@aifabrix/builder 2.41.0 → 2.42.1

package/lib/validation/validate-display.js

@@ -8,6 +8,7 @@
  * @version 2.0.0
  */
 
+const path = require('path');
 const chalk = require('chalk');
 const logger = require('../utils/logger');
 const { loadConfigFile } = require('../utils/config-format');
@@ -242,22 +243,25 @@ function displayApplicationStep(application) {
  * @returns {void}
  */
 function displayComponentsStep(components) {
-  if (!components.files || components.files.length === 0) {
+  const hasFiles = components.files && components.files.length > 0;
+  const hasErrors = components.errors && components.errors.length > 0;
+  if (!hasFiles && !hasErrors) {
     return;
   }
 
   logger.log(chalk.blue('\nExternal Integration Files:'));
-  components.files.forEach(file => {
-    if (file.valid) {
-      logger.log(chalk.green(`  ✓ ${file.file} (${file.type})`));
-    } else {
-      logger.log(chalk.red(`  ✗ ${file.file} (${file.type})`));
-    }
-  });
-
-  if (components.errors && components.errors.length > 0) {
+  if (hasFiles) {
+    components.files.forEach(file => {
+      if (file.valid) {
+        logger.log(chalk.green(`  ✓ ${file.file} (${file.type})`));
+      } else {
+        logger.log(chalk.red(`  ✗ ${file.file} (${file.type})`));
+      }
+    });
+  }
+  if (hasErrors) {
     components.errors.forEach(error => {
-      logger.log(chalk.red(`    • ${error}`));
+      logger.log(chalk.red(`  • ${error}`));
     });
   }
 }
@@ -301,7 +305,9 @@ function displayDimensionsStep(datasourceFiles) {
  */
 function displayManifestStep(manifest, componentFiles) {
   logger.log(chalk.blue('\nDeployment Manifest:'));
-  if (manifest.valid) {
+  if (manifest.skipped) {
+    logger.log(chalk.yellow('  ⊘ Skipped (fix errors above first)'));
+  } else if (manifest.valid) {
     logger.log(chalk.green('  ✓ Full deployment manifest is valid'));
     if (componentFiles) {
       const datasourceFiles = componentFiles.filter(f => f.type === 'datasource' || f.type === 'external-datasource');
@@ -311,10 +317,14 @@ function displayManifestStep(manifest, componentFiles) {
     }
   } else {
     logger.log(chalk.red('  ✗ Full deployment manifest validation failed:'));
-    if (manifest.errors && manifest.errors.length > 0) {
-      manifest.errors.forEach(error => {
-        logger.log(chalk.red(`    • ${error}`));
+    const errs = manifest.errors && manifest.errors.length > 0 ? manifest.errors : [];
+    if (errs.length > 0) {
+      errs.forEach(error => {
+        const msg = typeof error === 'string' ? error : String(error);
+        logger.log(chalk.red(`    • ${msg}`));
       });
+    } else {
+      logger.log(chalk.red('    • No error details available (check schema and manifest structure).'));
     }
   }
   if (manifest.warnings && manifest.warnings.length > 0) {
@@ -338,7 +348,7 @@ function displayStepByStepValidation(result) {
 
   displayApplicationStep(result.steps.application);
 
-  if (result.steps.components.files && result.steps.components.files.length > 0) {
+  if (!result.steps.components.valid || (result.steps.components.files && result.steps.components.files.length > 0)) {
     displayComponentsStep(result.steps.components);
   }
 
@@ -356,6 +366,68 @@ function displayStepByStepValidation(result) {
   if (result.warnings && result.warnings.length > 0) {
     displayAggregatedWarnings(result.warnings);
   }
+
+  displayOverallStatus(result);
+  if (result.appPath) {
+    logger.log(chalk.gray(`\n${path.resolve(result.appPath)}`));
+  }
+}
+
+/**
+ * Displays batch validation results (per-app blocks then summary).
+ * Expects batchResult.batch === true and batchResult.results.
+ * @function displayBatchValidationResults
+ * @param {Object} batchResult - Batch result from validateAllIntegrations / validateAllBuilderApps / validateAll
+ */
+function displayBatchValidationResults(batchResult) {
+  if (!batchResult || batchResult.batch !== true || !Array.isArray(batchResult.results)) {
+    return;
+  }
+
+  const results = batchResult.results;
+  results.forEach(item => {
+    logger.log(chalk.blue(`\n--- ${item.appName} ---`));
+    if (item.error) {
+      logger.log(chalk.red(`  ✗ ${item.error}`));
+    } else if (item.result) {
+      displayValidationResults(item.result);
+    }
+  });
+
+  const passed = results.filter(r => r.result && r.result.valid).length;
+  const failed = results.length - passed;
+  logger.log(chalk.blue('\n--- Summary ---'));
+  if (failed === 0) {
+    logger.log(chalk.green(`✓ ${passed} passed, 0 failed`));
+    logger.log(chalk.green('Overall: Passed'));
+  } else {
+    logger.log(chalk.red(`✗ ${passed} passed, ${failed} failed`));
+    logger.log(chalk.red('Overall: Failed'));
+  }
+}
+
+/**
+ * Displays overall validation status
+ * @param {Object} result - Validation result
+ */
+function displayOverallStatus(result) {
+  let hasErrors = result.errors && result.errors.length > 0;
+  if (!hasErrors && result.steps) {
+    const stepErrors = [result.steps.application, result.steps.components, result.steps.manifest]
+      .filter(Boolean)
+      .some(s => s.errors && s.errors.length > 0);
+    if (stepErrors) {
+      hasErrors = true;
+    }
+  }
+  const hasWarnings = result.warnings && result.warnings.length > 0;
+  if (hasErrors) {
+    logger.log(chalk.red('\nOverall: Failed'));
+  } else if (hasWarnings) {
+    logger.log(chalk.yellow('\nOverall: Passed with warnings'));
+  } else {
+    logger.log(chalk.green('\nOverall: Passed'));
+  }
 }
 
 /**
@@ -390,10 +462,16 @@ function displayValidationResults(result) {
   // Combine all warnings
   const allWarnings = [...(result.warnings || []), ...dimensionWarnings];
   displayAggregatedWarnings(allWarnings);
+
+  displayOverallStatus(result);
+  if (result.appPath) {
+    logger.log(chalk.gray(`\n${path.resolve(result.appPath)}`));
+  }
 }
 
 module.exports = {
   displayValidationResults,
+  displayBatchValidationResults,
   displayStepByStepValidation,
   displayApplicationValidation,
   displayExternalFilesValidation,

package/lib/validation/validate.js

@@ -16,11 +16,16 @@ const { resolveExternalFiles } = require('../utils/schema-resolver');
 const { loadExternalSystemSchema, loadExternalDataSourceSchema, detectSchemaType } = require('../utils/schema-loader');
 const { formatValidationErrors } = require('../utils/error-formatter');
 const { detectAppType } = require('../utils/paths');
+const batch = require('./validate-batch');
 const { logOfflinePathWhenType } = require('../utils/cli-utils');
 const { resolveApplicationConfigPath } = require('../utils/app-config-resolver');
-const { displayValidationResults } = require('./validate-display');
+const { displayValidationResults, displayBatchValidationResults } = require('./validate-display');
 const { generateControllerManifest } = require('../generator/external-controller-manifest');
 const { validateControllerManifest } = require('./external-manifest-validator');
+const {
+  validateOAuth2GrantTypeAndAuthorizationUrl,
+  validateConfigurationNoStandardAuthVariables
+} = require('./external-system-auth-rules');
 
 /**
  * Validates a file path (detects type and validates)
@@ -191,6 +196,8 @@ async function validateExternalFile(filePath, type) {
 
   if (normalizedType === 'system') {
     validateRoleReferences(parseResult.parsed, errors);
+    validateOAuth2GrantTypeAndAuthorizationUrl(parseResult.parsed, errors);
+    validateConfigurationNoStandardAuthVariables(parseResult.parsed, errors);
   }
 
   return {
@@ -398,6 +405,7 @@ async function validateExternalSystemComplete(appName, options = {}) {
     throw new Error('App name is required and must be a string');
   }
 
+  const { appPath } = await detectAppType(appName, options);
   const steps = {
     application: { valid: false, errors: [], warnings: [] },
     components: { valid: false, errors: [], warnings: [], files: [] },
@@ -414,11 +422,13 @@ async function validateExternalSystemComplete(appName, options = {}) {
 
   // If components have errors, return early (don't validate manifest)
   if (!steps.components.valid) {
+    steps.manifest = { valid: true, errors: [], warnings: [], skipped: true };
     return {
       valid: false,
       errors: [...steps.application.errors, ...steps.components.errors],
       warnings: [...steps.application.warnings, ...steps.components.warnings],
-      steps
+      steps,
+      appPath
     };
   }
 
@@ -433,7 +443,8 @@ async function validateExternalSystemComplete(appName, options = {}) {
     valid: allErrors.length === 0,
     errors: allErrors,
     warnings: allWarnings,
-    steps
+    steps,
+    appPath
   };
 }
 
@@ -451,29 +462,31 @@ async function validateAppOrFile(appOrFile, options = {}) {
   const { appPath, isExternal } = await detectAppType(appName);
   logOfflinePathWhenType(appPath);
 
-  if (isExternal) {
-    return await validateExternalSystemComplete(appName, options);
-  }
+  if (isExternal) return await validateExternalSystemComplete(appName, options);
 
   const appValidation = await validator.validateApplication(appName, options);
   const rbacValidation = await validateRbacForExternalSystem(isExternal, appName);
-
   const variablesPath = resolveApplicationConfigPath(appPath);
   const earlyReturn = loadVariablesAndCheckExternalIntegration(variablesPath, appValidation);
-  if (earlyReturn) {
-    return earlyReturn;
-  }
+  if (earlyReturn) return earlyReturn;
 
   const externalValidations = await validateExternalFilesForApp(appName, options);
-  return aggregateValidationResults(appValidation, externalValidations, rbacValidation);
+  const result = aggregateValidationResults(appValidation, externalValidations, rbacValidation);
+  result.appPath = appPath;
+  return result;
 }
 
 module.exports = {
   validateAppOrFile,
   validateExternalSystemComplete,
   displayValidationResults,
+  displayBatchValidationResults,
   validateExternalFile,
   validateExternalFilesForApp,
-  validateFilePath
+  validateFilePath,
+  validateAllIntegrations: (opts = {}) => batch.validateAllIntegrations(validateAppOrFile, opts),
+  validateAllBuilderApps: (opts = {}) => batch.validateAllBuilderApps(validateAppOrFile, opts),
+  validateAll: (opts = {}) => batch.validateAll(validateAppOrFile, opts),
+  buildBatchResult: batch.buildBatchResult
 };
 

package/lib/validation/validator.js

@@ -21,6 +21,8 @@ const { checkEnvironment } = require('../utils/environment-checker');
 const { formatValidationErrors } = require('../utils/error-formatter');
 const { detectAppType, resolveApplicationConfigPath } = require('../utils/paths');
 const { loadConfigFile } = require('../utils/config-format');
+const { validateAuthKvCoverage } = require('./env-template-auth');
+const { validateKvReferencesInLines } = require('./env-template-kv');
 
 /**
  * Validates application config file against application schema
@@ -250,7 +252,7 @@ async function validateEnvTemplate(appName, options = {}) {
   }
 
   // Support both builder/ and integration/ directories using detectAppType
-  const { appPath } = await detectAppType(appName, options);
+  const { appPath, isExternal } = await detectAppType(appName, options);
   const templatePath = path.join(appPath, 'env.template');
 
   if (!fs.existsSync(templatePath)) {
@@ -281,14 +283,10 @@ async function validateEnvTemplate(appName, options = {}) {
     }
   });
 
-  // Check for kv:// reference format
-  const kvPattern = /kv:\/\/([a-zA-Z0-9-_]+)/g;
-  let match;
-  while ((match = kvPattern.exec(content)) !== null) {
-    const secretKey = match[1];
-    if (!secretKey) {
-      errors.push('Invalid kv:// reference format');
-    }
+  validateKvReferencesInLines(lines, errors);
+
+  if (isExternal) {
+    await validateAuthKvCoverage(appPath, content, errors, warnings, options);
   }
 
   return {

package/lib/validation/wizard-datasource-validation.js

@@ -0,0 +1,50 @@
+/**
+ * @fileoverview Wizard datasource validation helpers - validate datasourceKeys and entityName against dataplane
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+/**
+ * Validate that all datasourceKeys exist in the platform's available datasources
+ * @function validateDatasourceKeysForPlatform
+ * @param {string[]} datasourceKeys - User-provided datasource keys
+ * @param {Array<{key: string, displayName?: string, entity?: string}>} availableDatasources - Platform datasources
+ * @returns {{ valid: boolean, invalidKeys: string[] }} Validation result
+ */
+function validateDatasourceKeysForPlatform(datasourceKeys, availableDatasources) {
+  if (!Array.isArray(datasourceKeys) || datasourceKeys.length === 0) {
+    return { valid: true, invalidKeys: [] };
+  }
+  const availableKeys = Array.isArray(availableDatasources)
+    ? availableDatasources.map(d => (d && typeof d === 'object' && d.key) ? d.key : null).filter(Boolean)
+    : [];
+  const invalidKeys = datasourceKeys.filter(k => !availableKeys.includes(k));
+  return {
+    valid: invalidKeys.length === 0,
+    invalidKeys
+  };
+}
+
+/**
+ * Validate that entityName exists in the discovered entities list
+ * @function validateEntityNameForOpenApi
+ * @param {string} entityName - User-provided entity name
+ * @param {Array<{name: string}>} entities - Discovered entities from OpenAPI
+ * @returns {{ valid: boolean }} Validation result
+ */
+function validateEntityNameForOpenApi(entityName, entities) {
+  if (!entityName || typeof entityName !== 'string' || entityName.trim() === '') {
+    return { valid: true };
+  }
+  const entityNames = Array.isArray(entities)
+    ? entities.map(e => (e && typeof e === 'object' && e.name) ? e.name : null).filter(Boolean)
+    : [];
+  return {
+    valid: entityNames.includes(entityName)
+  };
+}
+
+module.exports = {
+  validateDatasourceKeysForPlatform,
+  validateEntityNameForOpenApi
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aifabrix/builder",
-  "version": "2.41.0",
+  "version": "2.42.1",
   "description": "AI Fabrix Local Fabric & Deployment SDK",
   "main": "lib/index.js",
   "bin": {
@@ -10,6 +10,7 @@
   "scripts": {
     "test": "node tests/scripts/test-wrapper.js",
     "test:ci": "bash tests/scripts/ci-simulate.sh",
+    "test:same-as-github": "npm run build:ci",
     "test:coverage": "cross-env RUN_COVERAGE=1 node tests/scripts/test-wrapper.js",
     "test:coverage:nyc": "nyc --reporter=text --reporter=lcov --reporter=html jest --config jest.config.coverage.js --runInBand",
     "test:watch": "jest --watch",
@@ -71,13 +72,16 @@
   },
   "dependencies": {
     "ajv": "^8.12.0",
+    "ajv-formats": "^3.0.1",
     "axios": "^1.6.0",
     "chalk": "^4.1.2",
     "commander": "^11.1.0",
     "handlebars": "^4.7.8",
     "inquirer": "^8.2.5",
+    "inquirer-autocomplete-prompt": "^2.0.0",
     "js-yaml": "^4.1.0",
-    "ora": "^5.4.1"
+    "ora": "^5.4.1",
+    "yaml": "^2.4.0"
   },
   "devDependencies": {
     "@babel/preset-env": "^7.29.0",
@@ -86,6 +90,7 @@
     "cross-env": "^10.1.0",
     "eslint": "^8.55.0",
     "jest": "^30.2.0",
+    "markdownlint-cli": "^0.47.0",
     "nyc": "^17.1.0"
   },
   "repository": {

package/templates/applications/dataplane/application.yaml

@@ -5,7 +5,7 @@ app:
   description: "AI Fabrix Dataplane is a secure, in-tenant integration and automation layer that supplies governed, normalized, and explainable enterprise data to AI agents. Using CIP as a declarative standard, it enforces RBAC and ABAC, executes integrations, and exposes trusted data via MCP and OpenAPI."
   type: webapp
   language: python  # Explicitly specify Python language
-  version: 1.7.0
+  version: 1.8.0
 
 # Image Configuration
 # Set tag to match your build (e.g. aifabrix build dataplane -t v1.0.0 then tag: v1.0.0)

package/templates/applications/dataplane/env.template

@@ -1,5 +1,5 @@
 # Environment Variables Template
-# Use kv:// references for secrets (resolved from .aifabrix/secrets.yaml)
+# Use key-value refs (format: kv://secret-key) for secrets (resolved from .aifabrix/secrets.yaml)
 # Use ${VAR} for environment-specific values
 
 # =============================================================================
@@ -8,8 +8,8 @@
 
 # HTTP port for the app
 PORT=${PORT}
-# development | staging | production
-ENVIRONMENT=development
+# dev | tst | pro
+ENVIRONMENT=dev
 # Enable debug mode
 DEBUG=false
 # Logging level: DEBUG, INFO, WARNING, ERROR, CRITICAL
@@ -28,7 +28,7 @@ API_KEY=kv://miso-controller-api-key-secretKeyVault
 
 # API Configuration
 API_V1_STR=/api/v1
-VERSION=1.7.0
+VERSION=1.8.0
 # Base URL for the dataplane web server (used for default OAuth2 callback URL when redirectUri is omitted)
 DATAPLANE_WEB_SERVER_URL=kv://dataplane-web-server-url
 DATAPLANE_INTERNAL_URL=kv://dataplane-internal-server-url
@@ -105,7 +105,7 @@ KEYCLOAK_REALM=aifabrix
 # Public: browser redirects and CORS for client_token; set when controller is behind a different public URL.
 MISO_WEB_SERVER_URL=kv://miso-controller-web-server-url
 # Internal: server-to-controller API calls (auth, pipeline, status, RBAC).
-MISO_CONTROLLER_URL=kv://miso-controller-internal-server-url
+MISO_CONTROLLER_URL=http://${MISO_HOST}:${MISO_PORT}
 
 # Pipeline env key for controller URLs: /api/v1/pipeline/{envKey}/validate and /deploy.
 # Set MISO_PIPELINE_ENV_KEY=dev when controller uses dev (e.g. MISO_CLIENTID=miso-controller-dev-dataplane).

package/templates/applications/dataplane/rbac.yaml

@@ -38,8 +38,8 @@ roles:
 permissions:
   # Credential management
   - name: "credential:create"
-    roles: ["aifabrix-platform-admin"]
-    description: "Create credentials"
+    roles: ["aifabrix-platform-admin", "aifabrix-deployment-admin", "aifabrix-developer"]
+    description: "Create credentials (and store kv:// secrets for upload/publish)"
   
   - name: "credential:read"
     roles: ["aifabrix-platform-admin", "aifabrix-security-admin", "aifabrix-compliance-admin", "aifabrix-observer"]

package/templates/applications/miso-controller/env.template

@@ -59,7 +59,7 @@ ENABLE_API_DOCS=true
 # Rate Limiting Configuration (for local development)
 # Set DISABLE_RATE_LIMIT=true to disable rate limiting entirely (local development only)
 DISABLE_RATE_LIMIT=true
-# RATE_LIMIT_WINDOW_MS=900000  # 15 minutes in milliseconds (default: 900000)
+# RATE_LIMIT_WINDOW_MS=600000  # 10 minutes in milliseconds (default: 600000)
 # RATE_LIMIT_MAX=100           # Max requests per window (default: 100)
 
 # Package Version (auto-set by npm/pnpm, optional override)

package/templates/external-system/README.md.hbs

@@ -10,25 +10,29 @@
 
 ## Files
 
-- `application.yaml` – Application configuration with `app` and `externalIntegration` blocks
-- `{{systemKey}}-system.yaml` – External system definition (authentication, OpenAPI/MCP, RBAC)
+- `application{{fileExt}}` – Application configuration with `app` and `externalIntegration` blocks
+- `{{systemKey}}-system{{fileExt}}` – External system definition (authentication, OpenAPI/MCP, RBAC)
 {{#each datasources}}
 - `{{fileName}}` – Datasource: {{displayName}}
 {{/each}}
 - `env.template` – Environment variables template (secrets, API keys)
-- `{{systemKey}}-deploy.json` – Deployment manifest (generated by `aifabrix json`)
+- `{{systemKey}}-deploy.json` – Deployment manifest (generated by `aifabrix json {{appName}}`)
+- `deploy.js` – Deploy script for the integration
+- `wizard.yaml` – Wizard configuration (if created via wizard)
 
 Optional: `rbac.yaml` – Roles and permissions merged into the system when present.
 
 ## Quick Start
 
-### 1. Create External System
-
+Login to your controller
 ```bash
-aifabrix create {{appName}} --type external
+aifabrix auth config --set-controller <url> --set-environment dev
+aifabrix login
 ```
 
-Or use the interactive wizard:
+### 1. Extend External System
+
+Use the interactive wizard to extend your existing system:
 
 ```bash
 aifabrix wizard --app {{appName}}
@@ -38,36 +42,48 @@ aifabrix wizard --app {{appName}}
 
 Edit files in `integration/{{appName}}/`:
 
-- **Authentication**: `{{systemKey}}-system.yaml` (auth type, credentials placeholders)
-- **Field mappings**: `{{systemKey}}-datasource-*.yaml` (dimensions, attributes, operations)
+- **Authentication**: `{{systemKey}}-system{{fileExt}}` (auth type, credentials placeholders)
+- **Field mappings**: `{{systemKey}}-datasource-*-datasource{{fileExt}}` (dimensions, attributes, operations)
+- **Credential and configuration**: `env.template` (security settings and configuration variables)
 
-### 3. Validate Configuration
+{{#if secretPaths}}{{#if secretPaths.length}}
+### Secrets
+
+Secrets are resolved from `.aifabrix` or key vault. Set them with:
 
 ```bash
-aifabrix validate {{appName}} --type external
+{{#each secretPaths}}
+aifabrix secret set {{path}} <your value>   # {{description}}
+{{/each}}
 ```
+{{/if}}{{/if}}
 
-### 4. Generate Deployment Manifest
+### 3. Validate Configuration
 
 ```bash
-aifabrix json {{appName}} --type external
+aifabrix validate {{appName}}
 ```
 
-This creates `{{systemKey}}-deploy.json` in `integration/{{appName}}/`.
-
-### 5. Deploy
+### 4. Repair Deployment Manifest
 
-Controller URL and environment are read from config. Configure and log in first:
+**Run repair regularly.** It keeps naming conventions, filenames, and the deployment manifest aligned with AI Fabrix platform best practices. Use it after editing datasources, env.template, or system config—and run it often to catch drift early.
 
 ```bash
-aifabrix auth config --set-controller <url> --set-environment dev
-aifabrix login
+aifabrix repair {{appName}}
 ```
 
-Then deploy:
+Options:
+  --auth <method>  Set authentication method (oauth2, aad, apikey, basic, queryParam, oidc, hmac, none); updates system file and env.template
+  --dry-run        Report changes only; do not write
+  --rbac           Ensure RBAC permissions per datasource and add default Admin/Reader roles if none exist
+  --expose         Set exposed.attributes on each datasource to all fieldMappings.attributes keys
+  --sync           Add default sync section to datasources that lack it
+  --test           Generate testPayload.payloadTemplate and testPayload.expectedResult from attributes
+
+### 5. Upload to dataplane
 
 ```bash
-aifabrix deploy {{appName}}
+aifabrix upload {{appName}}
 ```
 
 ## Testing
@@ -84,6 +100,43 @@ aifabrix test {{appName}}
 aifabrix test-integration {{appName}}
 ```
 
+### End-to-end Tests (Via Dataplane)
+
+```bash
+aifabrix test-e2e {{appName}}
+```
+
+Options:
+  -e, --env <env>  Environment: dev, tst, or pro (builder: dev/tst for container)
+  -v, --verbose    Show detailed step output and poll progress
+  --debug          Include debug output and write log to integration/{{appName}}/logs/
+  --no-async       Use sync mode (no polling); single POST per datasource
+
+### E2E tests per datasource
+
+To run a full E2E test for a single datasource (config, credential, sync, data, CIP), use `aifabrix datasource test-e2e` with the datasource key and app:
+
+{{#if hasDatasources}}
+```bash
+{{#each datasources}}
+# {{displayName}}
+aifabrix datasource test-e2e {{datasourceKey}} --app {{../appName}}
+
+{{/each}}
+```
+{{/if}}
+
+Options:
+  -a, --app {{appName}}              App key (default: resolve from cwd if inside integration/{{appName}}/)
+  -e, --env <env>                    Environment: dev, tst, or pro
+  -v, --verbose                      Show detailed step output and poll progress
+  --debug                            Include debug output and write log to integration/{{appName}}/logs/
+  --test-crud                        Enable CRUD lifecycle test (body testCrud: true)
+  --record-id <id>                   Record ID for test (body recordId)
+  --no-cleanup                       Disable cleanup after test (body cleanup: false)
+  --primary-key-value <value|@path>  Primary key value or path to JSON file (e.g. @pk.json) for body primaryKeyValue
+  --no-async                         Use sync mode (no polling); single POST, no asyncRun
+
 ## Deployment
 
 Deploy via miso-controller pipeline (same as regular apps). Auth and controller come from `aifabrix login` and `aifabrix auth config`:
@@ -94,6 +147,6 @@ aifabrix deploy {{appName}}
 
 ## Troubleshooting
 
-- **Validation errors**: Run `aifabrix validate {{appName}} --type external` to see schema and manifest errors.
+- **Validation errors**: Run `aifabrix validate {{appName}}` to see schema and manifest errors.
 - **Deployment / auth**: Run `aifabrix auth config --set-controller <url> --set-environment <env>` and `aifabrix login` before `aifabrix deploy`.
 - **File not found**: Run commands from the project root (where `package.json` and `integration/` live).

package/templates/external-system/deploy.js.hbs

@@ -10,6 +10,8 @@ const { execSync } = require('child_process');
 const path = require('path');
 
 const scriptDir = __dirname;
+// Project root (repo containing integration/ and builder/) so deploy/test-integration resolve app paths correctly
+const projectRoot = path.join(scriptDir, '..', '..');
 const appKey = '{{systemKey}}';
 const env = process.env.ENVIRONMENT || 'dev';
 // Controller URL: from config (aifabrix auth config) or set CONTROLLER env before running
@@ -57,12 +59,12 @@ run('aifabrix validate "' + path.join(scriptDir, '{{this}}') + '"');
 console.log('✅ Validation passed');
 
 console.log('🚀 Deploying ' + appKey + '...');
-run('aifabrix deploy ' + appKey);
+run('aifabrix deploy ' + appKey, { cwd: projectRoot });
 console.log('✅ Deployment complete');
 
 if (process.env.RUN_TESTS !== 'false') {
   console.log('🧪 Running integration tests...');
-  run('aifabrix test-integration ' + appKey);
+  run('aifabrix test-integration ' + appKey, { cwd: projectRoot });
   console.log('✅ Tests passed');
 }