npm - @aifabrix/builder - Versions diffs - 2.42.1 → 2.44.0 - Mend

@aifabrix/builder 2.42.1 → 2.44.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (392) hide show

package/.cursor/rules/anchor-docs.mdc +15 -0
package/README.md +2 -2
package/anchor-docs/README.md +10 -0
package/anchor-docs/_TEMPLATE +24 -0
package/bin/aifabrix.js +13 -4
package/integration/hubspot-test/README.md +157 -0
package/integration/{hubspot → hubspot-test}/application.json +6 -6
package/integration/{hubspot → hubspot-test}/create-hubspot.js +10 -10
package/integration/hubspot-test/env.template +4 -0
package/integration/hubspot-test/hubspot-test-datasource-company.json +138 -0
package/integration/hubspot-test/hubspot-test-datasource-contact.json +146 -0
package/integration/hubspot-test/hubspot-test-datasource-deal.json +146 -0
package/integration/hubspot-test/hubspot-test-datasource-users.json +76 -0
package/integration/{hubspot/hubspot-deploy.json → hubspot-test/hubspot-test-deploy.json} +201 -24
package/integration/{hubspot/hubspot-system.json → hubspot-test/hubspot-test-system.json} +8 -7
package/integration/hubspot-test/rbac.json +166 -0
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-hubspot-credential-real.yaml +3 -3
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-hubspot-env-vars.yaml +2 -2
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-add-datasource.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-credential-create.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-credential-select.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-known-platform.yaml +1 -1
package/integration/hubspot-test/test-artifacts/wizard-invalid-missing-source.yaml +2 -0
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-mode.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-openapi-file.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-openapi-url.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-source.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-valid-for-dimension-array-test.yaml +1 -1
package/integration/hubspot-test/test-artifacts/wizard-valid-for-dimension-key-test.yaml +5 -0
package/integration/hubspot-test/test-artifacts/wizard-valid-for-dimension-path-test.yaml +5 -0
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-valid-for-dimension-test.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-valid-for-rbac-test.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-valid-for-rbac-yaml-test.yaml +1 -1
package/integration/{hubspot → hubspot-test}/test-dataplane-down-tests.js +1 -7
package/integration/{hubspot → hubspot-test}/test-dataplane-down.js +3 -3
package/integration/{hubspot → hubspot-test}/test.js +137 -102
package/integration/{hubspot → hubspot-test}/wizard-hubspot-e2e.yaml +2 -2
package/integration/{hubspot → hubspot-test}/wizard-hubspot-platform.yaml +1 -1
package/integration/hubspot-test/wizard-hubspot-test-headless.yaml +23 -0
package/integration/roundtrip-test-local/README.md +144 -0
package/integration/roundtrip-test-local/application.yaml +13 -0
package/integration/roundtrip-test-local/env.template +15 -0
package/integration/roundtrip-test-local/roundtrip-test-local-datasource-roundtrip-test-company.yaml +14 -0
package/integration/roundtrip-test-local/roundtrip-test-local-deploy.json +61 -0
package/integration/roundtrip-test-local/roundtrip-test-local-system.yaml +25 -0
package/integration/roundtrip-test-local2/README.md +144 -0
package/integration/roundtrip-test-local2/application.yaml +13 -0
package/integration/roundtrip-test-local2/env.template +15 -0
package/integration/roundtrip-test-local2/roundtrip-test-local2-datasource-company.yaml +31 -0
package/integration/roundtrip-test-local2/roundtrip-test-local2-deploy.json +86 -0
package/integration/roundtrip-test-local2/roundtrip-test-local2-system.yaml +25 -0
package/integration/test/wizard.yaml +8 -0
package/jest.config.default.js +10 -0
package/jest.config.integration.fixtures.js +22 -0
package/jest.config.integration.js +21 -18
package/jest.config.isolated.js +10 -0
package/jest.projects.js +288 -0
package/lib/api/datasources-core.api.js +3 -3
package/lib/api/dev-mtls-request.js +110 -0
package/lib/api/dev-server-https.js +145 -0
package/lib/api/dev.api.js +133 -144
package/lib/api/index.js +0 -1
package/lib/api/pipeline.api.js +67 -20
package/lib/api/service-users.api.js +111 -2
package/lib/api/types/dev.types.js +4 -3
package/lib/api/types/pipeline.types.js +8 -5
package/lib/api/types/service-users.types.js +41 -0
package/lib/api/types/validation-run.types.js +56 -0
package/lib/api/validation-run.api.js +99 -0
package/lib/api/validation-runner.js +99 -0
package/lib/app/config.js +1 -1
package/lib/app/deploy-status-display.js +2 -2
package/lib/app/deploy.js +7 -6
package/lib/app/display.js +2 -1
package/lib/app/dockerfile.js +3 -2
package/lib/app/down.js +2 -1
package/lib/app/helpers.js +6 -5
package/lib/app/index.js +27 -8
package/lib/app/list.js +7 -6
package/lib/app/push.js +4 -3
package/lib/app/register.js +19 -8
package/lib/app/rotate-secret.js +17 -13
package/lib/app/run-container-start.js +184 -0
package/lib/app/run-docker-fallback.js +108 -0
package/lib/app/run-env-compose.js +30 -42
package/lib/app/run-helpers.js +49 -126
package/lib/app/run-infra-requirements.js +30 -0
package/lib/app/run-resolve-image.js +21 -0
package/lib/app/run.js +74 -21
package/lib/app/show-display.js +1 -1
package/lib/app/show.js +1 -1
package/lib/build/index.js +13 -10
package/lib/cli/index.js +2 -0
package/lib/cli/setup-app.help.js +67 -0
package/lib/cli/setup-app.js +59 -123
package/lib/cli/setup-app.test-commands.js +179 -0
package/lib/cli/setup-auth.js +36 -14
package/lib/cli/setup-credential-deployment.js +22 -8
package/lib/cli/setup-dev-path-commands.js +124 -0
package/lib/cli/setup-dev.js +190 -103
package/lib/cli/setup-environment.js +11 -20
package/lib/cli/setup-external-system.js +62 -22
package/lib/cli/setup-infra.js +139 -47
package/lib/cli/setup-parameters.js +32 -0
package/lib/cli/setup-secrets.js +147 -10
package/lib/cli/setup-service-user.js +146 -20
package/lib/cli/setup-utility.js +47 -19
package/lib/commands/app-down.js +5 -7
package/lib/commands/app-install.js +14 -7
package/lib/commands/app-logs.js +13 -10
package/lib/commands/app-shell.js +4 -1
package/lib/commands/app-test.js +25 -19
package/lib/commands/app.js +22 -10
package/lib/commands/auth-config.js +10 -14
package/lib/commands/auth-status.js +4 -3
package/lib/commands/credential-env.js +4 -3
package/lib/commands/credential-list.js +5 -4
package/lib/commands/credential-push.js +4 -3
package/lib/commands/datasource-unified-test-cli.js +495 -0
package/lib/commands/datasource-unified-test-cli.options.js +149 -0
package/lib/commands/datasource-validation-cli.js +129 -0
package/lib/commands/datasource.js +123 -71
package/lib/commands/deployment-list.js +6 -5
package/lib/commands/dev-cli-handlers.js +122 -18
package/lib/commands/dev-down.js +4 -3
package/lib/commands/dev-init.js +231 -116
package/lib/commands/dev-show-display.js +473 -0
package/lib/commands/login-credentials.js +3 -2
package/lib/commands/login-device.js +4 -3
package/lib/commands/login.js +5 -4
package/lib/commands/logout.js +8 -7
package/lib/commands/parameters-validate.js +54 -0
package/lib/commands/repair-datasource.js +314 -68
package/lib/commands/repair-env-template.js +16 -10
package/lib/commands/repair-rbac.js +25 -19
package/lib/commands/repair.js +116 -32
package/lib/commands/secrets-list.js +23 -12
package/lib/commands/secrets-remove-all.js +220 -0
package/lib/commands/secrets-remove.js +22 -13
package/lib/commands/secrets-set.js +21 -12
package/lib/commands/secrets-validate.js +20 -7
package/lib/commands/secure.js +10 -9
package/lib/commands/service-user.js +243 -13
package/lib/commands/test-e2e-external.js +27 -1
package/lib/commands/up-common.js +28 -2
package/lib/commands/up-dataplane.js +31 -18
package/lib/commands/up-miso.js +19 -29
package/lib/commands/upload.js +138 -39
package/lib/commands/wizard-core-helpers.js +1 -1
package/lib/commands/wizard-dataplane.js +4 -3
package/lib/commands/wizard-helpers.js +3 -3
package/lib/commands/wizard.js +2 -2
package/lib/core/admin-secrets.js +16 -5
package/lib/core/audit-logger.js +12 -4
package/lib/core/config-attach-extensions.js +46 -0
package/lib/core/config-runtime-paths.js +29 -0
package/lib/core/config.js +59 -58
package/lib/core/diff.js +3 -2
package/lib/core/ensure-encryption-key.js +2 -4
package/lib/core/secrets-ensure-infra.js +77 -0
package/lib/core/secrets-ensure.js +120 -64
package/lib/core/secrets-env-write.js +35 -7
package/lib/core/secrets-infra-placeholder-sync.js +61 -0
package/lib/core/secrets.js +228 -42
package/lib/core/templates-env.js +4 -3
package/lib/core/templates.js +1 -1
package/lib/datasource/abac-validator.js +148 -0
package/lib/datasource/deploy.js +75 -53
package/lib/datasource/field-reference-validator.js +77 -36
package/lib/datasource/integration-context.js +63 -0
package/lib/datasource/list.js +8 -7
package/lib/datasource/log-viewer.js +252 -0
package/lib/datasource/resolve-app.js +109 -0
package/lib/datasource/test-e2e.js +95 -155
package/lib/datasource/test-integration.js +121 -109
package/lib/datasource/unified-validation-run-body.js +65 -0
package/lib/datasource/unified-validation-run-post.js +23 -0
package/lib/datasource/unified-validation-run-resolve.js +43 -0
package/lib/datasource/unified-validation-run.js +92 -0
package/lib/datasource/validate.js +162 -15
package/lib/deployment/deployer.js +4 -3
package/lib/deployment/environment.js +7 -6
package/lib/deployment/push.js +17 -8
package/lib/external-system/delete.js +4 -3
package/lib/external-system/deploy.js +131 -53
package/lib/external-system/download-helpers.js +1 -1
package/lib/external-system/download.js +7 -6
package/lib/external-system/generator.js +104 -14
package/lib/external-system/integration-test-dispatch.js +26 -0
package/lib/external-system/test-execution.js +5 -1
package/lib/external-system/test-helpers.js +0 -4
package/lib/external-system/test-system-level-helpers.js +110 -0
package/lib/external-system/test-system-level.js +83 -44
package/lib/external-system/test.js +59 -8
package/lib/generator/builders.js +23 -11
package/lib/generator/deploy-manifest-azure-kv.js +81 -0
package/lib/generator/external-controller-manifest.js +3 -3
package/lib/generator/external.js +23 -11
package/lib/generator/helpers.js +71 -12
package/lib/generator/index.js +8 -4
package/lib/generator/split-readme.js +12 -7
package/lib/generator/split-variables.js +2 -1
package/lib/generator/split.js +46 -11
package/lib/generator/wizard-readme.js +3 -3
package/lib/generator/wizard.js +16 -13
package/lib/infrastructure/compose.js +60 -6
package/lib/infrastructure/helpers.js +238 -51
package/lib/infrastructure/index.js +64 -37
package/lib/infrastructure/services.js +21 -15
package/lib/internal/fs-real-sync.js +104 -0
package/lib/internal/node-fs.js +98 -0
package/lib/parameters/database-secret-values.js +173 -0
package/lib/parameters/infra-kv-discovery.js +121 -0
package/lib/parameters/infra-parameter-catalog.js +458 -0
package/lib/parameters/infra-parameter-validate.js +64 -0
package/lib/schema/application-schema.json +37 -17
package/lib/schema/datasource-test-run.schema.json +493 -0
package/lib/schema/deployment-rules.yaml +102 -63
package/lib/schema/external-datasource.schema.json +1201 -433
package/lib/schema/external-system.schema.json +181 -5
package/lib/schema/flag-map-validation-run.json +31 -0
package/lib/schema/infra-parameter.schema.json +106 -0
package/lib/schema/infra.parameter.yaml +421 -0
package/lib/schema/type/credential-auth-templates.json +40 -0
package/lib/schema/type/document-storage.json +213 -0
package/lib/schema/type/message-service.json +123 -0
package/lib/schema/type/vector-store.json +88 -0
package/lib/utils/aifabrix-runtime-config-dir.js +132 -0
package/lib/utils/api-error-handler.js +2 -2
package/lib/utils/api.js +49 -14
package/lib/utils/app-config-resolver.js +23 -1
package/lib/utils/app-register-api.js +3 -2
package/lib/utils/app-register-auth.js +1 -1
package/lib/utils/app-register-config.js +4 -4
package/lib/utils/app-register-display.js +3 -2
package/lib/utils/app-register-validator.js +3 -2
package/lib/utils/app-run-containers.js +26 -22
package/lib/utils/app-scoped-config.js +31 -0
package/lib/utils/app-service-env-from-builder.js +164 -0
package/lib/utils/build-copy.js +1 -1
package/lib/utils/build-helpers.js +20 -20
package/lib/utils/build-resolve-image.js +165 -0
package/lib/utils/cli-layout-chalk.js +8 -0
package/lib/utils/cli-test-layout-chalk.js +267 -0
package/lib/utils/cli-utils.js +88 -11
package/lib/utils/compose-db-passwords.js +138 -0
package/lib/utils/compose-generate-docker-compose.js +216 -0
package/lib/utils/compose-generator.js +197 -291
package/lib/utils/compose-miso-env.js +18 -0
package/lib/utils/compose-traefik-ingress-base.js +158 -0
package/lib/utils/config-paths.js +209 -6
package/lib/utils/config-scoped-resources-preference.js +41 -0
package/lib/utils/controller-deployment-outcome.js +68 -0
package/lib/utils/credential-display.js +2 -2
package/lib/utils/credential-secrets-env.js +16 -1
package/lib/utils/dataplane-pipeline-warning.js +4 -3
package/lib/utils/datasource-test-run-capability-scope.js +43 -0
package/lib/utils/datasource-test-run-debug-display.js +137 -0
package/lib/utils/datasource-test-run-debug-slice.js +93 -0
package/lib/utils/datasource-test-run-display.js +442 -0
package/lib/utils/datasource-test-run-exit.js +58 -0
package/lib/utils/datasource-test-run-legacy-adapter.js +93 -0
package/lib/utils/datasource-test-run-report-version.js +51 -0
package/lib/utils/datasource-test-run-schema-sync.js +59 -0
package/lib/utils/datasource-test-run-tty-log.js +81 -0
package/lib/utils/datasource-validation-watch.js +266 -0
package/lib/utils/declarative-url-ports.js +47 -0
package/lib/utils/derive-env-key-from-client-id.js +41 -0
package/lib/utils/dev-ca-install.js +185 -23
package/lib/utils/dev-cert-helper.js +266 -17
package/lib/utils/dev-hosts-helper.js +307 -0
package/lib/utils/dev-init-cert-hints.js +37 -0
package/lib/utils/dev-init-health-messages.js +52 -0
package/lib/utils/dev-init-resolve.js +86 -0
package/lib/utils/dev-init-ssh-merge.js +65 -0
package/lib/utils/dev-ssh-config-helper.js +196 -0
package/lib/utils/dev-user-groups.js +93 -0
package/lib/utils/docker-build.js +42 -17
package/lib/utils/docker-exec.js +28 -0
package/lib/utils/docker-manifest-public-port.js +116 -0
package/lib/utils/docker-not-running-hint.js +52 -0
package/lib/utils/docker.js +98 -11
package/lib/utils/ensure-dev-certs-for-remote-docker.js +192 -0
package/lib/utils/env-config-loader.js +10 -91
package/lib/utils/env-copy.js +19 -10
package/lib/utils/env-map.js +42 -11
package/lib/utils/env-template.js +2 -2
package/lib/utils/environment-scoped-resources.js +144 -0
package/lib/utils/error-formatter.js +125 -9
package/lib/utils/error-formatters/http-status-errors.js +6 -5
package/lib/utils/error-formatters/network-errors.js +2 -1
package/lib/utils/error-formatters/permission-errors.js +2 -1
package/lib/utils/error-formatters/validation-errors.js +2 -1
package/lib/utils/external-env-template.js +180 -0
package/lib/utils/external-readme.js +8 -1
package/lib/utils/external-system-display.js +277 -136
package/lib/utils/external-system-local-test-tty.js +389 -0
package/lib/utils/external-system-readiness-core.js +377 -0
package/lib/utils/external-system-readiness-deploy-display.js +270 -0
package/lib/utils/external-system-readiness-display-internals.js +150 -0
package/lib/utils/external-system-readiness-display.js +186 -0
package/lib/utils/external-system-test-helpers.js +24 -6
package/lib/utils/external-system-validators.js +32 -14
package/lib/utils/health-check-url.js +119 -0
package/lib/utils/health-check.js +59 -25
package/lib/utils/help-builder.js +14 -13
package/lib/utils/image-version.js +4 -8
package/lib/utils/infra-containers.js +4 -7
package/lib/utils/infra-env-defaults.js +162 -0
package/lib/utils/infra-status-display.js +167 -0
package/lib/utils/infra-status.js +16 -8
package/lib/utils/local-secrets.js +29 -7
package/lib/utils/paths.js +136 -48
package/lib/utils/port-resolver.js +10 -23
package/lib/utils/redis-env-scope.js +62 -0
package/lib/utils/register-aifabrix-shell-env.js +204 -0
package/lib/utils/remote-builder-validation.js +99 -0
package/lib/utils/remote-dev-auth.js +117 -21
package/lib/utils/remote-docker-env.js +67 -15
package/lib/utils/remote-secrets-loader.js +13 -4
package/lib/utils/resolve-docker-image-ref.js +124 -0
package/lib/utils/schema-loader.js +22 -9
package/lib/utils/secrets-bash-kv.js +25 -0
package/lib/utils/secrets-generator.js +171 -51
package/lib/utils/secrets-helpers.js +70 -59
package/lib/utils/secrets-kv-scope.js +60 -0
package/lib/utils/secrets-utils.js +35 -37
package/lib/utils/secrets-validation.js +3 -1
package/lib/utils/secrets-yaml-preserve.js +109 -0
package/lib/utils/secure-file-permissions.js +91 -0
package/lib/utils/ssh-key-helper.js +4 -2
package/lib/utils/template-helpers.js +2 -2
package/lib/utils/test-log-writer.js +3 -3
package/lib/utils/token-manager.js +37 -5
package/lib/utils/url-declarative-public-base.js +188 -0
package/lib/utils/url-declarative-resolve-build.js +493 -0
package/lib/utils/url-declarative-resolve-load-doc.js +51 -0
package/lib/utils/url-declarative-resolve.js +220 -0
package/lib/utils/url-declarative-token-parse.js +74 -0
package/lib/utils/url-declarative-url-flags.js +50 -0
package/lib/utils/url-declarative-vdir-inactive-env.js +99 -0
package/lib/utils/url-public-path-prefix.js +34 -0
package/lib/utils/urls-local-registry.js +220 -0
package/lib/utils/validation-report-tty-kit.js +77 -0
package/lib/utils/validation-run-poll.js +89 -0
package/lib/utils/validation-run-post-retry.js +73 -0
package/lib/utils/validation-run-request.js +98 -0
package/lib/utils/variable-transformer.js +21 -4
package/lib/utils/yaml-preserve.js +78 -1
package/lib/validation/datasource-warnings.js +56 -0
package/lib/validation/env-template-auth.js +50 -2
package/lib/validation/external-manifest-validator.js +35 -7
package/lib/validation/validate-display.js +37 -31
package/lib/validation/validate.js +9 -10
package/lib/validation/validator-unresolved-placeholders.js +98 -0
package/lib/validation/validator.js +32 -78
package/lib/validation/wizard-config-validator.js +2 -1
package/package.json +11 -3
package/scripts/check-datasource-test-run-schema-sync.js +34 -0
package/scripts/diagnose-cli.js +150 -0
package/scripts/install-local.js +304 -55
package/templates/README.md +15 -2
package/templates/applications/dataplane/application.yaml +52 -2
package/templates/applications/dataplane/env.template +80 -18
package/templates/applications/dataplane/rbac.yaml +8 -0
package/templates/applications/keycloak/application.yaml +9 -1
package/templates/applications/keycloak/env.template +15 -6
package/templates/applications/miso-controller/application.yaml +10 -2
package/templates/applications/miso-controller/env.template +55 -14
package/templates/applications/miso-controller/rbac.yaml +5 -0
package/templates/external-system/README.md.hbs +20 -7
package/templates/external-system/deploy.js.hbs +5 -5
package/templates/external-system/env.template.hbs +22 -0
package/templates/external-system/external-datasource.yaml.hbs +197 -118
package/templates/infra/compose.yaml.hbs +20 -4
package/templates/python/docker-compose.hbs +16 -0
package/templates/typescript/docker-compose.hbs +16 -0
package/integration/hubspot/README.md +0 -102
package/integration/hubspot/env.template +0 -4
package/integration/hubspot/hubspot-datasource-company.json +0 -541
package/integration/hubspot/hubspot-datasource-contact.json +0 -639
package/integration/hubspot/hubspot-datasource-deal.json +0 -588
package/integration/hubspot/hubspot-datasource-users.json +0 -116
package/integration/hubspot/test-artifacts/wizard-invalid-missing-source.yaml +0 -2
package/integration/hubspot/test-artifacts/wizard-valid-for-dimension-key-test.yaml +0 -5
package/integration/hubspot/test-artifacts/wizard-valid-for-dimension-path-test.yaml +0 -5
package/lib/api/external-test.api.js +0 -111
package/lib/schema/env-config.yaml +0 -43
/package/integration/{hubspot → hubspot-test}/companies.json +0 -0
/package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-app-name.yaml +0 -0
/package/integration/{hubspot → hubspot-test}/test-artifacts/wizard-invalid-missing-app.yaml +0 -0
/package/integration/{hubspot → hubspot-test}/test-dataplane-down-helpers.js +0 -0

package/lib/generator/helpers.js CHANGED Viewed

@@ -9,8 +9,9 @@
  */
 const fs = require('fs');
-const yaml = require('js-yaml');
+const path = require('path');
 const { loadConfigFile } = require('../utils/config-format');
+const { urlTokenToKeyVaultSecretName } = require('./deploy-manifest-azure-kv');
 /**
  * Loads application config file (application.yaml, application.json, or legacy path) via converter.
@@ -37,21 +38,25 @@ function loadEnvTemplate(templatePath) {
 }
 /**
- * Loads rbac.yaml file if it exists
- * @param {string} rbacPath - Path to rbac.yaml
- * @returns {Object|null} Parsed RBAC configuration or null
- * @throws {Error} If file exists but has invalid YAML
+ * Loads RBAC config file (rbac.yaml, rbac.yml, or rbac.json) if it exists.
+ * Uses loadConfigFile so format is inferred from extension.
+ *
+ * @param {string} rbacPath - Path to RBAC file (e.g. from resolveRbacPath)
+ * @returns {Object|null} Parsed RBAC configuration or null if path is falsy or file does not exist
+ * @throws {Error} If file exists but has invalid syntax (message references actual filename, e.g. rbac.json)
  */
 function loadRbac(rbacPath) {
+  if (!rbacPath || typeof rbacPath !== 'string') {
+    return null;
+  }
   if (!fs.existsSync(rbacPath)) {
     return null;
   }
-  const rbacContent = fs.readFileSync(rbacPath, 'utf8');
   try {
-    return yaml.load(rbacContent);
+    return loadConfigFile(rbacPath);
   } catch (error) {
-    throw new Error(`Invalid YAML syntax in rbac.yaml: ${error.message}`);
+    const basename = path.basename(rbacPath);
+    throw new Error(`Invalid syntax in ${basename}: ${error.message}`);
   }
 }
@@ -214,6 +219,9 @@ function determineVariableLocation(value, key) {
   if (value.startsWith('kv://')) {
     location = 'keyvault';
     required = true;
+  } else if (value.startsWith('url://')) {
+    location = 'keyvault';
+    required = true;
   }
   // Check if it's a sensitive variable
@@ -225,6 +233,31 @@ function determineVariableLocation(value, key) {
   return { location, required };
 }
+/**
+ * Maps env.template url:// value(s) to Key Vault secret name(s) for deploy JSON.
+ * Comma-separated lists are supported (e.g. CORS ALLOWED_ORIGINS): each segment
+ * starting with url:// is mapped; other segments are left unchanged (e.g. http://localhost:*).
+ *
+ * @param {string} appKey - application.yaml app.key
+ * @param {string} value - Full value after KEY= (must start with url:// for caller)
+ * @returns {string} Comma-joined secret names / literals
+ */
+function mapUrlTemplateValueToKeyVaultNames(appKey, value) {
+  const segments = value
+    .split(',')
+    .map((s) => s.trim())
+    .filter((s) => s.length > 0);
+  return segments
+    .map((seg) => {
+      if (seg.startsWith('url://')) {
+        const token = seg.slice('url://'.length).trim();
+        return urlTokenToKeyVaultSecretName(appKey, token);
+      }
+      return seg;
+    })
+    .join(',');
+}
 /**
  * Creates a configuration item from parsed variable
  * @function createConfigItem
@@ -233,12 +266,27 @@ function determineVariableLocation(value, key) {
  * @param {string} location - Variable location
  * @param {boolean} required - Whether variable is required
  * @param {Map} portalInputMap - Map of portalInput configurations
+ * @param {string|null} appKey - application.yaml app.key (required when value uses url://)
  * @returns {Object} Configuration item
  */
-function createConfigItem(key, value, location, required, portalInputMap) {
+function createConfigItem(key, value, location, required, portalInputMap, appKey) {
+  let storedValue = value;
+  if (location === 'keyvault') {
+    if (value.startsWith('kv://')) {
+      storedValue = value.replace('kv://', '');
+    } else if (value.startsWith('url://')) {
+      if (!appKey) {
+        throw new Error(
+          `Cannot resolve ${key}=${value}: application app.key is required to map url:// to a Key Vault secret name`
+        );
+      }
+      storedValue = mapUrlTemplateValueToKeyVaultNames(appKey, value);
+    }
+  }
   const configItem = {
     name: key,
-    value: value.replace('kv://', ''), // Remove kv:// prefix for KeyVault
+    value: storedValue,
     location,
     required
   };
@@ -255,6 +303,10 @@ function parseEnvironmentVariables(envTemplate, variablesConfig = null) {
   const configuration = [];
   const lines = envTemplate.split('\n');
   const portalInputMap = createPortalInputMap(variablesConfig);
+  const appKey =
+    variablesConfig && variablesConfig.app && variablesConfig.app.key
+      ? String(variablesConfig.app.key).trim()
+      : null;
   for (const line of lines) {
     const parsed = parseEnvironmentVariableLine(line);
@@ -263,7 +315,14 @@ function parseEnvironmentVariables(envTemplate, variablesConfig = null) {
     }
     const { location, required } = determineVariableLocation(parsed.value, parsed.key);
-    const configItem = createConfigItem(parsed.key, parsed.value, location, required, portalInputMap);
+    const configItem = createConfigItem(
+      parsed.key,
+      parsed.value,
+      location,
+      required,
+      portalInputMap,
+      appKey
+    );
     configuration.push(configItem);
   }

package/lib/generator/index.js CHANGED Viewed

@@ -13,7 +13,7 @@ const fs = require('fs');
 const path = require('path');
 const _validator = require('../validation/validator');
 const builders = require('./builders');
-const { detectAppType, getDeployJsonPath, resolveApplicationConfigPath } = require('../utils/paths');
+const { detectAppType, getDeployJsonPath, resolveApplicationConfigPath, resolveRbacPath } = require('../utils/paths');
 const { logOfflinePathWhenType } = require('../utils/cli-utils');
 const splitFunctions = require('./split');
 const { loadVariables, loadEnvTemplate, loadRbac, parseEnvironmentVariables } = require('./helpers');
@@ -22,6 +22,7 @@ const { generateControllerManifest } = require('./external-controller-manifest')
 const { resolveVersionForApp } = require('../utils/image-version');
 const { getContainerPort } = require('../utils/port-resolver');
 const { buildEnvVarMap } = require('../utils/env-map');
+const { rewriteFrontDoorHostForAzureDeploy } = require('./deploy-manifest-azure-kv');
 /**
  * Generates deployment JSON from application configuration files
@@ -39,7 +40,7 @@ const { buildEnvVarMap } = require('../utils/env-map');
  *
  * @example
  * const jsonPath = await generateDeployJson('myapp');
- * // Returns: './builder/myapp/myapp-deploy.json' or './integration/hubspot/application-schema.json'
+ * // Returns: './builder/myapp/myapp-deploy.json' or './integration/hubspot-test/application-schema.json'
  */
 /**
  * Loads configuration files for deployment generation
@@ -51,12 +52,12 @@ const { buildEnvVarMap } = require('../utils/env-map');
 function loadDeploymentConfigFiles(appPath, appType, appName) {
   const variablesPath = resolveApplicationConfigPath(appPath);
   const templatePath = path.join(appPath, 'env.template');
-  const rbacPath = path.join(appPath, 'rbac.yaml');
+  const rbacPath = resolveRbacPath(appPath);
   const jsonPath = getDeployJsonPath(appName, appType, true); // Use new naming
   const { parsed: variables } = loadVariables(variablesPath);
   const envTemplate = loadEnvTemplate(templatePath);
-  const rbac = loadRbac(rbacPath);
+  const rbac = rbacPath ? loadRbac(rbacPath) : null;
   return { variables, envTemplate, rbac, jsonPath };
 }
@@ -191,6 +192,8 @@ function buildAndValidateDeployment(appName, variables, envTemplate, rbac, optio
     substituteEnvVarsInDeployment(deployment, envVarMap);
   }
+  rewriteFrontDoorHostForAzureDeploy(deployment);
   // Ensure no other ${...} placeholders remain in manifest
   _validator.validateNoUnresolvedVariablesInDeployment(deployment);
@@ -236,6 +239,7 @@ async function buildDeploymentManifestInMemory(appName, options = {}) {
   }
   const envVarMap = await buildEnvVarMap('docker', null, null, { appPort: effectivePort });
   substituteEnvVarsInDeployment(deployment, envVarMap);
+  rewriteFrontDoorHostForAzureDeploy(deployment);
   _validator.validateNoUnresolvedVariablesInDeployment(deployment);
   return { deployment, appPath };
 }

package/lib/generator/split-readme.js CHANGED Viewed

@@ -13,10 +13,15 @@ const { parseImageReference } = require('./parse-image');
  * @param {Object} deployment - Deployment JSON object
  * @returns {{ appName: string, config: Object }}
  */
-function buildReadmeConfigForExternal(deployment) {
+function buildReadmeConfigForExternal(deployment, options = {}) {
   const system = deployment.system;
   const appName = system.key || deployment.key || 'external-system';
   const dataSources = deployment.dataSources || deployment.datasources || [];
+  const rawExt = options.fileExt;
+  const fileExt =
+    rawExt !== undefined && rawExt !== null && String(rawExt).trim() !== ''
+      ? (String(rawExt).startsWith('.') ? String(rawExt) : `.${String(rawExt)}`)
+      : '.json';
   return {
     appName,
     config: {
@@ -25,7 +30,7 @@ function buildReadmeConfigForExternal(deployment) {
       systemType: system.type || 'openapi',
       systemDisplayName: system.displayName || appName,
       systemDescription: system.description || `External system integration for ${appName}`,
-      fileExt: '.yaml',
+      fileExt,
       datasourceCount: dataSources.length,
       datasources: dataSources
     }
@@ -49,7 +54,7 @@ function buildReadmeConfigForApp(deployment) {
     displayName: deployment.displayName,
     description: deployment.description,
     port,
-    build: { localPort: port },
+    build: {},
     image: { name: imageName, registry },
     registry,
     database: deployment.requiresDatabase,
@@ -80,9 +85,9 @@ function buildReadmeConfigForApp(deployment) {
  * @param {Object} deployment - Deployment JSON object
  * @returns {{ appName: string, config: Object }}
  */
-function buildReadmeConfigFromDeployment(deployment) {
+function buildReadmeConfigFromDeployment(deployment, options = {}) {
   if (deployment.system && typeof deployment.system === 'object') {
-    return buildReadmeConfigForExternal(deployment);
+    return buildReadmeConfigForExternal(deployment, options);
   }
   return buildReadmeConfigForApp(deployment);
 }
@@ -92,11 +97,11 @@ function buildReadmeConfigFromDeployment(deployment) {
  * @param {Object} deployment - Deployment JSON object
  * @returns {string} README.md content
  */
-function generateReadmeFromDeployJson(deployment) {
+function generateReadmeFromDeployJson(deployment, options = {}) {
   if (!deployment || typeof deployment !== 'object') {
     throw new Error('Deployment object is required');
   }
-  const { appName, config } = buildReadmeConfigFromDeployment(deployment);
+  const { appName, config } = buildReadmeConfigFromDeployment(deployment, options);
   return generateReadmeMd(appName, config);
 }

package/lib/generator/split-variables.js CHANGED Viewed

@@ -56,7 +56,8 @@ function extractOptionalSections(deployment) {
   const optional = {};
   const names = [
     'healthCheck', 'authentication', 'build', 'repository', 'deployment',
-    'startupCommand', 'runtimeVersion', 'scaling', 'frontDoorRouting'
+    'startupCommand', 'runtimeVersion', 'scaling', 'frontDoorRouting',
+    'environmentScopedResources'
   ];
   for (const sectionName of names) {
     extractOptionalSection(deployment, sectionName, optional);

package/lib/generator/split.js CHANGED Viewed

@@ -14,6 +14,7 @@ const yaml = require('js-yaml');
 const { parseImageReference } = require('./parse-image');
 const { generateReadmeFromDeployJson } = require('./split-readme');
 const { extractVariablesYaml, getExternalDatasourceFileName } = require('./split-variables');
+const { generateExternalEnvTemplateContent } = require('../utils/external-env-template');
 /**
  * Converts configuration array back to env.template format
@@ -207,24 +208,49 @@ function mergeEnvTemplateWithExisting(existingContent, expectedByKey) {
   return updatedLines.join('\n') + (updatedLines.length > 0 ? '\n' : '');
 }
+/**
+ * Builds key -> line map from env.template content (for merge when using external system template).
+ * @param {string} content - Full env.template content
+ * @returns {Map<string, string>} Key to full KEY=value line
+ */
+function buildExpectedByKeyFromEnvContent(content) {
+  const expectedByKey = new Map();
+  if (!content || typeof content !== 'string') return expectedByKey;
+  const lines = content.split(/\r?\n/);
+  for (const line of lines) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith('#')) continue;
+    const eq = trimmed.indexOf('=');
+    if (eq > 0) {
+      const key = trimmed.substring(0, eq).trim();
+      expectedByKey.set(key, trimmed);
+    }
+  }
+  return expectedByKey;
+}
 /**
  * Writes env.template (merge or overwrite).
  * @param {string} outputDir - Output directory
  * @param {string} envTemplate - Default env.template content
- * @param {Object} options - Options (mergeEnvTemplate, configuration)
+ * @param {Object} options - Options (mergeEnvTemplate, configuration, expectedByKey for external)
  * @returns {Promise<string>} Path to env.template
  */
 async function writeEnvTemplateToDir(outputDir, envTemplate, options) {
   const envTemplatePath = path.join(outputDir, 'env.template');
   const fsSync = require('fs');
-  if (options.mergeEnvTemplate && options.configuration && fsSync.existsSync(envTemplatePath)) {
-    const expectedByKey = buildEnvTemplateExpectedByKey(options.configuration);
-    const existingContent = await fs.readFile(envTemplatePath, 'utf8');
-    const merged = mergeEnvTemplateWithExisting(existingContent, expectedByKey);
-    await writeComponentFile(envTemplatePath, merged);
-  } else {
-    await writeComponentFile(envTemplatePath, envTemplate);
+  const useMerge = options.mergeEnvTemplate && fsSync.existsSync(envTemplatePath);
+  if (useMerge) {
+    const expectedByKey = options.expectedByKey ||
+      (options.configuration ? buildEnvTemplateExpectedByKey(options.configuration) : new Map());
+    if (expectedByKey.size > 0) {
+      const existingContent = await fs.readFile(envTemplatePath, 'utf8');
+      const merged = mergeEnvTemplateWithExisting(existingContent, expectedByKey);
+      await writeComponentFile(envTemplatePath, merged);
+      return envTemplatePath;
+    }
   }
+  await writeComponentFile(envTemplatePath, envTemplate);
   return envTemplatePath;
 }
@@ -401,12 +427,21 @@ async function splitDeployJson(deployJsonPath, outputDir = null, splitOptions =
   normalizeDeploymentForSplit(deployment);
   const configArray = deployment.configuration || [];
-  const envTemplate = extractEnvTemplate(configArray);
+  let envTemplate;
+  const writeOptions = buildSplitWriteOptions(splitOptions, configArray);
+  if (deployment.system && typeof deployment.system === 'object') {
+    envTemplate = generateExternalEnvTemplateContent(deployment.system);
+    if (writeOptions.mergeEnvTemplate) {
+      writeOptions.expectedByKey = buildExpectedByKeyFromEnvContent(envTemplate);
+    }
+  } else {
+    envTemplate = extractEnvTemplate(configArray);
+  }
   const variables = extractVariablesYaml(deployment);
   const rbac = extractRbacYaml(deployment);
-  const readme = generateReadmeFromDeployJson(deployment);
+  const readme = generateReadmeFromDeployJson(deployment, { fileExt: '.yaml' });
-  const writeOptions = buildSplitWriteOptions(splitOptions, configArray);
   const result = await writeComponentFiles(finalOutputDir, envTemplate, variables, rbac, readme, writeOptions);
   await applyExternalSystemFilesToResult(finalOutputDir, deployment, result);
   return result;

package/lib/generator/wizard-readme.js CHANGED Viewed

@@ -6,10 +6,10 @@
  */
 'use strict';
+const { formatSuccessLine } = require('../utils/cli-test-layout-chalk');
 const fs = require('fs').promises;
 const path = require('path');
-const chalk = require('chalk');
 const logger = require('../utils/logger');
 const { generateExternalReadmeContent } = require('../utils/external-readme');
@@ -48,7 +48,7 @@ async function generateReadme(options) {
     if (aiGeneratedContent) {
       await fs.writeFile(readmePath, aiGeneratedContent, 'utf8');
-      logger.log(chalk.green('✓ Generated README.md (AI-generated from dataplane)'));
+      logger.log(formatSuccessLine('Generated README.md (AI-generated from dataplane)'));
       return;
     }
@@ -82,7 +82,7 @@ async function generateReadme(options) {
     });
     await fs.writeFile(readmePath, readmeContent, 'utf8');
-    logger.log(chalk.green('✓ Generated README.md (template)'));
+    logger.log(formatSuccessLine('Generated README.md (template)'));
   } catch (error) {
     throw new Error(`Failed to generate README.md: ${error.message}`);
   }

package/lib/generator/wizard.js CHANGED Viewed

@@ -8,14 +8,15 @@
  * PASSWORD, BASEURL. See docs/external-systems.md and docs/wizard.md.
  */
+const { formatSuccessLine } = require('../utils/cli-test-layout-chalk');
 const fs = require('fs').promises;
 const path = require('path');
 const Handlebars = require('handlebars');
-const chalk = require('chalk');
 const logger = require('../utils/logger');
 const { resolveApplicationConfigPath } = require('../utils/app-config-resolver');
 const { loadConfigFile, writeConfigFile } = require('../utils/config-format');
 const { systemKeyToKvPrefix, securityKeyToVar, isValidKvPath } = require('../utils/credential-secrets-env');
+const { generateExternalEnvTemplateContent } = require('../utils/external-env-template');
 const { generateReadme } = require('./wizard-readme');
 /**
@@ -60,7 +61,7 @@ async function writeSystemYamlFile(appPath, finalSystemKey, systemConfig, format
   const systemFileName = `${finalSystemKey}-system${ext}`;
   const systemFilePath = path.join(appPath, systemFileName);
   writeConfigFile(systemFilePath, systemConfig, format === 'json' ? 'json' : 'yaml');
-  logger.log(chalk.green(`✓ Generated system file: ${systemFileName}`));
+  logger.log(formatSuccessLine(`Generated system file: ${systemFileName}`));
   return systemFilePath;
 }
@@ -96,7 +97,7 @@ async function writeDatasourceYamlFiles(appPath, finalSystemKey, datasourceConfi
     const datasourceFilePath = path.join(appPath, datasourceFileName);
     writeConfigFile(datasourceFilePath, datasourceConfig, fmt);
     datasourceFileNames.push(datasourceFileName);
-    logger.log(chalk.green(`✓ Generated datasource file: ${datasourceFileName}`));
+    logger.log(formatSuccessLine(`Generated datasource file: ${datasourceFileName}`));
   }
   return datasourceFileNames;
 }
@@ -130,10 +131,12 @@ async function generateConfigFilesForWizard(params) {
     format: format || 'yaml'
   });
-  // Generate env.template with KV_* authentication variables
-  await generateEnvTemplate(appPath, systemConfig, finalSystemKey);
+  // Generate env.template with Authentication and Configuration sections (Handlebars)
   const envTemplatePath = path.join(appPath, 'env.template');
+  const envTemplateContent = generateExternalEnvTemplateContent(systemConfig);
+  await fs.writeFile(envTemplatePath, envTemplateContent, 'utf8');
+  logger.log(formatSuccessLine('Generated env.template'));
   try {
     const secretsEnsure = require('../core/secrets-ensure');
     await secretsEnsure.ensureSecretsFromEnvTemplate(envTemplatePath, { emptyValuesForCredentials: true });
@@ -161,7 +164,7 @@ async function generateConfigFilesForWizard(params) {
   const deployJson = toDeployJsonShape(manifest);
   const deployManifestPath = path.join(appPath, `${finalSystemKey}-deploy.json`);
   await fs.writeFile(deployManifestPath, JSON.stringify(deployJson, null, 2), 'utf8');
-  logger.log(chalk.green(`✓ Generated deployment manifest: ${finalSystemKey}-deploy.json`));
+  logger.log(formatSuccessLine(`Generated deployment manifest: ${finalSystemKey}-deploy.json`));
   return {
     variablesPath: configPath,
@@ -290,7 +293,7 @@ async function generateOrUpdateVariablesYaml(params) {
       const fsSync = require('fs');
       if (fsSync.existsSync(configPath)) fsSync.unlinkSync(configPath);
     }
-    logger.log(chalk.green(`✓ Generated/updated application${ext}`));
+    logger.log(formatSuccessLine(`Generated/updated application${ext}`));
     return targetPath;
   } catch (error) {
     throw new Error(`Failed to generate application config: ${error.message}`);
@@ -393,15 +396,15 @@ function addBaseUrlLines(lines, systemConfig) {
 }
 /**
- * Generate env.template with KV_* authentication variables
+ * Generate env.template with KV_* authentication variables (legacy; prefer generateExternalEnvTemplateContent).
  * @async
- * @function generateEnvTemplate
+ * @function _generateEnvTemplate
  * @param {string} appPath - Application directory path
  * @param {Object} systemConfig - System configuration (must have key for systemKey)
  * @param {string} [finalSystemKey] - Final system key for KV_ prefix (default: systemConfig.key)
  * @throws {Error} If generation fails
  */
-async function generateEnvTemplate(appPath, systemConfig, finalSystemKey) {
+async function _generateEnvTemplate(appPath, systemConfig, finalSystemKey) {
   try {
     const envTemplatePath = path.join(appPath, 'env.template');
     const systemKey = finalSystemKey || systemConfig?.key;
@@ -414,7 +417,7 @@ async function generateEnvTemplate(appPath, systemConfig, finalSystemKey) {
     addBaseUrlLines(lines, systemConfig);
     await fs.writeFile(envTemplatePath, lines.join('\n'), 'utf8');
-    logger.log(chalk.green('✓ Generated env.template'));
+    logger.log(formatSuccessLine('Generated env.template'));
   } catch (error) {
     throw new Error(`Failed to generate env.template: ${error.message}`);
   }
@@ -437,7 +440,7 @@ async function writeDeployScriptFromTemplate(templateName, outputPath, context)
   const templatePath = path.join(templatesExternalDir, templateName);
   const content = Handlebars.compile(await fs.readFile(templatePath, 'utf8'))(context);
   await fs.writeFile(outputPath, content, 'utf8');
-  logger.log(chalk.green(`✓ Generated ${path.basename(outputPath)}`));
+  logger.log(formatSuccessLine(`Generated ${path.basename(outputPath)}`));
 }
 async function generateDeployScripts(appPath, systemKey, systemFileName, datasourceFileNames) {

package/lib/infrastructure/compose.js CHANGED Viewed

@@ -12,6 +12,32 @@ const fs = require('fs');
 const handlebars = require('handlebars');
 const path = require('path');
+/**
+ * Normalize a host path for Docker Compose bind mounts. Docker Desktop sends
+ * mounts to a Linux VM; backslashes in Windows paths yield "invalid volume
+ * specification" from the daemon.
+ *
+ * On Windows, Compose often forwards binds as "SOURCE:TARGET:rw". A SOURCE
+ * like "C:/Users/..." is split at the first colon, so the engine must receive
+ * paths in Linux-VM form (e.g. "/c/Users/...") instead.
+ *
+ * @param {string} fsPath - Host path (absolute or relative)
+ * @returns {string} Path with forward slashes, resolved when relative
+ */
+function toDockerBindMountSource(fsPath) {
+  if (!fsPath || typeof fsPath !== 'string') {
+    return fsPath;
+  }
+  let resolved = path.resolve(fsPath).split(path.sep).join('/');
+  if (process.platform === 'win32') {
+    const drive = /^([a-zA-Z]):(\/.*)$/.exec(resolved);
+    if (drive) {
+      resolved = `/${drive[1].toLowerCase()}${drive[2]}`;
+    }
+  }
+  return resolved;
+}
 /**
  * Builds Traefik configuration from environment variables
  * @param {boolean} enabled - Whether Traefik should be included
@@ -22,7 +48,8 @@ function buildTraefikConfig(enabled) {
     enabled: !!enabled,
     certStore: process.env.TRAEFIK_CERT_STORE || null,
     certFile: process.env.TRAEFIK_CERT_FILE || null,
-    keyFile: process.env.TRAEFIK_KEY_FILE || null
+    keyFile: process.env.TRAEFIK_KEY_FILE || null,
+    trustForwardedHeaders: false
   };
 }
@@ -40,13 +67,23 @@ function validateTraefikConfig(traefikConfig) {
   if (traefikConfig.certStore) {
     if (!traefikConfig.certFile || !traefikConfig.keyFile) {
-      errors.push('TRAEFIK_CERT_FILE and TRAEFIK_KEY_FILE are required when TRAEFIK_CERT_STORE is set');
+      errors.push(
+        'TLS is enabled for Traefik but certificate files are missing or invalid. ' +
+          'Set TRAEFIK_CERT_FILE and TRAEFIK_KEY_FILE (and TRAEFIK_CERT_STORE if used) to your local cert and key, ' +
+          'or disable TLS in application/frontDoorRouting for local development.'
+      );
     } else {
       if (!fs.existsSync(traefikConfig.certFile)) {
-        errors.push(`Certificate file not found: ${traefikConfig.certFile}`);
+        errors.push(
+          'TLS is enabled for Traefik but certificate files are missing or invalid. ' +
+            `Certificate file not found: ${traefikConfig.certFile}`
+        );
       }
       if (!fs.existsSync(traefikConfig.keyFile)) {
-        errors.push(`Private key file not found: ${traefikConfig.keyFile}`);
+        errors.push(
+          'TLS is enabled for Traefik but certificate files are missing or invalid. ' +
+            `Private key file not found: ${traefikConfig.keyFile}`
+        );
       }
     }
   }
@@ -82,6 +119,20 @@ function generateComposeFile(templatePath, devId, idNum, ports, infraDir, option
   const redisCommanderConfig = options.redisCommander && typeof options.redisCommander.enabled === 'boolean'
     ? options.redisCommander
     : { enabled: true };
+  const traefikForCompose = traefikConfig && typeof traefikConfig === 'object'
+    ? {
+      ...traefikConfig,
+      trustForwardedHeaders: !!traefikConfig.trustForwardedHeaders,
+      ...(traefikConfig.certFile
+        ? { certFile: toDockerBindMountSource(traefikConfig.certFile) }
+        : {}),
+      ...(traefikConfig.keyFile
+        ? { keyFile: toDockerBindMountSource(traefikConfig.keyFile) }
+        : {})
+    }
+    : traefikConfig;
+  const initScriptsBind = toDockerBindMountSource(path.join(infraDir, 'init-scripts'));
+  const infraDirBind = toDockerBindMountSource(infraDir);
   const composeContent = template({
     devId: devId,
     postgresPort: ports.postgres,
@@ -94,7 +145,9 @@ function generateComposeFile(templatePath, devId, idNum, ports, infraDir, option
     serversJsonPath: serversJsonPath,
     pgpassPath: pgpassPath,
     infraDir: infraDir,
-    traefik: traefikConfig,
+    initScriptsBind: initScriptsBind,
+    infraDirBind: infraDirBind,
+    traefik: traefikForCompose,
     pgadmin: pgadminConfig,
     redisCommander: redisCommanderConfig
   });
@@ -106,5 +159,6 @@ function generateComposeFile(templatePath, devId, idNum, ports, infraDir, option
 module.exports = {
   buildTraefikConfig,
   validateTraefikConfig,
-  generateComposeFile
+  generateComposeFile,
+  toDockerBindMountSource
 };