `Field "${path}"` : 'Configuration';
 
+  // Check if params exists before accessing it
   const errorMessages = {
-    required: `${field}: Missing required property "${error.params.missingProperty}"`,
-    type: `${field}: Expected ${error.params.type}, got ${typeof error.data}`,
-    minimum: `${field}: Value must be at least ${error.params.limit}`,
-    maximum: `${field}: Value must be at most ${error.params.limit}`,
-    minLength: `${field}: Must be at least ${error.params.limit} characters`,
-    maxLength: `${field}: Must be at most ${error.params.limit} characters`,
+    required: error.params?.missingProperty
+      ? `${field}: Missing required property "${error.params.missingProperty}"`
+      : `${field}: Missing required property`,
+    type: error.params?.type
+      ? `${field}: Expected ${error.params.type}, got ${typeof error.data}`
+      : `${field}: Type error`,
+    minimum: error.params?.limit
+      ? `${field}: Value must be at least ${error.params.limit}`
+      : `${field}: Value below minimum`,
+    maximum: error.params?.limit
+      ? `${field}: Value must be at most ${error.params.limit}`
+      : `${field}: Value above maximum`,
+    minLength: error.params?.limit
+      ? `${field}: Must be at least ${error.params.limit} characters`
+      : `${field}: Too short`,
+    maxLength: error.params?.limit
+      ? `${field}: Must be at most ${error.params.limit} characters`
+      : `${field}: Too long`,
     pattern: `${field}: Invalid format`,
-    enum: `${field}: Must be one of: ${error.params.allowedValues?.join(', ') || 'unknown'}`
+    enum: error.params?.allowedValues && error.params.allowedValues.length > 0
+      ? `${field}: Must be one of: ${error.params.allowedValues.join(', ')}`
+      : `${field}: Must be one of: unknown`
   };
 
-  return errorMessages[error.keyword] || `${field}: ${error.message}`;
+  return errorMessages[error.keyword] || `${field}: ${error.message || 'Validation error'}`;
 }
 
 /**