@aifabrix/builder 2.44.4 → 2.44.6

package/lib/deployment/deployer.js

@@ -1,4 +1,4 @@
-const { formatSuccessLine } = require('../utils/cli-test-layout-chalk');
+const { formatSuccessLine, formatProgress, metadata } = require('../utils/cli-test-layout-chalk');
 /**
  * AI Fabrix Builder Deployment Module
  *
@@ -22,6 +22,8 @@ const {
   convertToPipelineAuthConfig,
   processDeploymentStatusResponse
 } = require('./deployer-status');
+const { resolvePollIntervalFromController } = require('./poll-interval');
+const { createDeployPollHandlers } = require('./deploy-poll-ui');
 
 /**
  * For external systems, send full manifest (application + inline system + full dataSources).
@@ -47,7 +49,10 @@ function transformExternalManifestForPipeline(manifest) {
  * @returns {Promise<Object>} Object with validationData, pipelineAuthConfig, and useBearerOnly
  */
 async function buildValidationData(manifest, validatedEnvKey, authConfig, options) {
-  const repositoryUrl = options.repositoryUrl || `https://github.com/aifabrix/${manifest.key}`;
+  const repositoryUrl =
+    options.repositoryUrl ||
+    manifest?.repository?.repositoryUrl ||
+    `https://github.com/aifabrix/${manifest.key}`;
 
   if (authConfig.type === 'bearer' && authConfig.token && !authConfig.clientId) {
     const pipelineAuthConfig = { type: 'bearer', token: authConfig.token };
@@ -295,10 +300,19 @@ async function pollDeploymentStatus(deploymentId, controllerUrl, envKey, authCon
   const validatedEnvKey = validateEnvironmentKey(envKey);
   const pipelineAuthConfig = convertToPipelineAuthConfig(authConfig);
 
+  const onPollProgress = typeof options.onPollProgress === 'function' ? options.onPollProgress : null;
+
   for (let attempt = 0; attempt < maxAttempts; attempt++) {
     try {
       const response = await getPipelineDeployment(controllerUrl, validatedEnvKey, deploymentId, pipelineAuthConfig);
-      const deploymentData = await processDeploymentStatusResponse(response, attempt, maxAttempts, interval, deploymentId);
+      const deploymentData = await processDeploymentStatusResponse(
+        response,
+        attempt,
+        maxAttempts,
+        interval,
+        deploymentId,
+        onPollProgress
+      );
       if (deploymentData) {
         return deploymentData;
       }
@@ -354,7 +368,7 @@ async function sendDeployment(url, validatedEnvKey, manifest, authConfig, option
   await ensureBearerTokenValid(url, authConfig);
 
   // Step 1: Validate deployment
-  logger.log(chalk.blue('🔍 Validating deployment configuration...'));
+  logger.log(formatProgress('Validating deployment configuration...'));
   const validateResult = await validateDeployment(url, validatedEnvKey, manifest, authConfig, {
     repositoryUrl: options.repositoryUrl,
     controllerId: options.controllerId,
@@ -368,11 +382,13 @@ async function sendDeployment(url, validatedEnvKey, manifest, authConfig, option
 
   logger.log(formatSuccessLine('Validation successful'));
   if (validateResult.draftDeploymentId) {
-    logger.log(chalk.gray(`   Draft Deployment ID: ${validateResult.draftDeploymentId}`));
+    logger.log(metadata(`Draft Deployment ID: ${validateResult.draftDeploymentId}`));
   }
 
-  // Step 2: Deploy using validateToken
-  logger.log(chalk.blue('\n🚀 Deploying application...'));
+  // Step 2: Deploy using validateToken (when not polling, show a clear line; otherwise poll phase uses ora)
+  if (options.poll === false) {
+    logger.log(formatProgress('Deploying application...'));
+  }
   const result = await sendDeploymentRequest(url, validatedEnvKey, validateResult.validateToken, authConfig, {
     imageTag: options.imageTag || 'latest',
     timeout: options.timeout || 30000,
@@ -386,35 +402,37 @@ async function sendDeployment(url, validatedEnvKey, manifest, authConfig, option
   return result;
 }
 
-/**
- * Polls deployment status if enabled
- * @async
- * @param {Object} result - Deployment result
- * @param {string} url - Controller URL
- * @param {string} validatedEnvKey - Validated environment key
- * @param {Object} authConfig - Authentication configuration
- * @param {Object} options - Deployment options
- * @returns {Promise<Object>} Deployment result with status
- */
+/** Poll pipeline deployment to terminal status (TTY: ora spinner). */
 async function pollDeployment(result, url, validatedEnvKey, authConfig, options) {
   if (!options.poll || !result.deploymentId) {
     return result;
   }
 
-  logger.log(chalk.blue(`\n⏳ Polling deployment status (${options.pollInterval || 5000}ms intervals)...`));
-  const status = await pollDeploymentStatus(
-    result.deploymentId,
-    url,
-    validatedEnvKey,
-    authConfig,
-    {
-      interval: options.pollInterval || 5000,
-      maxAttempts: options.pollMaxAttempts || 60
-    }
-  );
+  // Separate validation/draft block from deploy polling (matches guided CLI spacing)
+  logger.log('');
 
-  result.status = status;
-  return result;
+  const resolvedInterval = await resolvePollIntervalFromController(url, options.pollInterval);
+  const maxAttempts = options.pollMaxAttempts || 60;
+  const pollUi = createDeployPollHandlers(maxAttempts, { silent: options.silentPoll === true });
+
+  try {
+    const status = await pollDeploymentStatus(
+      result.deploymentId,
+      url,
+      validatedEnvKey,
+      authConfig,
+      {
+        interval: resolvedInterval,
+        maxAttempts,
+        onPollProgress: pollUi.onPollProgress
+      }
+    );
+
+    result.status = status;
+    return result;
+  } finally {
+    pollUi.finish();
+  }
 }
 
 /**

package/lib/deployment/environment.js

@@ -378,14 +378,19 @@ async function executeEnvironmentDeployment(validatedControllerUrl, envKey, auth
 async function pollDeploymentStatusIfEnabled(result, validatedControllerUrl, envKey, authConfig, options) {
   const shouldPoll = options.poll !== false && !options.noPoll;
   if (shouldPoll && result.deploymentId) {
+    const { resolvePollIntervalFromController } = require('./poll-interval');
+    const pollInterval = await resolvePollIntervalFromController(
+      validatedControllerUrl,
+      options.pollInterval
+    );
     const pollResult = await pollEnvironmentStatus(
       result.deploymentId,
       validatedControllerUrl,
       envKey,
       authConfig,
       {
-        pollInterval: 5000,
-        maxAttempts: 60
+        pollInterval,
+        maxAttempts: options.pollMaxAttempts || 60
       }
     );
     result.status = pollResult.status;

package/lib/deployment/poll-interval.js

@@ -0,0 +1,72 @@
+/**
+ * Pipeline deployment polling intervals based on controller DEPLOYMENT mode.
+ *
+ * Miso-controller exposes `deploymentType` on GET /api/v1/health (azure | azure-mock | local | database).
+ * Local/database installs finish quickly; use a shorter poll interval unless the user overrides.
+ *
+ * @fileoverview Resolve poll interval from controller deployment mode
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+const FAST_POLL_MS = 1000;
+const STANDARD_POLL_MS = 5000;
+
+/**
+ * @param {string} [deploymentType] - From controller health: deploymentType
+ * @returns {boolean}
+ */
+function isFastPollingDeploymentType(deploymentType) {
+  if (!deploymentType || typeof deploymentType !== 'string') {
+    return false;
+  }
+  const t = deploymentType.trim().toLowerCase();
+  return t === 'local' || t === 'database';
+}
+
+/**
+ * @param {string} [deploymentType] - Controller deploymentType
+ * @param {number|string|undefined|null} explicitPollInterval - User/config override (ms)
+ * @returns {number}
+ */
+function resolvePollIntervalMs(deploymentType, explicitPollInterval) {
+  const n =
+    explicitPollInterval !== undefined && explicitPollInterval !== null
+      ? Number(explicitPollInterval)
+      : NaN;
+  if (Number.isFinite(n) && n > 0) {
+    return n;
+  }
+  return isFastPollingDeploymentType(deploymentType) ? FAST_POLL_MS : STANDARD_POLL_MS;
+}
+
+/**
+ * Resolve poll interval: honor explicit ms when valid; else probe controller health for deploymentType.
+ * @param {string} controllerUrl - Miso controller base URL
+ * @param {number|string|undefined|null} explicitPollInterval - Optional CLI/config override
+ * @returns {Promise<number>}
+ */
+async function resolvePollIntervalFromController(controllerUrl, explicitPollInterval) {
+  const n =
+    explicitPollInterval !== undefined && explicitPollInterval !== null
+      ? Number(explicitPollInterval)
+      : NaN;
+  if (Number.isFinite(n) && n > 0) {
+    return n;
+  }
+  try {
+    const { getControllerDeploymentType } = require('../api/controller-health.api');
+    const deploymentType = await getControllerDeploymentType(controllerUrl);
+    return resolvePollIntervalMs(deploymentType, undefined);
+  } catch {
+    return STANDARD_POLL_MS;
+  }
+}
+
+module.exports = {
+  FAST_POLL_MS,
+  STANDARD_POLL_MS,
+  isFastPollingDeploymentType,
+  resolvePollIntervalMs,
+  resolvePollIntervalFromController
+};

package/lib/deployment/push.js

@@ -1,4 +1,4 @@
-const { formatSuccessLine } = require('../utils/cli-test-layout-chalk');
+const { formatSuccessLine, formatProgress } = require('../utils/cli-test-layout-chalk');
 /**
  * AI Fabrix Builder Push Utilities
  *
@@ -150,8 +150,9 @@ function validateRegistryURL(registryUrl) {
 async function checkACRAuthentication(registry) {
   try {
     const registryName = extractRegistryName(registry);
-    // On Windows, use shell option to ensure proper command resolution
-    const options = process.platform === 'win32' ? { shell: true } : {};
+    const { getDockerExecEnv } = require('../utils/remote-docker-env');
+    const env = await getDockerExecEnv();
+    const options = process.platform === 'win32' ? { shell: true, env } : { env };
     await execAsync(`az acr show --name ${registryName}`, { ...options, timeout: AZ_ACR_SHOW_TIMEOUT_MS });
     return true;
   } catch (error) {
@@ -167,9 +168,10 @@ async function checkACRAuthentication(registry) {
 async function authenticateACR(registry) {
   try {
     const registryName = extractRegistryName(registry);
-    logger.log(chalk.blue(`Authenticating with ${registry}...`));
-    // On Windows, use shell option to ensure proper command resolution
-    const options = process.platform === 'win32' ? { shell: true } : {};
+    logger.log(formatProgress(`Authenticating with ${registry}…`));
+    const { getDockerExecEnv } = require('../utils/remote-docker-env');
+    const env = await getDockerExecEnv();
+    const options = process.platform === 'win32' ? { shell: true, env } : { env };
     await execAsync(`az acr login --name ${registryName}`, { ...options, timeout: AZ_ACR_LOGIN_TIMEOUT_MS });
     logger.log(formatSuccessLine(`Authenticated with ${registry}`));
   } catch (error) {
@@ -192,7 +194,7 @@ async function authenticateACR(registry) {
  */
 async function authenticateExternalRegistry(registry, username, password) {
   try {
-    logger.log(chalk.blue(`Authenticating with ${registry}...`));
+    logger.log(formatProgress(`Authenticating with ${registry}…`));
 
     // Use cross-platform approach: write password to stdin directly
     // This works on Windows, Linux, and macOS
@@ -262,7 +264,7 @@ async function tagImage(sourceImage, targetImage) {
   try {
     const { getDockerExecEnv } = require('../utils/remote-docker-env');
     const env = await getDockerExecEnv();
-    logger.log(chalk.blue(`Tagging ${sourceImage} as ${targetImage}...`));
+    logger.log(formatProgress(`Tagging ${sourceImage} → ${targetImage}…`));
     await execAsync(`docker tag ${sourceImage} ${targetImage}`, { env });
     logger.log(formatSuccessLine(`Tagged: ${targetImage}`));
   } catch (error) {
@@ -280,7 +282,7 @@ async function pushImage(imageWithTag, registry = null) {
   try {
     const { getDockerExecEnv } = require('../utils/remote-docker-env');
     const env = await getDockerExecEnv();
-    logger.log(chalk.blue(`Pushing ${imageWithTag}...`));
+    logger.log(formatProgress(`Pushing ${imageWithTag}…`));
     await execAsync(`docker push ${imageWithTag}`, { env });
     logger.log(formatSuccessLine(`Pushed: ${imageWithTag}`));
   } catch (error) {

package/lib/external-system/deploy.js

@@ -29,6 +29,7 @@ const { validateExternalSystemComplete } = require('../validation/validate');
 const { displayValidationResults } = require('../validation/validate-display');
 const { maybeSyncSystemCertificationFromDataplane } = require('../certification/sync-system-certification');
 const { cliOptsSkipCertSync } = require('../certification/cli-cert-sync-skip');
+const { syncDeployJsonFromSources } = require('./sync-deploy-manifest');
 
 /**
  * Lists datasources for a system and loads system record for docs URLs.
@@ -152,7 +153,7 @@ function logImmediateControllerDeploymentOutcome(deploymentOutcome) {
     logger.log(formatSuccessParagraph('Controller deployment OK'));
     return;
   }
-  logger.log(chalk.red('\n✖ Controller deployment did not complete successfully'));
+  logger.log(chalk.red('✖ Controller deployment did not complete successfully'));
   const parts = [deploymentOutcome.error, deploymentOutcome.message].filter(Boolean);
   if (parts.length > 0) {
     for (const line of parts) {
@@ -265,6 +266,8 @@ async function deployExternalSystem(appName, options = {}) {
 
     logger.log(formatSuccessLine('Local validation passed, proceeding with deployment...'));
 
+    await syncDeployJsonFromSources(appName);
+
     const manifest = await generateControllerManifest(appName, options);
 
     const { environment, controllerUrl, authConfig } = await prepareDeploymentConfig(appName, options);

package/lib/external-system/download.js

@@ -1,4 +1,12 @@
-const { formatSuccessLine, formatSuccessParagraph } = require('../utils/cli-test-layout-chalk');
+const {
+  formatSuccessLine,
+  formatSuccessParagraph,
+  sectionTitle,
+  headerKeyValue,
+  metadata,
+  formatProgress,
+  formatWarningLine
+} = require('../utils/cli-test-layout-chalk');
 /**
  * External System Download Module
  *
@@ -24,7 +32,6 @@ const fsSync = require('fs');
 const path = require('path');
 const readline = require('readline');
 const yaml = require('js-yaml');
-const chalk = require('chalk');
 const { getExternalSystemConfig } = require('../api/external-systems.api');
 const { getDeploymentAuth, requireBearerForDataplanePipeline } = require('../utils/token-manager');
 const { getConfig } = require('../core/config');
@@ -128,7 +135,7 @@ async function setupAuthenticationAndDataplane(systemKey, _options, _config) {
   }
 
   const { resolveDataplaneUrl } = require('../utils/dataplane-resolver');
-  logger.log(chalk.blue('🌐 Resolving dataplane URL...'));
+  logger.log(formatProgress('Resolving dataplane URL…'));
   const dataplaneUrl = await resolveDataplaneUrl(controllerUrl, environment, authConfig);
   logger.log(formatSuccessLine(`Dataplane URL: ${dataplaneUrl}`));
 
@@ -148,7 +155,7 @@ async function setupAuthenticationAndDataplane(systemKey, _options, _config) {
  * @throws {Error} If download fails
  */
 async function downloadFullManifest(dataplaneUrl, systemKey, authConfig) {
-  logger.log(chalk.blue(`📡 Downloading full manifest: ${systemKey}`));
+  logger.log(formatProgress(`Downloading manifest for ${systemKey}…`));
   const response = await getExternalSystemConfig(dataplaneUrl, systemKey, authConfig);
 
   if (!response.success || !response.data) {
@@ -268,14 +275,18 @@ function validateSystemKeyFormat(systemKey) {
  * @param {string} dataplaneUrl - Dataplane URL
  */
 function handleDryRun(systemKey, dataplaneUrl) {
-  logger.log(chalk.yellow('🔍 Dry run mode - would download from:'));
-  logger.log(chalk.gray(`  ${dataplaneUrl}/api/v1/external/systems/${systemKey}/config`));
-  logger.log(chalk.yellow('\nWould create (via split-json):'));
-  logger.log(chalk.gray(`  integration/${systemKey}/${systemKey}-deploy.json`));
-  logger.log(chalk.gray(`  integration/${systemKey}/application.yaml`));
-  logger.log(chalk.gray(`  integration/${systemKey}/${systemKey}-system.yaml`));
-  logger.log(chalk.gray(`  integration/${systemKey}/env.template`));
-  logger.log(chalk.gray(`  integration/${systemKey}/README.md`));
+  logger.log(formatWarningLine('Dry run mode: no files written.'));
+  logger.log(metadata(`Would fetch: ${dataplaneUrl}/api/v1/external/systems/${systemKey}/config`));
+  logger.log(metadata('Would create:'));
+  [
+    `integration/${systemKey}/${systemKey}-deploy.json`,
+    `integration/${systemKey}/application.yaml`,
+    `integration/${systemKey}/${systemKey}-system.yaml`,
+    `integration/${systemKey}/env.template`,
+    `integration/${systemKey}/README.md`
+  ].forEach(rel => {
+    logger.log(metadata(`  - ${rel}`));
+  });
 }
 
 /**
@@ -285,7 +296,7 @@ function handleDryRun(systemKey, dataplaneUrl) {
  * @returns {string} System type
  */
 function validateAndLogDownloadedData(application, dataSources) {
-  logger.log(chalk.blue('🔍 Validating downloaded data...'));
+  logger.log(formatProgress('Validating downloaded data…'));
   validateDownloadedData(application, dataSources);
   const systemType = validateSystemType(application);
   logger.log(formatSuccessLine(`System type: ${systemType}`));
@@ -300,7 +311,7 @@ function validateAndLogDownloadedData(application, dataSources) {
 function promptReplaceReadme() {
   const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
   return new Promise(resolve => {
-    rl.question(chalk.yellow('README.md already exists. Do you want to replace it? (yes/no) '), answer => {
+    rl.question(`${metadata('README.md already exists. Replace it?')} (yes/no) `, answer => {
       rl.close();
       const normalized = (answer || '').trim().toLowerCase();
       resolve(normalized === 'yes' || normalized === 'y');
@@ -326,7 +337,7 @@ async function resolveDownloadSplitOptions(finalPath, options = {}) {
       opts.overwriteReadme = true;
     } else {
       opts.overwriteReadme = await promptReplaceReadme();
-      if (!opts.overwriteReadme) logger.log(chalk.gray('  Keeping existing README.md'));
+      if (!opts.overwriteReadme) logger.log(metadata('Keeping existing README.md'));
     }
   }
   return opts;
@@ -362,7 +373,8 @@ async function processDownloadedSystem(systemKey, manifest, splitOptions = {}) {
   const { application, dataSources, version } = manifest;
   const finalPath = getIntegrationPath(systemKey);
 
-  logger.log(chalk.blue(`📁 Creating directory: ${finalPath}`));
+  logger.log(formatProgress('Creating integration directory…'));
+  logger.log(metadata(finalPath));
   await fs.mkdir(finalPath, { recursive: true });
 
   const deployJson = buildDeployJsonFromManifest(application, dataSources, version);
@@ -370,7 +382,7 @@ async function processDownloadedSystem(systemKey, manifest, splitOptions = {}) {
   await fs.writeFile(deployJsonPath, JSON.stringify(deployJson, null, 2), 'utf8');
   logger.log(formatSuccessLine(`Created: ${path.relative(process.cwd(), deployJsonPath)}`));
 
-  logger.log(chalk.blue('📂 Splitting deploy JSON into component files...'));
+  logger.log(formatProgress('Splitting deploy JSON into component files…'));
   const splitResult = await generator.splitDeployJson(deployJsonPath, finalPath, splitOptions);
   await applyRetemplateToSystemFile(systemKey, splitResult.systemFile);
 
@@ -391,10 +403,37 @@ async function processDownloadedSystem(systemKey, manifest, splitOptions = {}) {
  * @param {number} datasourceCount - Number of datasources
  */
 function displayDownloadSuccess(systemKey, finalPath, datasourceCount) {
-  logger.log(formatSuccessParagraph('External system downloaded successfully!'));
-  logger.log(chalk.blue(`Location: ${finalPath}`));
-  logger.log(chalk.blue(`System: ${systemKey}`));
-  logger.log(chalk.blue(`Datasources: ${datasourceCount}`));
+  logger.log(
+    formatSuccessParagraph(
+      `Downloaded ${systemKey} (${datasourceCount} datasource${datasourceCount === 1 ? '' : 's'})`
+    )
+  );
+  logger.log(headerKeyValue('Location:', finalPath));
+}
+
+/**
+ * After YAML split, convert integration files to JSON when --format json.
+ * @async
+ * @param {string} systemKey
+ * @returns {Promise<void>}
+ */
+async function runConvertToJsonIfRequested(systemKey) {
+  const { runConvert } = require('../commands/convert');
+  try {
+    await runConvert(systemKey, { format: 'json', force: true });
+    logger.log(formatSuccessLine('Converted component files to JSON'));
+  } catch (convertErr) {
+    throw new Error(`Download succeeded but convert to JSON failed: ${convertErr.message}`);
+  }
+}
+
+/**
+ * @param {string} systemKey
+ */
+function logDownloadCommandHeader(systemKey) {
+  logger.log('');
+  logger.log(sectionTitle('Download'));
+  logger.log(headerKeyValue('System:', systemKey));
 }
 
 /**
@@ -411,23 +450,13 @@ function displayDownloadSuccess(systemKey, finalPath, datasourceCount) {
  * @returns {Promise<void>} Resolves when download completes
  * @throws {Error} If download fails
  */
-async function runConvertToJsonIfRequested(systemKey) {
-  const { runConvert } = require('../commands/convert');
-  try {
-    await runConvert(systemKey, { format: 'json', force: true });
-    logger.log(formatSuccessLine('Converted component files to JSON'));
-  } catch (convertErr) {
-    throw new Error(`Download succeeded but convert to JSON failed: ${convertErr.message}`);
-  }
-}
-
 async function downloadExternalSystem(systemKey, options = {}) {
   validateSystemKeyFormat(systemKey);
 
   const format = (options.format || 'yaml').toLowerCase();
 
   try {
-    logger.log(chalk.blue(`\n📥 Downloading external system: ${systemKey}`));
+    logDownloadCommandHeader(systemKey);
 
     const config = await getConfig();
     const { authConfig, dataplaneUrl } = await setupAuthenticationAndDataplane(systemKey, options, config);

package/lib/external-system/sync-deploy-manifest.js

@@ -0,0 +1,33 @@
+/**
+ * Regenerate *-deploy.json on disk for an integration (same as `aifabrix json <systemKey>`).
+ *
+ * @fileoverview Sync deployment manifest file before upload/deploy
+ * @author AI Fabrix Team
+ * @version 1.0.0
+ */
+
+'use strict';
+
+const { formatSuccessLine } = require('../utils/cli-test-layout-chalk');
+const generator = require('../generator');
+const logger = require('../utils/logger');
+
+/**
+ * Writes integration/<systemKey>/<systemKey>-deploy.json from current application sources.
+ * Equivalent to running {@link generator.generateDeployJson} / `aifabrix json <systemKey>` for externals.
+ *
+ * @param {string} systemKey - External system key (integration folder name)
+ * @param {{ quiet?: boolean }} [opts] - quiet: omit success log line
+ * @returns {Promise<string>} Absolute path to the written deploy JSON file
+ */
+async function syncDeployJsonFromSources(systemKey, opts = {}) {
+  const deployPath = await generator.generateDeployJson(systemKey, {});
+  if (!opts.quiet) {
+    logger.log(formatSuccessLine(`Updated deployment manifest: ${deployPath}`));
+  }
+  return deployPath;
+}
+
+module.exports = {
+  syncDeployJsonFromSources
+};

package/lib/generator/wizard-prompts.js

@@ -324,17 +324,22 @@ async function promptForExistingCredentialInput() {
  * @function promptForUserIntent
  * @returns {Promise<string>} User intent
  */
+const WIZARD_INTENT_MAX_LENGTH = 1000;
+
 async function promptForUserIntent() {
   const { intent } = await inquirer.prompt([
     {
       type: 'input',
       name: 'intent',
-      message: 'Describe your primary use case (any text):',
+      message: `Describe your primary use case (max ${WIZARD_INTENT_MAX_LENGTH} characters):`,
       default: 'general integration',
       validate: (input) => {
         if (!input || typeof input !== 'string' || input.trim().length === 0) {
           return 'Intent is required';
         }
+        if (input.length > WIZARD_INTENT_MAX_LENGTH) {
+          return `Intent must be ${WIZARD_INTENT_MAX_LENGTH} characters or fewer`;
+        }
         return true;
       }
     }
@@ -437,6 +442,7 @@ async function promptForRunWithSavedConfig() {
 const secondary = require('./wizard-prompts-secondary');
 
 module.exports = {
+  WIZARD_INTENT_MAX_LENGTH,
   promptForMode,
   promptForSystemIdOrKey,
   promptForExistingSystem,

package/lib/generator/wizard.js

@@ -32,6 +32,35 @@ function toKeySegment(str) {
   return sanitized || 'default';
 }
 
+/**
+ * Align authentication.security kv:// namespaces and credentialKey with the final system key.
+ * Dataplane normalizes this before respond; when appName overrides a spec-derived key (e.g.
+ * OpenAPI title "Companies"), the builder still must rewrite nested auth so it matches env.template.
+ *
+ * @param {Object|null|undefined} authentication - authentication block from dataplane
+ * @param {string} systemKey - Final external system key (integration app name)
+ * @param {string} [authDisplayName] - Credential display name (typically title-cased app name)
+ */
+function normalizeAuthenticationToSystemKey(authentication, systemKey, authDisplayName) {
+  if (!authentication || typeof authentication !== 'object') return;
+  authentication.credentialKey = `${systemKey}-cred`;
+  const security = authentication.security;
+  if (security && typeof security === 'object') {
+    for (const k of Object.keys(security)) {
+      const v = security[k];
+      if (typeof v === 'string' && v.startsWith('kv://')) {
+        const rest = v.slice(5);
+        const idx = rest.indexOf('/');
+        const suffix = idx >= 0 ? rest.slice(idx + 1) : '';
+        security[k] = suffix ? `kv://${systemKey}/${suffix}` : `kv://${systemKey}`;
+      }
+    }
+  }
+  if (authDisplayName) {
+    authentication.displayName = authDisplayName;
+  }
+}
+
 /**
  * Generate files from dataplane-generated wizard configurations
  * @async
@@ -182,6 +211,11 @@ async function prepareWizardContext(appName, systemConfig, datasourceConfigs) {
   const originalSystemKey = systemConfig.key || finalSystemKey;
   const appDisplayName = appName.replace(/-/g, ' ').replace(/\b\w/g, l => l.toUpperCase());
   const updatedSystemConfig = { ...systemConfig, key: finalSystemKey, displayName: appDisplayName };
+  normalizeAuthenticationToSystemKey(
+    updatedSystemConfig.authentication,
+    finalSystemKey,
+    appDisplayName
+  );
   const originalPrefix = `${originalSystemKey}-`;
   const updatedDatasourceConfigs = datasourceConfigs.map(ds => {
     let newKey;