@aifabrix/builder 2.40.2 → 2.42.0

package/lib/commands/secrets-list.js

@@ -0,0 +1,118 @@
+/**
+ * @fileoverview aifabrix secret list – list secret keys and values (user file, shared file, or remote API)
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+const path = require('path');
+const fs = require('fs');
+const yaml = require('js-yaml');
+const chalk = require('chalk');
+const logger = require('../utils/logger');
+const { getAifabrixSecretsPath } = require('../core/config');
+const pathsUtil = require('../utils/paths');
+const { isRemoteSecretsUrl, getRemoteDevAuth } = require('../utils/remote-dev-auth');
+const devApi = require('../api/dev.api');
+
+const REMOTE_NOT_CONFIGURED_MSG = 'Remote server is not configured. Set remote-server and run "aifabrix dev init" first.';
+
+/**
+ * List secret keys and values from a YAML file.
+ * @param {string} filePath - Absolute path to secrets file
+ * @returns {Array<{ key: string, value: string }>} Key-value pairs (value stringified)
+ */
+function listKeysAndValuesFromFile(filePath) {
+  if (!fs.existsSync(filePath)) {
+    return [];
+  }
+  try {
+    const content = fs.readFileSync(filePath, 'utf8');
+    const data = yaml.load(content) || {};
+    if (typeof data !== 'object' || Array.isArray(data)) return [];
+    return Object.entries(data).map(([key, val]) => ({
+      key,
+      value: (val !== null && val !== undefined) ? String(val) : ''
+    }));
+  } catch {
+    return [];
+  }
+}
+
+const KEY_COL_WIDTH = 45;
+const TABLE_SEPARATOR_LENGTH = 120;
+
+/**
+ * Log a list of secret keys and values as a table (header, column headers, separator, rows).
+ * Keys are sorted alphabetically. Matches datasource list style.
+ * @param {string} emptyMessage - Message when items.length === 0
+ * @param {string} title - Table title (e.g. "User secrets")
+ * @param {Array<{ key: string, value: string }>} items - Key-value pairs
+ */
+function logKeyValueList(emptyMessage, title, items) {
+  if (items.length === 0) {
+    logger.log(chalk.gray(emptyMessage));
+    return;
+  }
+  logger.log(chalk.bold(`\n📋 ${title}:\n`));
+  logger.log(chalk.gray('Key'.padEnd(KEY_COL_WIDTH) + 'Value'));
+  logger.log(chalk.gray('-'.repeat(TABLE_SEPARATOR_LENGTH)));
+  const sorted = [...items].sort((a, b) => a.key.localeCompare(b.key, undefined, { sensitivity: 'base' }));
+  sorted.forEach(({ key, value }) => {
+    const keyCol = key.padEnd(KEY_COL_WIDTH);
+    logger.log(`${keyCol}${value}`);
+  });
+  logger.log('');
+}
+
+/**
+ * List shared secrets (remote API or file) and log key and value.
+ * @param {string} generalSecretsPath - Path or URL for shared secrets
+ * @returns {Promise<void>}
+ */
+async function listSharedSecrets(generalSecretsPath) {
+  if (isRemoteSecretsUrl(generalSecretsPath)) {
+    const auth = await getRemoteDevAuth();
+    if (!auth) {
+      throw new Error(REMOTE_NOT_CONFIGURED_MSG);
+    }
+    const items = await devApi.listSecrets(auth.serverUrl, auth.clientCertPem);
+    const keyValues = items.map(i => ({ key: i.name || i.key || '', value: (i.value !== null && i.value !== undefined) ? String(i.value) : '' }));
+    logKeyValueList('No shared secrets (remote).', 'Shared secrets (remote)', keyValues);
+    return;
+  }
+  const resolvedPath = path.isAbsolute(generalSecretsPath)
+    ? generalSecretsPath
+    : path.resolve(process.cwd(), generalSecretsPath);
+  const keyValues = listKeysAndValuesFromFile(resolvedPath);
+  const fileTitle = `Shared secrets (file: ${resolvedPath})`;
+  logKeyValueList('No shared secrets in file.', fileTitle, keyValues);
+}
+
+/** List user secrets and log key and value. */
+function listUserSecrets() {
+  const userSecretsPath = path.join(pathsUtil.getAifabrixHome(), 'secrets.local.yaml');
+  const keyValues = listKeysAndValuesFromFile(userSecretsPath);
+  logKeyValueList('No user secrets.', 'User secrets', keyValues);
+}
+
+/**
+ * Handle secret list command. Lists key and value for each secret.
+ * @param {Object} options - Command options
+ * @param {boolean} [options.shared] - If true, list shared secrets (file or remote API)
+ * @returns {Promise<void>}
+ */
+async function handleSecretsList(options) {
+  const isShared = options.shared || options['shared'] || false;
+
+  if (isShared) {
+    const generalSecretsPath = await getAifabrixSecretsPath();
+    if (!generalSecretsPath) {
+      throw new Error('Shared secrets not configured. Set aifabrix-secrets in config.yaml.');
+    }
+    await listSharedSecrets(generalSecretsPath);
+  } else {
+    listUserSecrets();
+  }
+}
+
+module.exports = { handleSecretsList };

package/lib/commands/secrets-remove.js

@@ -0,0 +1,97 @@
+/**
+ * @fileoverview aifabrix secret remove – remove a secret (user file, shared file, or remote API)
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+const path = require('path');
+const fs = require('fs');
+const yaml = require('js-yaml');
+const chalk = require('chalk');
+const logger = require('../utils/logger');
+const { getAifabrixSecretsPath } = require('../core/config');
+const pathsUtil = require('../utils/paths');
+const { isRemoteSecretsUrl, getRemoteDevAuth } = require('../utils/remote-dev-auth');
+const devApi = require('../api/dev.api');
+
+/**
+ * Remove a key from a YAML secrets file.
+ * @param {string} key - Secret key
+ * @param {string} filePath - Absolute path to secrets file
+ * @throws {Error} If file cannot be read or written
+ */
+function removeKeyFromFile(key, filePath) {
+  let data = {};
+  if (fs.existsSync(filePath)) {
+    const content = fs.readFileSync(filePath, 'utf8');
+    data = yaml.load(content) || {};
+    if (typeof data !== 'object' || Array.isArray(data)) {
+      data = {};
+    }
+  }
+  if (!Object.prototype.hasOwnProperty.call(data, key)) {
+    throw new Error(`Secret '${key}' not found.`);
+  }
+  delete data[key];
+  const yamlContent = yaml.dump(data, { indent: 2, lineWidth: 120, noRefs: true, sortKeys: false });
+  fs.writeFileSync(filePath, yamlContent, { mode: 0o600 });
+}
+
+/**
+ * Remove secret from shared store (remote API or file).
+ * @param {string} key - Secret key
+ * @param {string} generalSecretsPath - Path or URL for shared secrets
+ * @returns {Promise<void>}
+ */
+async function removeSharedSecret(key, generalSecretsPath) {
+  if (isRemoteSecretsUrl(generalSecretsPath)) {
+    const auth = await getRemoteDevAuth();
+    if (!auth) {
+      throw new Error('Remote server not configured or certificate missing. Run "aifabrix dev init" first.');
+    }
+    try {
+      await devApi.deleteSecret(auth.serverUrl, auth.clientCertPem, key);
+    } catch (err) {
+      if (err.status === 404) {
+        throw new Error(`Secret '${key}' not found.`);
+      }
+      throw err;
+    }
+    logger.log(chalk.green(`✓ Secret '${key}' removed from remote shared secrets.`));
+    return;
+  }
+  const resolvedPath = path.isAbsolute(generalSecretsPath)
+    ? generalSecretsPath
+    : path.resolve(process.cwd(), generalSecretsPath);
+  removeKeyFromFile(key, resolvedPath);
+  logger.log(chalk.green(`✓ Secret '${key}' removed from shared secrets file.`));
+}
+
+/**
+ * Handle secret remove command.
+ * @param {string} key - Secret key to remove
+ * @param {Object} options - Command options
+ * @param {boolean} [options.shared] - If true, remove from shared secrets (file or remote API)
+ * @returns {Promise<void>}
+ */
+async function handleSecretsRemove(key, options) {
+  if (!key || typeof key !== 'string') {
+    throw new Error('Secret key is required.');
+  }
+
+  const isShared = options.shared || options['shared'] || false;
+
+  if (isShared) {
+    const generalSecretsPath = await getAifabrixSecretsPath();
+    if (!generalSecretsPath) {
+      throw new Error('Shared secrets not configured. Set aifabrix-secrets in config.yaml.');
+    }
+    await removeSharedSecret(key, generalSecretsPath);
+  } else {
+    const userSecretsPath = path.join(pathsUtil.getAifabrixHome(), 'secrets.local.yaml');
+    removeKeyFromFile(key, userSecretsPath);
+    logger.log(chalk.green(`✓ Secret '${key}' removed from user secrets.`));
+  }
+}
+
+module.exports = { handleSecretsRemove };

package/lib/commands/secrets-set.js

@@ -15,24 +15,46 @@ const logger = require('../utils/logger');
 const { getAifabrixSecretsPath } = require('../core/config');
 const { saveLocalSecret, saveSecret } = require('../utils/local-secrets');
 const pathsUtil = require('../utils/paths');
+const { isRemoteSecretsUrl, getRemoteDevAuth } = require('../utils/remote-dev-auth');
+const devApi = require('../api/dev.api');
 
 /**
- * Handle secrets set command action
- * Sets a secret value in either user secrets or general secrets file
+ * Handle secret set command action
+ * Sets a secret value in either user secrets, general secrets file, or remote API (when aifabrix-secrets is http(s) URL).
  *
  * @async
  * @function handleSecretsSet
  * @param {string} key - Secret key name
  * @param {string} value - Secret value (supports full URLs or environment variable interpolation)
  * @param {Object} options - Command options
- * @param {boolean} [options.shared] - If true, save to general secrets file
+ * @param {boolean} [options.shared] - If true, save to general secrets file or remote API
  * @returns {Promise<void>} Resolves when secret is saved
  * @throws {Error} If save fails or validation fails
- *
- * @example
- * await handleSecretsSet('keycloak-public-server-urlKeyVault', 'https://mydomain.com/keycloak', { shared: false });
- * await handleSecretsSet('keycloak-public-server-urlKeyVault', 'https://${VAR}:8182', { shared: true });
  */
+/**
+ * Save secret to shared store (remote API or file).
+ * @param {string} key - Secret key
+ * @param {string} value - Secret value
+ * @param {string} generalSecretsPath - Path or URL for shared secrets
+ * @returns {Promise<void>}
+ */
+async function setSharedSecret(key, value, generalSecretsPath) {
+  if (isRemoteSecretsUrl(generalSecretsPath)) {
+    const auth = await getRemoteDevAuth();
+    if (!auth) {
+      throw new Error('Remote server not configured or certificate missing. Run "aifabrix dev init" first.');
+    }
+    await devApi.addSecret(auth.serverUrl, auth.clientCertPem, { key, value });
+    logger.log(chalk.green(`✓ Secret '${key}' saved to remote secrets (shared).`));
+    return;
+  }
+  const resolvedPath = path.isAbsolute(generalSecretsPath)
+    ? generalSecretsPath
+    : path.resolve(process.cwd(), generalSecretsPath);
+  await saveSecret(key, value, resolvedPath);
+  logger.log(chalk.green(`✓ Secret '${key}' saved to general secrets file: ${resolvedPath}`));
+}
+
 async function handleSecretsSet(key, value, options) {
   if (!key || typeof key !== 'string') {
     throw new Error('Secret key is required and must be a string');
@@ -45,21 +67,12 @@ async function handleSecretsSet(key, value, options) {
   const isShared = options.shared || options['shared'] || false;
 
   if (isShared) {
-    // Save to general secrets file
     const generalSecretsPath = await getAifabrixSecretsPath();
     if (!generalSecretsPath) {
       throw new Error('General secrets file not configured. Set aifabrix-secrets in config.yaml or use without --shared flag for user secrets.');
     }
-
-    // Resolve path (handle absolute vs relative)
-    const resolvedPath = path.isAbsolute(generalSecretsPath)
-      ? generalSecretsPath
-      : path.resolve(process.cwd(), generalSecretsPath);
-
-    await saveSecret(key, value, resolvedPath);
-    logger.log(chalk.green(`✓ Secret '${key}' saved to general secrets file: ${resolvedPath}`));
+    await setSharedSecret(key, value, generalSecretsPath);
   } else {
-    // Save to user secrets file
     await saveLocalSecret(key, value);
     const userSecretsPath = path.join(pathsUtil.getAifabrixHome(), 'secrets.local.yaml');
     logger.log(chalk.green(`✓ Secret '${key}' saved to user secrets file: ${userSecretsPath}`));

package/lib/commands/secrets-validate.js

@@ -0,0 +1,50 @@
+/**
+ * AI Fabrix Builder – Secrets validate command
+ *
+ * Validates a secrets file (structure and optional naming convention).
+ *
+ * @fileoverview Secrets validate command implementation
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+const chalk = require('chalk');
+const path = require('path');
+const logger = require('../utils/logger');
+const { validateSecretsFile } = require('../utils/secrets-validation');
+const pathsUtil = require('../utils/paths');
+const secretsEnsure = require('../core/secrets-ensure');
+
+/**
+ * Handle secret validate command action.
+ * Validates secrets file at given path or at resolved write target from config.
+ *
+ * @async
+ * @function handleSecretsValidate
+ * @param {string} [pathArg] - Optional path to secrets file
+ * @param {Object} options - Command options
+ * @param {boolean} [options.naming] - Check key names against *KeyVault convention
+ * @returns {Promise<{ valid: boolean, errors: string[] }>}
+ */
+async function handleSecretsValidate(pathArg, options = {}) {
+  let filePath = pathArg;
+  if (!filePath) {
+    const target = await secretsEnsure.resolveWriteTarget();
+    if (target.type === 'file' && target.filePath) {
+      filePath = target.filePath;
+    } else {
+      filePath = path.join(pathsUtil.getAifabrixHome(), 'secrets.local.yaml');
+    }
+  }
+
+  const result = validateSecretsFile(filePath, { checkNaming: Boolean(options.naming) });
+  if (result.valid) {
+    logger.log(chalk.green(`✓ Secrets file is valid: ${result.path}`));
+    return { valid: true, errors: [] };
+  }
+  logger.log(chalk.red(`✗ Validation failed: ${result.path}`));
+  result.errors.forEach((err) => logger.log(chalk.yellow(`  • ${err}`)));
+  return { valid: false, errors: result.errors };
+}
+
+module.exports = { handleSecretsValidate };

package/lib/commands/test-e2e-external.js

@@ -0,0 +1,165 @@
+/**
+ * Run E2E tests for all datasources of an external system.
+ *
+ * @fileoverview test-e2e <external system> – run E2E for every datasource
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+'use strict';
+
+const path = require('path');
+const fs = require('fs');
+const chalk = require('chalk');
+const logger = require('../utils/logger');
+const { getIntegrationPath } = require('../utils/paths');
+const { resolveApplicationConfigPath } = require('../utils/app-config-resolver');
+const { loadConfigFile } = require('../utils/config-format');
+const { discoverIntegrationFiles, buildEffectiveDatasourceFiles } = require('./repair-internal');
+const { runDatasourceTestE2E } = require('../datasource/test-e2e');
+
+/**
+ * Derives datasource key from filename when file has no key (same logic as repair).
+ * @param {string} fileName - Datasource file name
+ * @param {string} systemKey - System key
+ * @returns {string}
+ */
+function deriveDatasourceKeyFromFileName(fileName, systemKey) {
+  const base = path.basename(fileName, path.extname(fileName));
+  if (/^datasource-/.test(base)) {
+    const suffix = base.slice('datasource-'.length);
+    return systemKey && typeof systemKey === 'string' ? `${systemKey}-${suffix}` : base;
+  }
+  return base.replace(/-datasource-/, '-');
+}
+
+/* eslint-disable max-statements -- Key resolution from system or files */
+/**
+ * Resolves the list of datasource keys for an external system (from system file or discovered files).
+ * @param {string} appPath - Integration app path
+ * @param {string} configPath - Application config path
+ * @param {Object} variables - Loaded application variables (externalIntegration.dataSources = filenames)
+ * @param {string} systemKey - System key from system file
+ * @param {Object} systemParsed - Parsed system config (may have dataSources array of keys)
+ * @param {string[]} datasourceFiles - Discovered datasource filenames
+ * @returns {string[]} Sorted list of datasource keys
+ */
+function getDatasourceKeys(appPath, configPath, variables, systemKey, systemParsed, datasourceFiles) {
+  const fromSystem = Array.isArray(systemParsed.dataSources) && systemParsed.dataSources.length > 0
+    ? systemParsed.dataSources
+    : null;
+  const keys = [];
+  const seen = new Set();
+  if (fromSystem) {
+    fromSystem.forEach(k => {
+      if (k && typeof k === 'string' && !seen.has(k)) {
+        keys.push(k.trim());
+        seen.add(k.trim());
+      }
+    });
+    keys.sort();
+    return keys;
+  }
+  for (const fileName of datasourceFiles) {
+    const filePath = path.join(appPath, fileName);
+    if (!fs.existsSync(filePath)) continue;
+    try {
+      const parsed = loadConfigFile(filePath);
+      const key = parsed && typeof parsed.key === 'string' && parsed.key.trim()
+        ? parsed.key.trim()
+        : deriveDatasourceKeyFromFileName(fileName, systemKey);
+      if (key && !seen.has(key)) {
+        keys.push(key);
+        seen.add(key);
+      }
+    } catch {
+      const key = deriveDatasourceKeyFromFileName(fileName, systemKey);
+      if (key && !seen.has(key)) {
+        keys.push(key);
+        seen.add(key);
+      }
+    }
+  }
+  keys.sort();
+  return keys;
+}
+
+/* eslint-disable max-lines-per-function, max-statements -- Load context, then loop over keys */
+/**
+ * Runs E2E for all datasources of an external system. Uses each datasource's payloadTemplate (no extra params required).
+ *
+ * @async
+ * @param {string} externalSystem - System key (e.g. hubspot-demo)
+ * @param {Object} options - Options passed to each runDatasourceTestE2E
+ * @param {string} [options.env] - Environment (dev, tst, pro)
+ * @param {boolean} [options.debug] - Include debug, write log
+ * @param {boolean} [options.verbose] - Verbose output
+ * @param {boolean} [options.async] - If false, sync mode (default true)
+ * @returns {Promise<{ success: boolean, results: Array<{ key: string, success: boolean, error?: string }> }>}
+ */
+async function runTestE2EForExternalSystem(externalSystem, options = {}) {
+  if (!externalSystem || typeof externalSystem !== 'string') {
+    throw new Error('External system name is required');
+  }
+  const appPath = getIntegrationPath(externalSystem);
+  if (!fs.existsSync(appPath)) {
+    throw new Error(`Integration path not found: ${appPath}`);
+  }
+  const configPath = resolveApplicationConfigPath(appPath);
+  let variables = {};
+  if (fs.existsSync(configPath)) {
+    variables = loadConfigFile(configPath);
+  }
+  const { systemFiles, datasourceFiles: discovered } = discoverIntegrationFiles(appPath);
+  if (systemFiles.length === 0) {
+    throw new Error(`No system file found in ${appPath}. Expected *-system.yaml or *-system.json`);
+  }
+  const datasourceFiles = buildEffectiveDatasourceFiles(
+    appPath,
+    discovered,
+    variables.externalIntegration?.dataSources
+  );
+  const systemPath = path.join(appPath, systemFiles[0]);
+  const systemParsed = loadConfigFile(systemPath);
+  const systemKey = systemParsed.key ||
+    path.basename(systemFiles[0], path.extname(systemFiles[0])).replace(/-system$/, '');
+
+  const keys = getDatasourceKeys(
+    appPath,
+    configPath,
+    variables,
+    systemKey,
+    systemParsed,
+    datasourceFiles
+  );
+  if (keys.length === 0) {
+    logger.log(chalk.yellow(`No datasources found for ${externalSystem}. Add datasource files and run aifabrix repair.`));
+    return { success: true, results: [] };
+  }
+
+  const results = [];
+  const opts = {
+    app: externalSystem,
+    environment: options.env,
+    debug: options.debug,
+    verbose: options.verbose,
+    async: options.async !== false
+  };
+  for (const key of keys) {
+    try {
+      const data = await runDatasourceTestE2E(key, opts);
+      const steps = data.steps || data.completedActions || [];
+      const failed = data.success === false || steps.some(s => s.success === false || s.error);
+      results.push({ key, success: !failed });
+    } catch (err) {
+      results.push({ key, success: false, error: err.message });
+    }
+  }
+  const success = results.every(r => r.success);
+  return { success, results };
+}
+
+module.exports = {
+  runTestE2EForExternalSystem,
+  getDatasourceKeys
+};

package/lib/commands/up-dataplane.js

@@ -86,7 +86,7 @@ async function handleUpDataplane(options = {}) {
   logger.log(chalk.blue('Starting up-dataplane (register/rotate, deploy, then run dataplane locally)...\n'));
 
   const [controllerUrl, environmentKey] = await Promise.all([resolveControllerUrl(), resolveEnvironment()]);
-  const authConfig = await checkAuthentication(controllerUrl, environmentKey);
+  const authConfig = await checkAuthentication(controllerUrl, environmentKey, { throwOnFailure: true });
 
   const cfg = await config.getConfig();
   const environment = (cfg && cfg.environment) ? cfg.environment : 'dev';
@@ -108,7 +108,7 @@ async function handleUpDataplane(options = {}) {
 
   await app.deployApp('dataplane', deployOpts);
   logger.log('');
-  await app.runApp('dataplane', {});
+  await app.runApp('dataplane', { skipEnvOutputPath: true });
 
   logger.log(chalk.green('\n✓ up-dataplane complete. Dataplane is registered, deployed in dev, and running locally.'));
 }

package/lib/commands/up-miso.js

@@ -14,16 +14,10 @@ const pathsUtil = require('../utils/paths');
 const { loadConfigFile } = require('../utils/config-format');
 const logger = require('../utils/logger');
 const config = require('../core/config');
-const secrets = require('../core/secrets');
 const infra = require('../infrastructure');
 const app = require('../app');
-const { saveLocalSecret } = require('../utils/local-secrets');
 const { ensureAppFromTemplate, patchEnvOutputPathForDeployOnly, validateEnvOutputPathFolderOrNull } = require('./up-common');
 
-/** Keycloak base port (from templates/applications/keycloak application config) */
-const KEYCLOAK_BASE_PORT = 8082;
-/** Miso controller base port (dev-config app base) */
-const MISO_BASE_PORT = 3000;
 /**
  * Parse --image options array into map { keycloak?: string, 'miso-controller'?: string }
  * @param {string[]|string} imageOpts - Option value(s) e.g. ['keycloak=reg/k:v1', 'miso-controller=reg/m:v1']
@@ -64,22 +58,6 @@ function buildImageRefFromRegistry(appName, registry) {
   }
 }
 
-/**
- * Set URL secrets and resolve keycloak + miso-controller (no force; existing .env preserved)
- * @async
- * @param {number} devIdNum - Developer ID number
- */
-async function setMisoSecretsAndResolve(devIdNum) {
-  const keycloakPort = KEYCLOAK_BASE_PORT + (devIdNum === 0 ? 0 : devIdNum * 100);
-  const misoPort = MISO_BASE_PORT + (devIdNum === 0 ? 0 : devIdNum * 100);
-  await saveLocalSecret('keycloak-public-server-urlKeyVault', `http://localhost:${keycloakPort}`);
-  await saveLocalSecret('miso-controller-web-server-url', `http://localhost:${misoPort}`);
-  logger.log(chalk.green('✓ Set keycloak and miso-controller URL secrets'));
-  await secrets.generateEnvFile('keycloak', undefined, 'docker', false, true);
-  await secrets.generateEnvFile('miso-controller', undefined, 'docker', false, true);
-  logger.log(chalk.green('✓ Resolved keycloak and miso-controller'));
-}
-
 /**
  * Build run options and run keycloak, then miso-controller
  * @async
@@ -130,9 +108,6 @@ async function handleUpMiso(options = {}) {
   // Deploy-only: do not copy .env to repo paths; patch variables so envOutputPath is null
   patchEnvOutputPathForDeployOnly('keycloak');
   patchEnvOutputPathForDeployOnly('miso-controller');
-  const developerId = await config.getDeveloperId();
-  const devIdNum = typeof developerId === 'string' ? parseInt(developerId, 10) : developerId;
-  await setMisoSecretsAndResolve(devIdNum);
   await runMisoApps(options);
   logger.log(chalk.green('\n✓ up-miso complete. Keycloak and miso-controller are running.') +
     chalk.gray('\n  Run onboarding and register Keycloak from the miso-controller repo if needed. Use \'aifabrix up-dataplane\' for dataplane.'));