@aifabrix/builder 2.39.1 → 2.39.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aifabrix/builder",
-  "version": "2.39.1",
+  "version": "2.39.2",
   "description": "AI Fabrix Local Fabric & Deployment SDK",
   "main": "lib/index.js",
   "bin": {

package/templates/applications/README.md.hbs

@@ -19,7 +19,7 @@ npm install -g @aifabrix/builder
 aifabrix doctor
 
 # Login to controller (offline tokens are default; sets controller and environment in config)
-aifabrix login --method device --environment dev --controller http://localhost:3000
+aifabrix login --controller http://localhost:3000
 
 # Register your application (gets you credentials; uses controller and environment from config)
 aifabrix app register {{appName}}
@@ -42,13 +42,13 @@ aifabrix run {{appName}}
 
 **View logs:**
 ```bash
-docker logs aifabrix-{{appName}} -f
+aifabrix logs {{appName}}
 ```
 
 **Stop:**
 ```bash
-aifabrix down-infra {{appName}}
-# aifabrix down-infra {{appName}} --volumes   # also remove data volume
+aifabrix down-app {{appName}}
+# aifabrix down-app {{appName}} --volumes   # also remove data volume
 ```
 
 ### 4. Deploy to Azure
@@ -61,7 +61,7 @@ aifabrix build {{appName}} --tag v1.0.0
 aifabrix push {{appName}} --registry {{registry}} --tag "v1.0.0,latest"
 
 # Deploy (controller and environment from config; set via aifabrix login or aifabrix auth config)
-aifabrix deploy {{appName}}
+aifabrix deploy {{appName}} --deployment local
 ```
 
 ---
@@ -87,7 +87,7 @@ aifabrix app rotate-secret {{appName}}
 # Development
 aifabrix build {{appName}}                        # Build app
 aifabrix run {{appName}}                          # Run locally
-aifabrix down-infra {{appName}} [--volumes]             # Stop app (optionally remove volume)
+aifabrix down-app {{appName}} [--volumes]         # Stop app (optionally remove volume)
 aifabrix dockerfile {{appName}} --force           # Generate Dockerfile
 aifabrix resolve {{appName}}                      # Generate .env file
 
@@ -118,7 +118,7 @@ aifabrix build {{appName}} --language typescript  # Override language detection
 ### Run Options
 
 ```bash
-aifabrix run {{appName}} --port {{localPort}}   # Override local port
+aifabrix run {{appName}} --port {{localPort}}     # Override local port
 aifabrix run {{appName}} --debug                  # Debug output
 ```
 
@@ -132,7 +132,7 @@ aifabrix push {{appName}} --registry {{registry}} --tag "v1.0.0,latest,stable"
 ### Deploy Options
 
 ```bash
-aifabrix deploy {{appName}}                       # Uses controller and environment from config
+aifabrix deploy {{appName}} --deployment local    # Uses controller and environment from config
 aifabrix deploy {{appName}} --no-poll             # Deploy without polling for status
 ```
 

package/templates/applications/dataplane/env.template

@@ -16,7 +16,9 @@ DEBUG=false
 LOG_LEVEL=INFO
 # Log format: json or text
 LOG_FORMAT=json
-# Path for log file output
+# Path for log file output.
+# Docker default (no volume): use LOG_FILE_PATH=/app/logs/app.log (directory created in image).
+# Production with persistent logs: use /mnt/data/logs/app.log and mount a volume at /mnt/data.
 LOG_FILE_PATH=/mnt/data/logs/app.log
 # If true, run without Redis/Celery (single process)
 LOCAL_MODE=false

package/templates/applications/dataplane/variables.yaml

@@ -13,7 +13,7 @@ app:
 image:
   name: aifabrix/dataplane
   tag: latest
-  registry: devflowiseacr.azurecr.io
+  registry: aifabrixdevacr.azurecr.io
   registryMode: acr
 
 # Port Configuration

package/templates/applications/keycloak/variables.yaml

@@ -10,7 +10,7 @@ app:
 image:
   name: aifabrix/keycloak
   tag: 'latest'
-  registry: devflowiseacr.azurecr.io
+  registry: aifabrixdevacr.azurecr.io
   registryMode: acr
 
 # Port Configuration (base for host; host port = 8082 + developer_id*100 from ~/.aifabrix/config.yaml)

package/templates/applications/miso-controller/env.template

@@ -6,11 +6,25 @@
 # =============================================================================
 # FIRST-TIME ONBOARDING CONFIGURATION
 # =============================================================================
+#
+# Onboarding runs automatically when the database has no controller row (empty DB).
+# It creates: controller, Keycloak realm/client, admin user in aifabrix realm, groups, roles.
+# After "pnpm db:reset", ensure the controller uses the same DATABASE_URL as the DB you
+# reset (e.g. same .env or secrets), then start the controller so it sees the empty DB
+# and runs onboarding (and creates the admin user for login).
+#
+# =============================================================================
 
 # Skip automatic first-time onboarding (default: false)
 # Set to true to disable automatic onboarding on first startup
 SKIP_FIRST_TIME_SETUP=false
 
+# Force onboarding to run even when a controller row already exists (default: unset/false).
+# Use only when the DB already had a controller so onboarding was skipped and the admin
+# user was never created in the aifabrix realm. Set to true, restart controller once,
+# then set back to false so onboarding does not re-run on every start.
+# FORCE_ONBOARDING=true
+
 # Optional custom controller key for onboarding (default: miso-controller)
 ONBOARDING_CONTROLLER_KEY=miso-controller
 

package/templates/applications/miso-controller/variables.yaml

@@ -9,7 +9,7 @@ app:
 # Image Configuration
 image:
   name: aifabrix/miso-controller
-  registry: devflowiseacr.azurecr.io
+  registry: aifabrixdevacr.azurecr.io
   registryMode: acr
 
 # Port Configuration (container port; host port = 3000 + developer_id*100 from ~/.aifabrix/config.yaml)

package/templates/external-system/external-system.json.hbs

@@ -4,11 +4,8 @@
   "description": "{{systemDescription}}",
   "type": "{{systemType}}",
   "enabled": true,
-  "environment": {
-    "baseUrl": "https://api.example.com"
-  },
   "authentication": {
-    "mode": "{{authType}}"{{#if (eq authType "oauth2")}},
+    "type": "{{authType}}"{{#if (eq authType "oauth2")}},
     "oauth2": {
       "tokenUrl": "https://api.example.com/oauth/token",
       "clientId": "kv://{{systemKey}}-oauth2-client-id",
@@ -32,14 +29,30 @@
     "serverUrl": "https://mcp.example.com",
     "toolPrefix": "{{systemKey}}"
   }{{/if}},
-  "tags": []{{#if roles}},
+  "tags": [],
+  "configuration": [
+    {
+      "name": "BASE_URL",
+      "value": "{{#if baseUrl}}{{baseUrl}}{{else}}https://api.example.com{{/if}}",
+      "location": "variable",
+      "required": true,
+      "portalInput": {
+        "field": "text",
+        "label": "Base URL",
+        "placeholder": "https://api.example.com",
+        "validation": {
+          "required": true
+        }
+      }
+    }
+  ]{{#if roles}},
   "roles": [
     {{#each roles}}
     {
       "name": "{{name}}",
       "value": "{{value}}",
-      "description": "{{description}}"{{#if Groups}},
-      "groups": [{{#each Groups}}"{{this}}"{{#unless @last}}, {{/unless}}{{/each}}]{{/if}}
+      "description": "{{description}}"{{#if groups}},
+      "groups": [{{#each groups}}"{{this}}"{{#unless @last}}, {{/unless}}{{/each}}]{{/if}}
     }{{#unless @last}},{{/unless}}
     {{/each}}
   ]{{/if}}{{#if permissions}},

package/templates/applications/dataplane/README.md

@@ -1,219 +0,0 @@
-# Dataplane Builder
-
-Build, run, and deploy Dataplane using `@aifabrix/builder`.
-
----
-
-## Quick Start
-
-### 1. Install
-
-```bash
-npm install -g @aifabrix/builder
-```
-
-### 2. First Time Setup
-
-```bash
-# Check your environment
-aifabrix doctor
-
-# Login to controller (debug mode -c http://localhost:3010 - change your own port)
-aifabrix login 
-
-# Register your application (gets you credentials automatically)
-aifabrix app register dataplane
-
-# Rotate credentials if needed:
-aifabrix app rotate-secret dataplane
-
-# Run locally
-aifabrix run dataplane
-
-# Deploy to miso-controller
-aifabrix deploy dataplane
-
-```
-
-### 3. Build & Run Locally
-
-```bash
-# Build the Docker image (latest)
-aifabrix build dataplane
-
-# Run locally
-aifabrix run dataplane
-```
-
-**Access your app:** <http://localhost:3111> (host port from `build.localPort`; container uses 3001)
-
----
-
-## Testing dataplane (use DATAPLANE_TEST_GUIDE)
-
-**Use the builder’s Dataplane Test Guide** for auth, health, wizard, external systems, and pipeline checks:
-
-- **In aifabrix-builder:** `integration/hubspot/DATAPLANE_TEST_GUIDE.md`
-- **Dataplane base URL:** `http://localhost:3111`
-- **Controller:** `http://localhost:3110` (login, token)
-
-The guide defines: token setup, `/health`, wizard API, external systems API, pipeline API, and quick checks. 
-Keep `build.localPort` in `variables.yaml` at **3111** so it matches that guide.
-
-**View logs:**
-
-```bash
-docker logs aifabrix-dev06-dataplane -f
-```
-
-**Stop:**
-
-```bash
-docker stop aifabrix-dev06-dataplane
-```
-
-### 4. Deploy to Azure
-
-```bash
-# Build with version tag
-aifabrix build dataplane --tag v1.0.0
-
-# Push to registry
-aifabrix push dataplane --registry myacr.azurecr.io --tag "v1.0.0,latest"
-
-# Deploy to miso-controller
-aifabrix deploy dataplane
-
-```
-
----
-
-## Using miso-client
-
-> [miso-client](https://github.com/esystemsdev/aifabrix-miso-client)
-
-After registering your app, you automatically get credentials in your secret file. Use miso-client for login, RBAC, audit logs, etc.
-
-**Rotate credentials if needed:**
-
-```bash
-aifabrix app rotate-secret dataplane
-```
-
----
-
-## Reference
-
-### Common Commands
-
-```bash
-# Development
-aifabrix build dataplane                        # Build app
-aifabrix run dataplane                          # Run locally
-aifabrix dockerfile dataplane --force           # Generate Dockerfile
-aifabrix resolve dataplane                      # Generate .env file
-
-# Deployment
-aifabrix json dataplane                         # Preview deployment JSON
-aifabrix genkey dataplane                       # Generate deployment key
-aifabrix push dataplane --registry myacr.azurecr.io # Push to ACR
-aifabrix deploy dataplane --controller <url>    # Deploy to Azure
-
-# Management
-aifabrix app register dataplane
-aifabrix app list
-aifabrix app rotate-secret dataplane
-
-# Utilities
-aifabrix doctor                                   # Check environment
-aifabrix login --method device  # Login
-aifabrix --help                                   # Get help
-```
-
-### Build Options
-
-```bash
-aifabrix build dataplane --tag v1.0.0           # Custom tag
-aifabrix build dataplane --force-template       # Force template regeneration
-aifabrix build dataplane --language typescript  # Override language detection
-```
-
-### Run Options
-
-```bash
-aifabrix run dataplane --port 3000          # Custom port
-aifabrix run dataplane --debug                  # Debug output
-```
-
-### Push Options
-
-```bash
-aifabrix push dataplane --registry myacr.azurecr.io --tag v1.0.0
-aifabrix push dataplane --registry myacr.azurecr.io --tag "v1.0.0,latest,stable"
-```
-
-### Deploy Options
-
-```bash
-aifabrix deploy dataplane
-aifabrix deploy dataplane --no-poll
-```
-
-### Login Methods
-
-```bash
-# Device code flow
-aifabrix login --method device --environment dev
-
-# Credentials (reads from secrets.local.yaml)
-aifabrix login --method credentials --app dataplane --environment dev
-
-# Explicit credentials
-aifabrix login --method credentials --app dataplane --client-id $CLIENT_ID --client-secret $CLIENT_SECRET --environment dev
-```
-
-### Environment Variables
-
-```bash
-export AIFABRIX_HOME=/custom/path
-export AIFABRIX_SECRETS=/path/to/secrets.yaml
-```
-
-**Default OAuth callback URL:** Set `DATAPLANE_WEB_SERVER_URL` (e.g. in `env.template` as `http://localhost:${PORT}`) so the dataplane can build the default OAuth2 callback URL when `redirectUri` is omitted. The callback URL is `{DATAPLANE_WEB_SERVER_URL}/auth/callback`. When you change the domain (e.g. from localhost to a production URL), update this single variable and register the same callback URL in your OAuth app (e.g. HubSpot).
-
----
-
-## Troubleshooting
-
-- **"Docker not running"** → Start Docker Desktop
-- **"Not logged in"** → Run `aifabrix login` first
-- **"Port already in use"** → Use `--port` flag or change `build.localPort` in `variables.yaml` (default: 3111, must match DATAPLANE_TEST_GUIDE)
-- **"Authentication failed"** → Run `aifabrix login` again
-- **"Build fails"** → Check Docker is running and `variables.yaml` → `build.secrets` path is correct
-- **"Can't connect"** → Verify infrastructure is running and PostgreSQL is accessible
-- **Wizard / API 401 after `rotate-secret`** → The wizard may write `.env` to a different path (e.g. `../../.env`). Ensure the **project root** `.env` has the new `MISO_CLIENTID` and `MISO_CLIENTSECRET` (copy from the rotate-secret output or run `make resolve`), then **restart the backend** (`make dev` or restart the process) so it loads the new credentials.
-
-**Regenerate files:**
-
-```bash
-aifabrix resolve dataplane --force
-aifabrix json dataplane
-aifabrix genkey dataplane
-```
-
----
-
-## Prerequisites
-
-- `@aifabrix/builder` installed globally
-- Docker Desktop running
-- Azure CLI installed (for push command)
-- Authenticated with controller (for deploy command)
-- PostgreSQL database (ensure infrastructure is running)
-- Redis (ensure infrastructure is running)
-- File storage configured
-- Authentication/RBAC configured
-
----
-
-**Application**: dataplane | **Port**: 3111 (local) / 3001 (container) | **Registry**: myacr.azurecr.io | **Image**: aifabrix/dataplane:latest

package/templates/applications/keycloak/README.md

@@ -1,203 +0,0 @@
-# Keycloak Builder
-
-Build, run, and deploy Keycloak using `@aifabrix/builder`.
-
----
-
-## Quick Start
-
-### 1. Install
-
-```bash
-pnpm install -g @aifabrix/builder
-```
-
-### 2. First Time Setup
-
-```bash
-# Check your environment
-aifabrix doctor
-
-# Login to controller
-aifabrix login --method device --environment dev --controller http://localhost:3100 --offline
-
-# Register your application (gets you credentials automatically)
-aifabrix app register keycloak --environment dev
-```
-
-### 3. Build & Run Locally
-
-```bash
-# Build the Docker image
-aifabrix build keycloak
-
-# Generate environment variables
-aifabrix resolve keycloak
-
-# Run locally
-aifabrix run keycloak
-```
-
-**Access your app:** <http://dev.aifabrix:8082>
-
-**Token issuer (Docker + refresh):** Keycloak is configured with `KC_HOSTNAME=localhost` and `KC_HOSTNAME_PORT=${KEYCLOAK_PUBLIC_PORT}` so tokens always have issuer `http://localhost:<port>/realms/aifabrix`. This lets refresh work when users log in via localhost and the controller (in Docker) calls Keycloak at `http://keycloak:8080`.
-
-**If you get "Invalid token issuer. Expected 'http://keycloak:8080/realms/aifabrix'" on refresh:**
-
-1. Set `KEYCLOAK_PUBLIC_PORT` to the port you use for Keycloak (e.g. if your token issuer shows `http://localhost:8682/realms/aifabrix`, use `8682`). In `.env` (in the directory where you run `aifabrix resolve keycloak`) add or set: `KEYCLOAK_PUBLIC_PORT=8682`.
-2. Regenerate Keycloak env and restart Keycloak:
-   ```bash
-   aifabrix resolve keycloak
-   docker restart $(docker ps -q -f name=keycloak)
-   ```
-3. Re-run `pnpm validate:config -- --test-refresh` from the repo root.
-
-**View logs:**
-
-```bash
-docker logs aifabrix-keycloak -f
-```
-
-**Stop:**
-
-```bash
-docker stop aifabrix-keycloak
-```
-
-### 4. Deploy to Azure
-
-```bash
-# Build with version tag
-aifabrix build keycloak --tag v1.0.0
-
-# Push to registry
-aifabrix push keycloak --registry myacr.azurecr.io --tag "v1.0.0,latest"
-
-# Deploy to miso-controller
-aifabrix deploy keycloak --controller https://controller.aifabrix.ai --environment dev
-```
-
----
-
-## Using miso-client
-
-> [miso-client](https://github.com/esystemsdev/aifabrix-miso-client)
-
-After registering your app, you automatically get credentials in your secret file. Use miso-client for login, RBAC, audit logs, etc.
-
-**Rotate credentials if needed:**
-
-```bash
-aifabrix app rotate-secret keycloak --environment dev
-```
-
----
-
-## Reference
-
-### Common Commands
-
-```bash
-# Development
-aifabrix build keycloak                        # Build app
-aifabrix run keycloak                          # Run locally
-aifabrix dockerfile keycloak --force           # Generate Dockerfile
-aifabrix resolve keycloak                      # Generate .env file
-
-# Deployment
-aifabrix json keycloak                         # Generate deployment manifest
-aifabrix push keycloak --registry myacr.azurecr.io # Push to ACR
-aifabrix deploy keycloak --controller <url>    # Deploy to Azure
-
-# Management
-aifabrix app register keycloak --environment dev
-aifabrix app list --environment dev
-aifabrix app rotate-secret keycloak --environment dev
-
-# Utilities
-aifabrix doctor                                   # Check environment
-aifabrix login --method device --environment dev  # Login
-aifabrix --help                                   # Get help
-```
-
-### Build Options
-
-```bash
-aifabrix build keycloak --tag v1.0.0           # Custom tag
-aifabrix build keycloak --force-template       # Force template regeneration
-aifabrix build keycloak --language typescript  # Override language detection
-```
-
-### Run Options
-
-```bash
-aifabrix run keycloak --port 8082          # Custom port
-aifabrix run keycloak --debug                  # Debug output
-```
-
-### Push Options
-
-```bash
-aifabrix push keycloak --registry myacr.azurecr.io --tag v1.0.0
-aifabrix push keycloak --registry myacr.azurecr.io --tag "v1.0.0,latest"
-```
-
-### Deploy Options
-
-```bash
-aifabrix deploy keycloak --controller <url> --environment dev
-aifabrix deploy keycloak --controller <url> --environment dev --no-poll
-```
-
-### Login Methods
-
-```bash
-# Device code flow
-aifabrix login --method device --environment dev
-
-# Credentials (reads from secrets.local.yaml)
-aifabrix login --method credentials --app keycloak --environment dev
-
-# Explicit credentials
-aifabrix login --method credentials --app keycloak --client-id $CLIENT_ID --client-secret $CLIENT_SECRET --environment dev
-```
-
-### Environment Variables
-
-```bash
-export AIFABRIX_HOME=/custom/path
-export AIFABRIX_SECRETS=/path/to/secrets.yaml
-```
-
----
-
-## Troubleshooting
-
-- **"Docker not running"** → Start Docker Desktop
-- **"Not logged in"** → Run `aifabrix login` first
-- **"Port already in use"** → Use `--port` flag or change `build.localPort` in `variables.yaml` (default: 8082)
-- **"Authentication failed"** → Run `aifabrix login` again
-- **"Build fails"** → Check Docker is running and `variables.yaml` → `build.secrets` path is correct
-- **"Can't connect"** → Verify infrastructure is running and PostgreSQL is accessible
-
-**Regenerate files:**
-
-```bash
-aifabrix resolve keycloak --force
-aifabrix json keycloak
-```
-
----
-
-## Prerequisites
-
-- `@aifabrix/builder` installed globally
-- Docker Desktop running
-- Azure CLI installed (for push command)
-- Authenticated with controller (for deploy command)
-- PostgreSQL database (ensure infrastructure is running)
-- Authentication/RBAC configured
-
----
-
-**Application**: keycloak | **Port**: 8082 | **Registry**: myacr.azurecr.io | **Image**: aifabrix/keycloak:latest