@aifabrix/builder 2.4.0 → 2.5.1

package/README.md

@@ -18,6 +18,9 @@ aifabrix up              # Start Postgres + Redis
 aifabrix create myapp    # Create your app
 aifabrix build myapp     # Build Docker image
 aifabrix run myapp       # Run locally
+# Stop the app (optionally remove its data volume)
+aifabrix down myapp
+# aifabrix down myapp --volumes
 ```
 
 → [Full Guide](docs/QUICK-START.md) | [CLI Commands](docs/CLI-REFERENCE.md)

package/lib/app-down.js

@@ -0,0 +1,123 @@
+/**
+ * Application Down Management
+ *
+ * Provides functionality to stop and remove a specific application's container,
+ * and optionally remove its associated Docker volume.
+ *
+ * @fileoverview Application stop/remove utilities for AI Fabrix Builder
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+'use strict';
+
+const chalk = require('chalk');
+const { exec } = require('child_process');
+const logger = require('./utils/logger');
+const config = require('./config');
+const helpers = require('./app-run-helpers');
+const { validateAppName } = require('./app-push');
+
+/**
+ * Executes a shell command asynchronously.
+ * Wraps child_process.exec with a Promise interface.
+ *
+ * @async
+ * @param {string} command - Command to execute
+ * @param {Object} [options] - Exec options
+ * @returns {Promise<{stdout: string, stderr: string}>} Exec result
+ */
+function execAsync(command, options = {}) {
+  return new Promise((resolve, reject) => {
+    exec(command, options, (error, stdout, stderr) => {
+      if (error) {
+        return reject(error);
+      }
+      resolve({ stdout, stderr });
+    });
+  });
+}
+
+/**
+ * Computes the Docker volume name for an application, based on developer ID.
+ * Dev 0: aifabrix_{app}_data
+ * Dev > 0: aifabrix_dev{developerId}_{app}_data
+ *
+ * @param {string} appName - Application name
+ * @param {number|string} developerId - Developer ID
+ * @returns {string} Docker volume name
+ */
+function getAppVolumeName(appName, developerId) {
+  const idNum = typeof developerId === 'string' ? parseInt(developerId, 10) : developerId;
+  if (idNum === 0) {
+    return `aifabrix_${appName}_data`;
+  }
+  return `aifabrix_dev${developerId}_${appName}_data`;
+}
+
+/**
+ * Stops and removes a specific application's container.
+ * If --volumes is passed, attempts to remove the app's named Docker volume.
+ *
+ * This does NOT delete any files under builder/<app> or apps/<app>.
+ *
+ * @async
+ * @function downApp
+ * @param {string} appName - Application name
+ * @param {Object} options - Options
+ * @param {boolean} [options.volumes=false] - Remove Docker volume data
+ * @returns {Promise<void>} Resolves when operation completes
+ * @throws {Error} If validation fails or Docker operations error (other than missing volume)
+ *
+ * @example
+ * await downApp('myapp', { volumes: true });
+ */
+async function downApp(appName, options = {}) {
+  try {
+    // Input validation
+    if (!appName || typeof appName !== 'string') {
+      throw new Error('Application name is required and must be a string');
+    }
+    validateAppName(appName);
+
+    const volumes = !!options.volumes;
+
+    // Load developer ID
+    const developerId = await config.getDeveloperId();
+
+    // Stop and remove container (idempotent handling in helper logs when not running)
+    await helpers.stopAndRemoveContainer(appName, developerId, false);
+
+    // Optionally remove named Docker volume (ignore if it doesn't exist)
+    if (volumes) {
+      const idNum = typeof developerId === 'string' ? parseInt(developerId, 10) : developerId;
+      // Primary expected name
+      const primaryName = getAppVolumeName(appName, developerId);
+      // Legacy name used when devId \"0\" was treated as string in templates
+      const legacyDev0Name = idNum === 0 ? `aifabrix_dev0_${appName}_data` : null;
+      // Build list of candidates, unique and non-empty
+      const candidates = Array.from(
+        new Set([primaryName, legacyDev0Name].filter(Boolean))
+      );
+
+      for (const volumeName of candidates) {
+        logger.log(chalk.yellow(`Removing volume ${volumeName}...`));
+        try {
+          await execAsync(`docker volume rm -f ${volumeName}`);
+          logger.log(chalk.green(`✓ Volume ${volumeName} removed`));
+        } catch (volErr) {
+          // Swallow errors for missing volume; provide neutral message
+          logger.log(chalk.gray(`Volume ${volumeName} not found or already removed`));
+        }
+      }
+    }
+  } catch (error) {
+    // Provide meaningful error while avoiding sensitive info
+    throw new Error(`Failed to stop application: ${error.message}`);
+  }
+}
+
+module.exports = {
+  downApp
+};
+

package/lib/app.js

@@ -23,6 +23,7 @@ const { generateDockerfileForApp } = require('./app-dockerfile');
 const { loadTemplateVariables, updateTemplateVariables, mergeTemplateVariables } = require('./utils/template-helpers');
 const logger = require('./utils/logger');
 const auditLogger = require('./audit-logger');
+const { downApp } = require('./app-down');
 
 /**
  * Displays success message after app creation
@@ -170,11 +171,11 @@ async function updateVariablesForAppFlag(appPath, appName) {
 
     if (variables.build) {
       variables.build.context = '../..';
-      variables.build.envOutputPath = `apps/${appName}/.env`;
+      variables.build.envOutputPath = `../../apps/${appName}/.env`;
     } else {
       variables.build = {
         context: '../..',
-        envOutputPath: `apps/${appName}/.env`
+        envOutputPath: `../../apps/${appName}/.env`
       };
     }
 
@@ -403,6 +404,7 @@ module.exports = {
   createApp,
   buildApp,
   runApp,
+  downApp,
   detectLanguage,
   generateDockerfile,
   generateDockerfileForApp,

package/lib/build.js

@@ -25,6 +25,7 @@ const validator = require('./validator');
 const dockerfileUtils = require('./utils/dockerfile-utils');
 const dockerBuild = require('./utils/docker-build');
 const buildCopy = require('./utils/build-copy');
+const { buildDevImageName } = require('./utils/image-name');
 
 const execAsync = promisify(exec);
 
@@ -306,18 +307,10 @@ async function executeBuild(imageName, dockerfilePath, contextPath, tag, options
 
 async function postBuildTasks(appName, buildConfig) {
   try {
-    const envPath = await secrets.generateEnvFile(appName, buildConfig.secrets);
+    const envPath = await secrets.generateEnvFile(appName, buildConfig.secrets, 'docker');
     logger.log(chalk.green(`✓ Generated .env file: ${envPath}`));
-    if (buildConfig.envOutputPath) {
-      const builderPath = path.join(process.cwd(), 'builder', appName);
-      const outputPath = path.resolve(builderPath, buildConfig.envOutputPath);
-      const outputDir = path.dirname(outputPath);
-      if (!fsSync.existsSync(outputDir)) {
-        await fs.mkdir(outputDir, { recursive: true });
-      }
-      await fs.copyFile(envPath, outputPath);
-      logger.log(chalk.green(`✓ Copied .env to: ${buildConfig.envOutputPath}`));
-    }
+    // Note: processEnvVariables is already called by generateEnvFile to generate local .env
+    // at the envOutputPath, so we don't need to manually copy the docker .env file
   } catch (error) {
     logger.log(chalk.yellow(`⚠️  Warning: Could not generate .env file: ${error.message}`));
   }
@@ -355,6 +348,7 @@ async function buildApp(appName, options = {}) {
     logger.log(chalk.blue(`Copying files to developer-specific directory (${directoryName})...`));
     const devDir = await buildCopy.copyBuilderToDevDirectory(appName, developerId);
     logger.log(chalk.green(`✓ Files copied to: ${devDir}`));
+    const effectiveImageName = buildDevImageName(imageName, developerId);
 
     // 2a. Check if application source files exist, if not copy from templates
     const appsPath = path.join(process.cwd(), 'apps', appName);
@@ -456,7 +450,18 @@ async function buildApp(appName, options = {}) {
     logger.log(chalk.blue(`Using Dockerfile: ${dockerfilePath}`));
     logger.log(chalk.blue(`Using build context: ${contextPath}`));
 
-    await executeBuild(imageName, dockerfilePath, contextPath, tag, options);
+    await executeBuild(effectiveImageName, dockerfilePath, contextPath, tag, options);
+    // Back-compat: also tag the built dev image as the base image name
+    try {
+      // Use runtime promisify so tests can capture this call reliably
+      const { promisify } = require('util');
+      const { exec } = require('child_process');
+      const run = promisify(exec);
+      await run(`docker tag ${effectiveImageName}:${tag} ${imageName}:${tag}`);
+      logger.log(chalk.green(`✓ Tagged image: ${imageName}:${tag}`));
+    } catch (err) {
+      logger.log(chalk.yellow(`⚠️  Warning: Could not create compatibility tag ${imageName}:${tag} - ${err.message}`));
+    }
 
     // 7. Post-build tasks
     await postBuildTasks(appName, buildConfig);
@@ -475,5 +480,6 @@ module.exports = {
   executeDockerBuild: dockerBuild.executeDockerBuild,
   detectLanguage,
   generateDockerfile,
-  buildApp
+  buildApp,
+  postBuildTasks
 };

package/lib/cli.js

@@ -70,15 +70,21 @@ function setupCommands(program) {
       }
     });
 
-  program.command('down')
-    .description('Stop and remove local infrastructure services')
+  program.command('down [app]')
+    .description('Stop and remove local infrastructure services or a specific application')
     .option('-v, --volumes', 'Remove volumes (deletes all data)')
-    .action(async(options) => {
+    .action(async(appName, options) => {
       try {
-        if (options.volumes) {
-          await infra.stopInfraWithVolumes();
+        // If app name is provided, stop/remove that application (optionally volumes)
+        if (typeof appName === 'string' && appName.trim().length > 0) {
+          await app.downApp(appName, { volumes: !!options.volumes });
         } else {
-          await infra.stopInfra();
+          // Otherwise, stop/remove infrastructure
+          if (options.volumes) {
+            await infra.stopInfraWithVolumes();
+          } else {
+            await infra.stopInfra();
+          }
         }
       } catch (error) {
         handleCommandError(error, 'down');
@@ -340,11 +346,12 @@ function setupCommands(program) {
           if (!digitsOnly) {
             throw new Error('Developer ID must be a non-negative digit string (0 = default infra, > 0 = developer-specific)');
           }
-          // Convert to number for setDeveloperId and getDevPorts (they expect numbers)
-          const devIdNum = parseInt(setIdValue, 10);
-          await config.setDeveloperId(devIdNum);
+          // Preserve the original string value to maintain leading zeros (e.g., "01")
+          await config.setDeveloperId(setIdValue);
           process.env.AIFABRIX_DEVELOPERID = setIdValue;
           logger.log(chalk.green(`✓ Developer ID set to ${setIdValue}`));
+          // Convert to number only for getDevPorts (which requires a number)
+          const devIdNum = parseInt(setIdValue, 10);
           // Use the ID we just set instead of reading from file to avoid race conditions
           const ports = devConfig.getDevPorts(devIdNum);
           logger.log('\n🔧 Developer Configuration\n');
@@ -355,6 +362,24 @@ function setupCommands(program) {
           logger.log(`  Redis: ${ports.redis}`);
           logger.log(`  pgAdmin: ${ports.pgadmin}`);
           logger.log(`  Redis Commander: ${ports.redisCommander}`);
+
+          // Display configuration variables if set
+          const aifabrixHome = await config.getAifabrixHomeOverride();
+          const aifabrixSecrets = await config.getAifabrixSecretsPath();
+          const aifabrixEnvConfig = await config.getAifabrixEnvConfigPath();
+
+          if (aifabrixHome || aifabrixSecrets || aifabrixEnvConfig) {
+            logger.log('\nConfiguration:');
+            if (aifabrixHome) {
+              logger.log(`  aifabrix-home: ${aifabrixHome}`);
+            }
+            if (aifabrixSecrets) {
+              logger.log(`  aifabrix-secrets: ${aifabrixSecrets}`);
+            }
+            if (aifabrixEnvConfig) {
+              logger.log(`  aifabrix-env-config: ${aifabrixEnvConfig}`);
+            }
+          }
           logger.log('');
           return;
         }
@@ -371,6 +396,24 @@ function setupCommands(program) {
         logger.log(`  Redis: ${ports.redis}`);
         logger.log(`  pgAdmin: ${ports.pgadmin}`);
         logger.log(`  Redis Commander: ${ports.redisCommander}`);
+
+        // Display configuration variables if set
+        const aifabrixHome = await config.getAifabrixHomeOverride();
+        const aifabrixSecrets = await config.getAifabrixSecretsPath();
+        const aifabrixEnvConfig = await config.getAifabrixEnvConfigPath();
+
+        if (aifabrixHome || aifabrixSecrets || aifabrixEnvConfig) {
+          logger.log('\nConfiguration:');
+          if (aifabrixHome) {
+            logger.log(`  aifabrix-home: ${aifabrixHome}`);
+          }
+          if (aifabrixSecrets) {
+            logger.log(`  aifabrix-secrets: ${aifabrixSecrets}`);
+          }
+          if (aifabrixEnvConfig) {
+            logger.log(`  aifabrix-env-config: ${aifabrixEnvConfig}`);
+          }
+        }
         logger.log('');
       } catch (error) {
         handleCommandError(error, 'dev config');

package/lib/commands/secure.js

@@ -22,7 +22,7 @@ const { encryptYamlValues } = require('../utils/yaml-preserve');
 
 /**
  * Finds all secrets.local.yaml files to encrypt
- * Includes user secrets file and build secrets from all apps
+ * Includes user secrets file and general secrets from config.yaml
  *
  * @async
  * @function findSecretsFiles
@@ -37,45 +37,10 @@ async function findSecretsFiles() {
     files.push({ path: userSecretsPath, type: 'user' });
   }
 
-  // Find all apps and check for build.secrets
-  // Scan builder directory for apps
+  // Check config.yaml for aifabrix-secrets
   try {
-    const builderDir = path.join(process.cwd(), 'builder');
-    if (fs.existsSync(builderDir)) {
-      const entries = fs.readdirSync(builderDir, { withFileTypes: true });
-      for (const entry of entries) {
-        if (entry.isDirectory()) {
-          const appName = entry.name;
-          const variablesPath = path.join(builderDir, appName, 'variables.yaml');
-          if (fs.existsSync(variablesPath)) {
-            try {
-              const variablesContent = fs.readFileSync(variablesPath, 'utf8');
-              const variables = yaml.load(variablesContent);
-
-              if (variables?.build?.secrets) {
-                const buildSecretsPath = path.resolve(
-                  path.dirname(variablesPath),
-                  variables.build.secrets
-                );
-                if (fs.existsSync(buildSecretsPath)) {
-                  files.push({ path: buildSecretsPath, type: `app:${appName}` });
-                }
-              }
-            } catch (error) {
-              // Ignore errors, continue
-            }
-          }
-        }
-      }
-    }
-  } catch (error) {
-    // Ignore errors, continue
-  }
-
-  // Check config.yaml for general secrets-path
-  try {
-    const { getSecretsPath } = require('../config');
-    const generalSecretsPath = await getSecretsPath();
+    const { getAifabrixSecretsPath } = require('../config');
+    const generalSecretsPath = await getAifabrixSecretsPath();
     if (generalSecretsPath) {
       const resolvedPath = path.isAbsolute(generalSecretsPath)
         ? generalSecretsPath
@@ -205,7 +170,7 @@ async function handleSecure(options) {
 
   if (secretsFiles.length === 0) {
     logger.log(chalk.yellow('⚠️  No secrets files found to encrypt'));
-    logger.log(chalk.gray('   Create ~/.aifabrix/secrets.local.yaml or configure build.secrets in variables.yaml'));
+    logger.log(chalk.gray('   Create ~/.aifabrix/secrets.local.yaml or configure aifabrix-secrets in config.yaml'));
     return;
   }
 

package/lib/config.js

@@ -1,6 +1,5 @@
 /**
  * AI Fabrix Builder Configuration Management
- *
  * Manages stored authentication configuration for CLI
  * Stores controller URL and auth tokens securely
  *
@@ -364,7 +363,7 @@ async function setSecretsEncryptionKey(key) {
 
 /**
  * Get general secrets path from configuration
- * Used as fallback when build.secrets is not set in variables.yaml
+ * Returns aifabrix-secrets path from config.yaml if configured
  * @returns {Promise<string|null>} Secrets path or null if not set
  */
 async function getSecretsPath() {
@@ -435,6 +434,29 @@ async function setAifabrixSecretsPath(secretsPath) {
   await saveConfig(config);
 }
 
+/**
+ * Get aifabrix-env-config path from configuration
+ * @returns {Promise<string|null>} Env config path or null if not set
+ */
+async function getAifabrixEnvConfigPath() {
+  const config = await getConfig();
+  return config['aifabrix-env-config'] || null;
+}
+
+/**
+ * Set aifabrix-env-config path in configuration
+ * @param {string} envConfigPath - Path to user env-config file
+ * @returns {Promise<void>}
+ */
+async function setAifabrixEnvConfigPath(envConfigPath) {
+  if (!envConfigPath || typeof envConfigPath !== 'string') {
+    throw new Error('Env config path is required and must be a string');
+  }
+  const config = await getConfig();
+  config['aifabrix-env-config'] = envConfigPath;
+  await saveConfig(config);
+}
+
 // Create exports object
 const exportsObj = {
   getConfig,
@@ -458,6 +480,8 @@ const exportsObj = {
   setAifabrixHomeOverride,
   getAifabrixSecretsPath,
   setAifabrixSecretsPath,
+  getAifabrixEnvConfigPath,
+  setAifabrixEnvConfigPath,
   CONFIG_DIR,
   CONFIG_FILE
 };
@@ -472,6 +496,4 @@ Object.defineProperty(exportsObj, 'developerId', {
   enumerable: true,
   configurable: true
 });
-
 module.exports = exportsObj;
-

package/lib/env-reader.js

@@ -7,6 +7,7 @@
 
 const fs = require('fs').promises;
 const path = require('path');
+const { getCanonicalSecretName } = require('./secrets');
 
 /**
  * Read existing .env file from application folder
@@ -147,8 +148,8 @@ function generateSecretsFromEnv(envVars) {
 
   Object.entries(envVars).forEach(([key, value]) => {
     if (detectSensitiveValue(key, value)) {
-      // Convert key to secret name format
-      const secretName = key.toLowerCase().replace(/[^a-z0-9]/g, '-');
+      // Use centralized resolver for canonical secret names
+      const secretName = getCanonicalSecretName(key);
       secrets[secretName] = value;
     }
   });

package/lib/generator.js

@@ -185,9 +185,6 @@ function validateBuildFields(build) {
   if (build.envOutputPath) {
     buildConfig.envOutputPath = build.envOutputPath;
   }
-  if (build.secrets && typeof build.secrets === 'string') {
-    buildConfig.secrets = build.secrets;
-  }
   if (build.dockerfile && build.dockerfile.trim()) {
     buildConfig.dockerfile = build.dockerfile;
   }
@@ -210,12 +207,6 @@ function validateDeploymentFields(deployment) {
   if (deployment.controllerUrl && deployment.controllerUrl.trim() && deployment.controllerUrl.startsWith('https://')) {
     deploymentConfig.controllerUrl = deployment.controllerUrl;
   }
-  if (deployment.clientId && deployment.clientId.trim()) {
-    deploymentConfig.clientId = deployment.clientId;
-  }
-  if (deployment.clientSecret && deployment.clientSecret.trim()) {
-    deploymentConfig.clientSecret = deployment.clientSecret;
-  }
 
   return Object.keys(deploymentConfig).length > 0 ? deploymentConfig : null;
 }

package/lib/infra.js

@@ -23,7 +23,22 @@ const dockerUtils = require('./utils/docker');
 const paths = require('./utils/paths');
 
 // Register Handlebars helper for equality check
-handlebars.registerHelper('eq', (a, b) => a === b);
+// Handles both strict equality and numeric string comparisons
+// Treats null/undefined as equivalent to "0" (default infrastructure)
+handlebars.registerHelper('eq', (a, b) => {
+  // Handle null/undefined - treat as "0" for default infrastructure
+  if (a === null || a === undefined) a = '0';
+  if (b === null || b === undefined) b = '0';
+
+  // If both are numeric strings or one is number and other is numeric string, compare as numbers
+  const aNum = typeof a === 'string' && /^\d+$/.test(a) ? parseInt(a, 10) : a;
+  const bNum = typeof b === 'string' && /^\d+$/.test(b) ? parseInt(b, 10) : b;
+  // Use numeric comparison if both are numbers, otherwise strict equality
+  if (typeof aNum === 'number' && typeof bNum === 'number') {
+    return aNum === bNum;
+  }
+  return a === b;
+});
 const execAsync = promisify(exec);
 
 /**
@@ -118,12 +133,25 @@ async function startInfra(developerId = null) {
   }
 
   // Generate compose file from template
+  // Register helper right before compiling to ensure it's available
+  handlebars.registerHelper('eq', (a, b) => {
+    if (a === null || a === undefined) a = '0';
+    if (b === null || b === undefined) b = '0';
+    const aNum = typeof a === 'string' && /^\d+$/.test(a) ? parseInt(a, 10) : a;
+    const bNum = typeof b === 'string' && /^\d+$/.test(b) ? parseInt(b, 10) : b;
+    if (typeof aNum === 'number' && typeof bNum === 'number') {
+      return aNum === bNum;
+    }
+    return a === b;
+  });
   const templateContent = fs.readFileSync(templatePath, 'utf8');
   const template = handlebars.compile(templateContent);
   // Dev 0: infra-aifabrix-network, Dev > 0: infra-dev{id}-aifabrix-network
   const networkName = idNum === 0 ? 'infra-aifabrix-network' : `infra-dev${devId}-aifabrix-network`;
+  // Pass string devId to preserve leading zeros (e.g., "01") in container names
+  // The eq helper will handle numeric comparisons correctly
   const composeContent = template({
-    devId: idNum,
+    devId: devId,
     postgresPort: ports.postgres,
     redisPort: ports.redis,
     pgadminPort: ports.pgadmin,
@@ -466,7 +494,6 @@ async function getAppStatus() {
 
   return apps;
 }
-
 module.exports = {
   startInfra, stopInfra, stopInfraWithVolumes, checkInfraHealth,
   getInfraStatus, getAppStatus, restartService, ensureAdminSecrets

package/lib/schema/application-schema.json

@@ -633,11 +633,6 @@
           "description": "Path where .env file is copied for local development (relative to builder/)",
           "pattern": "^[^/].*"
         },
-        "secrets": {
-          "type": "string",
-          "description": "Path to secrets file (defaults to ~/.aifabrix/secrets.yaml if empty)",
-          "pattern": "^[^/].*"
-        },
         "localPort": {
           "type": "integer",
           "description": "Port for local development (different from Docker port)",
@@ -676,16 +671,6 @@
           "type": "string",
           "description": "Controller API URL for deployment",
           "pattern": "^https://.*$"
-        },
-        "clientId": {
-          "type": "string",
-          "description": "Pipeline ClientId for automated deployment",
-          "pattern": "^[a-z0-9-]+$"
-        },
-        "clientSecret": {
-          "type": "string",
-          "description": "Pipeline ClientSecret (use kv:// reference)",
-          "pattern": "^(kv://.*|.+)$"
         }
       },
       "additionalProperties": false

package/lib/schema/env-config.yaml

@@ -4,20 +4,20 @@
 environments:
   docker:
     DB_HOST: postgres
+    DB_PORT: 5432
     REDIS_HOST: redis
+    REDIS_PORT: 6379
     MISO_HOST: miso-controller
+    MISO_PORT: 3000
     KEYCLOAK_HOST: keycloak
-    MORI_HOST: mori-controller
-    OPENWEBUI_HOST: openwebui
-    FLOWISE_HOST: flowise
-    DATAPLANE_HOST: dataplane
+    KEYCLOAK_PORT: 8082
 
   local:
     DB_HOST: localhost
+    DB_PORT: 5432
     REDIS_HOST: localhost
+    REDIS_PORT: 6379
     MISO_HOST: localhost
+    MISO_PORT: 3010
     KEYCLOAK_HOST: localhost
-    MORI_HOST: localhost
-    OPENWEBUI_HOST: localhost
-    FLOWISE_HOST: localhost
-    DATAPLANE_HOST: localhost
+    KEYCLOAK_PORT: 8082