npm - @aifabrix/builder - Versions diffs - 2.44.4 → 2.44.6 - Mend

@aifabrix/builder 2.44.4 → 2.44.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (214) hide show

package/.cursor/rules/cli-layout.mdc +1 -1
package/.cursor/rules/project-rules.mdc +1 -1
package/.npmrc.token +1 -1
package/README.md +15 -23
package/integration/hubspot-test/README.md +2 -0
package/integration/hubspot-test/test.js +5 -3
package/jest.projects.js +68 -17
package/lib/api/controller-health.api.js +49 -0
package/lib/api/dimension-values.api.js +82 -0
package/lib/api/dimensions.api.js +114 -0
package/lib/api/external-systems.api.js +1 -0
package/lib/api/integration-clients.api.js +168 -0
package/lib/api/types/dimension-values.types.js +28 -0
package/lib/api/types/dimensions.types.js +31 -0
package/lib/api/types/integration-clients.types.js +45 -0
package/lib/api/types/wizard.types.js +2 -1
package/lib/api/validation-runner.js +46 -25
package/lib/app/deploy-config.js +11 -1
package/lib/app/deploy-status-display.js +3 -3
package/lib/app/deploy.js +36 -14
package/lib/app/display.js +15 -11
package/lib/app/push.js +46 -23
package/lib/app/register.js +1 -1
package/lib/app/restart-display.js +95 -0
package/lib/app/rotate-secret.js +1 -1
package/lib/app/run-container-start.js +12 -6
package/lib/app/run-env-compose.js +30 -1
package/lib/app/run-helpers.js +44 -12
package/lib/app/run-reload-sync.js +148 -0
package/lib/app/run-resolve-image.js +51 -1
package/lib/app/run.js +99 -73
package/lib/build/index.js +75 -45
package/lib/cli/doctor-check.js +117 -0
package/lib/cli/index.js +8 -2
package/lib/cli/infra-guided.js +445 -0
package/lib/cli/setup-app.help.js +1 -1
package/lib/cli/setup-app.js +20 -2
package/lib/cli/setup-app.test-commands.js +9 -5
package/lib/cli/setup-auth.js +26 -0
package/lib/cli/setup-dev-path-commands.js +50 -3
package/lib/cli/setup-infra.js +138 -61
package/lib/cli/setup-integration-client.js +182 -0
package/lib/cli/setup-parameters.js +21 -2
package/lib/cli/setup-platform.js +102 -0
package/lib/cli/setup-secrets.js +18 -6
package/lib/cli/setup-utility.js +97 -33
package/lib/commands/datasource-capability-dimension-cli.js +128 -0
package/lib/commands/datasource-capability-output.js +29 -0
package/lib/commands/datasource-capability-relate-cli.js +140 -0
package/lib/commands/datasource-capability.js +411 -0
package/lib/commands/datasource-unified-test-cli.options.js +1 -1
package/lib/commands/datasource.js +53 -13
package/lib/commands/dev-down.js +3 -3
package/lib/commands/dev-infra-gate.js +32 -0
package/lib/commands/dev-init.js +13 -7
package/lib/commands/dimension-value.js +179 -0
package/lib/commands/dimension.js +330 -0
package/lib/commands/integration-client.js +430 -0
package/lib/commands/login-device.js +65 -30
package/lib/commands/login.js +21 -10
package/lib/commands/parameters-validate.js +78 -13
package/lib/commands/repair-datasource-auto-rbac.js +166 -0
package/lib/commands/repair-datasource-keys.js +10 -5
package/lib/commands/repair-datasource.js +19 -7
package/lib/commands/repair-env-template.js +4 -1
package/lib/commands/repair-openapi-sync.js +172 -0
package/lib/commands/repair-persist.js +102 -0
package/lib/commands/repair-rbac-extract.js +27 -0
package/lib/commands/repair-rbac-migrate.js +186 -0
package/lib/commands/repair-rbac.js +225 -19
package/lib/commands/repair-system-alignment.js +246 -0
package/lib/commands/repair-system-permissions.js +168 -0
package/lib/commands/repair.js +120 -354
package/lib/commands/secure.js +1 -1
package/lib/commands/setup-modes.js +455 -0
package/lib/commands/setup-prompts.js +388 -0
package/lib/commands/setup.js +149 -0
package/lib/commands/teardown.js +228 -0
package/lib/commands/test-e2e-external.js +4 -3
package/lib/commands/up-common.js +97 -12
package/lib/commands/up-dataplane.js +33 -11
package/lib/commands/up-miso.js +7 -11
package/lib/commands/upload.js +109 -23
package/lib/commands/wizard-core-helpers.js +14 -11
package/lib/commands/wizard-core.js +58 -15
package/lib/commands/wizard-dataplane.js +2 -2
package/lib/commands/wizard-entity-selection.js +72 -14
package/lib/commands/wizard-headless.js +7 -3
package/lib/commands/wizard-helpers.js +13 -1
package/lib/commands/wizard.js +210 -61
package/lib/constants/infra-compose-service-names.js +40 -0
package/lib/core/env-reader.js +16 -3
package/lib/core/secrets-admin-env.js +101 -0
package/lib/core/secrets-ensure-infra.js +34 -1
package/lib/core/secrets-ensure.js +88 -66
package/lib/core/secrets-env-content.js +432 -0
package/lib/core/secrets-env-write.js +27 -1
package/lib/core/secrets-load.js +248 -0
package/lib/core/secrets-names.js +32 -0
package/lib/core/secrets.js +17 -757
package/lib/datasource/capability/basic-exposure.js +76 -0
package/lib/datasource/capability/capability-diff-slice.js +41 -0
package/lib/datasource/capability/capability-key.js +34 -0
package/lib/datasource/capability/capability-resolve.js +172 -0
package/lib/datasource/capability/capability-storage-keys.js +22 -0
package/lib/datasource/capability/copy-operations.js +348 -0
package/lib/datasource/capability/copy-test-payload.js +139 -0
package/lib/datasource/capability/create-operations.js +235 -0
package/lib/datasource/capability/dimension-operations.js +151 -0
package/lib/datasource/capability/dimension-validate.js +219 -0
package/lib/datasource/capability/json-pointer.js +31 -0
package/lib/datasource/capability/reference-rewrite.js +51 -0
package/lib/datasource/capability/relate-operations.js +325 -0
package/lib/datasource/capability/relate-validate.js +219 -0
package/lib/datasource/capability/remove-operations.js +275 -0
package/lib/datasource/capability/run-capability-copy.js +152 -0
package/lib/datasource/capability/run-capability-diff.js +135 -0
package/lib/datasource/capability/run-capability-dimension.js +291 -0
package/lib/datasource/capability/run-capability-edit.js +377 -0
package/lib/datasource/capability/run-capability-relate.js +193 -0
package/lib/datasource/capability/run-capability-remove.js +105 -0
package/lib/datasource/capability/templates/minimal-fetch.json +18 -0
package/lib/datasource/capability/validate-capability-slice.js +35 -0
package/lib/datasource/list.js +136 -23
package/lib/datasource/log-viewer.js +2 -4
package/lib/datasource/unified-validation-run.js +51 -16
package/lib/datasource/validate.js +53 -1
package/lib/deployment/deploy-poll-ui.js +60 -0
package/lib/deployment/deployer-status.js +29 -3
package/lib/deployment/deployer.js +48 -30
package/lib/deployment/environment.js +7 -2
package/lib/deployment/poll-interval.js +72 -0
package/lib/deployment/push.js +11 -9
package/lib/external-system/deploy.js +4 -1
package/lib/external-system/download.js +61 -32
package/lib/external-system/sync-deploy-manifest.js +33 -0
package/lib/generator/wizard-prompts.js +7 -1
package/lib/generator/wizard.js +34 -0
package/lib/infrastructure/index.js +49 -19
package/lib/infrastructure/orphan-infra-docker-teardown.js +177 -0
package/lib/parameters/infra-kv-discovery.js +29 -4
package/lib/parameters/infra-parameter-catalog.js +6 -3
package/lib/parameters/infra-parameter-validate.js +67 -19
package/lib/resolvers/datasource-resolver.js +53 -0
package/lib/resolvers/dimension-file.js +52 -0
package/lib/resolvers/manifest-resolver.js +133 -0
package/lib/schema/external-datasource.schema.json +183 -53
package/lib/schema/external-system.schema.json +23 -10
package/lib/schema/infra.parameter.yaml +26 -11
package/lib/schema/wizard-config.schema.json +2 -2
package/lib/utils/aifabrix-config-dir-walk.js +40 -0
package/lib/utils/aifabrix-runtime-config-dir.js +26 -3
package/lib/utils/app-run-containers.js +2 -2
package/lib/utils/bash-secret-env.js +59 -0
package/lib/utils/cli-secrets-error-format.js +78 -0
package/lib/utils/cli-test-layout-chalk.js +31 -9
package/lib/utils/cli-utils.js +4 -36
package/lib/utils/datasource-test-run-display.js +8 -0
package/lib/utils/dev-hosts-helper.js +3 -2
package/lib/utils/dev-init-ssh-merge.js +2 -1
package/lib/utils/docker-build.js +17 -9
package/lib/utils/docker-reload-mount.js +127 -0
package/lib/utils/external-readme.js +117 -4
package/lib/utils/external-system-local-test-tty.js +3 -2
package/lib/utils/external-system-readiness-core.js +45 -12
package/lib/utils/external-system-readiness-deploy-display.js +3 -3
package/lib/utils/external-system-readiness-display-internals.js +33 -3
package/lib/utils/external-system-readiness-display.js +10 -1
package/lib/utils/file-upload.js +40 -3
package/lib/utils/health-check-db-init.js +107 -0
package/lib/utils/health-check-public-warn.js +69 -0
package/lib/utils/health-check-url.js +19 -4
package/lib/utils/health-check.js +135 -105
package/lib/utils/help-builder.js +5 -1
package/lib/utils/image-name.js +34 -7
package/lib/utils/integration-file-backup.js +74 -0
package/lib/utils/mutagen-install.js +30 -3
package/lib/utils/paths.js +108 -25
package/lib/utils/postgres-wipe.js +212 -0
package/lib/utils/register-aifabrix-shell-env.js +15 -0
package/lib/utils/remote-dev-auth.js +21 -5
package/lib/utils/remote-docker-env.js +9 -1
package/lib/utils/remote-secrets-loader.js +42 -3
package/lib/utils/resolve-docker-image-ref.js +9 -3
package/lib/utils/secrets-ancestor-paths.js +47 -0
package/lib/utils/secrets-helpers.js +17 -10
package/lib/utils/secrets-kv-refs.js +42 -0
package/lib/utils/secrets-kv-scope.js +19 -2
package/lib/utils/secrets-materialize-local.js +134 -0
package/lib/utils/secrets-path.js +24 -10
package/lib/utils/secrets-utils.js +2 -2
package/lib/utils/system-builder-root.js +34 -0
package/lib/utils/url-declarative-resolve-build.js +6 -1
package/lib/utils/url-declarative-runtime-base-path.js +32 -0
package/lib/utils/url-declarative-vdir-inactive-env.js +2 -1
package/lib/utils/urls-local-registry.js +73 -20
package/lib/utils/validation-poll-ui.js +81 -0
package/lib/utils/validation-run-poll.js +29 -5
package/lib/utils/with-muted-logger.js +53 -0
package/package.json +1 -1
package/templates/applications/dataplane/application.yaml +1 -1
package/templates/applications/dataplane/rbac.yaml +10 -10
package/templates/applications/keycloak/env.template +8 -6
package/templates/applications/miso-controller/application.yaml +7 -0
package/templates/applications/miso-controller/env.template +7 -7
package/templates/applications/miso-controller/rbac.yaml +9 -9
package/templates/external-system/README.md.hbs +89 -102
package/.nyc_output/55e9d034-ddab-4579-a706-e02a91d75c91.json +0 -1
package/.nyc_output/processinfo/55e9d034-ddab-4579-a706-e02a91d75c91.json +0 -1
package/.nyc_output/processinfo/index.json +0 -1
package/lib/api/service-users.api.js +0 -150
package/lib/api/types/service-users.types.js +0 -65
package/lib/cli/setup-service-user.js +0 -187
package/lib/commands/service-user.js +0 -429

package/lib/utils/docker-reload-mount.js ADDED Viewed

@@ -0,0 +1,127 @@
+/**
+ * Decide whether `aifabrix run --reload` can bind-mount workspace without Mutagen.
+ * Mutagen is only needed when the CLI filesystem and the Docker engine host differ.
+ *
+ * @fileoverview Co-located Docker detection for reload mounts
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+'use strict';
+const os = require('os');
+/**
+ * @param {string} host
+ * @returns {string}
+ */
+function normalizeHost(host) {
+  return String(host || '')
+    .trim()
+    .toLowerCase()
+    .replace(/^\[|\]$/g, '');
+}
+/**
+ * @param {string} host
+ * @returns {boolean}
+ */
+function isLocalLoopbackHost(host) {
+  const h = normalizeHost(host);
+  return h === 'localhost' || h === '127.0.0.1' || h === '::1' || h === '0:0:0:0:0:0:0:1';
+}
+/**
+ * @param {string} rest - after "tcp://"
+ * @returns {string|null}
+ */
+function tcpHostFromRest(rest) {
+  if (rest.startsWith('[')) {
+    const end = rest.indexOf(']');
+    if (end === -1) return null;
+    return normalizeHost(rest.slice(1, end));
+  }
+  const hostPort = rest.split('/')[0];
+  const colonIdx = hostPort.lastIndexOf(':');
+  if (colonIdx === -1) {
+    return normalizeHost(hostPort);
+  }
+  const maybePort = hostPort.slice(colonIdx + 1);
+  if (/^\d+$/.test(maybePort)) {
+    return normalizeHost(hostPort.slice(0, colonIdx));
+  }
+  return normalizeHost(hostPort);
+}
+/**
+ * Extract host from docker-endpoint (tcp, optional URL form).
+ * @param {string} endpoint
+ * @returns {string|null} normalized host, or null for unix socket paths / empty
+ */
+function extractHostFromDockerEndpoint(endpoint) {
+  const s = String(endpoint || '').trim();
+  if (!s) return null;
+  const lower = s.toLowerCase();
+  if (lower.startsWith('unix:')) {
+    return null;
+  }
+  if (lower.startsWith('tcp://')) {
+    return tcpHostFromRest(s.slice(6));
+  }
+  try {
+    const u = new URL(s.includes('://') ? s : `tcp://${s}`);
+    return normalizeHost(u.hostname);
+  } catch {
+    return null;
+  }
+}
+/**
+ * sync-ssh-host localhost check (same rules as run.js isLocalhostHost for reload gate).
+ * @param {string} host
+ * @returns {boolean}
+ */
+function isLocalhostSyncSshHost(host) {
+  if (!host || typeof host !== 'string') return false;
+  const h = host.trim().toLowerCase();
+  return h === 'localhost' || h === '127.0.0.1';
+}
+/**
+ * True when docker API host is this machine (first label or FQDN match).
+ * @param {string} dockerHost - from extractHostFromDockerEndpoint
+ * @returns {boolean}
+ */
+function hostnameMatchesDockerHost(dockerHost) {
+  const h = normalizeHost(dockerHost);
+  if (!h) return true;
+  if (isLocalLoopbackHost(h)) return true;
+  const hn = normalizeHost(os.hostname());
+  if (h === hn) return true;
+  const hnShort = hn.split('.')[0];
+  const hShort = h.split('.')[0];
+  if (h === hnShort || hn === hShort) return true;
+  return false;
+}
+/**
+ * When true, use a direct bind mount for --reload; Mutagen is not required.
+ * @param {string|null|undefined} dockerEndpoint - config `docker-endpoint`
+ * @returns {boolean}
+ */
+function isReloadBindMountOnEngineHost(dockerEndpoint) {
+  const e = String(dockerEndpoint || '').trim();
+  if (!e) return true;
+  if (e.toLowerCase().startsWith('unix:')) return true;
+  const host = extractHostFromDockerEndpoint(e);
+  if (host === null) {
+    return false;
+  }
+  return hostnameMatchesDockerHost(host);
+}
+module.exports = {
+  extractHostFromDockerEndpoint,
+  isReloadBindMountOnEngineHost,
+  isLocalhostSyncSshHost
+};

package/lib/utils/external-readme.js CHANGED Viewed

@@ -15,6 +15,72 @@ const path = require('path');
 const handlebars = require('handlebars');
 const { getProjectRoot } = require('./paths');
+/**
+ * Extracts secret keys from integration/<appName>/env.template when present.
+ * Looks for values like `kv://systemKey/apiKey` and returns that key for
+ * `aifabrix secret set <key> <value>`.
+ *
+ * @param {object} args
+ * @param {string} args.projectRoot
+ * @param {string} args.appName
+ * @returns {Array<{path: string, description: string}>}
+ */
+function extractSecretPathsFromEnvTemplate({ projectRoot, appName }) {
+  if (!projectRoot || !appName) return [];
+  const envTemplatePath = path.join(projectRoot, 'integration', appName, 'env.template');
+  if (!fs.existsSync(envTemplatePath)) return [];
+  const raw = _tryReadTextOrNull(envTemplatePath);
+  if (raw === null) return [];
+  if (typeof raw !== 'string') return [];
+  function parseSecretKey(value) {
+    if (!value || typeof value !== 'string') return null;
+    const kvIdx = value.indexOf('kv://');
+    if (kvIdx === -1) return null;
+    const after = value.slice(kvIdx + 'kv://'.length);
+    const key = after.split(/[ \t#]/)[0]?.trim();
+    return key || null;
+  }
+  function parseLine(line) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith('#')) return null;
+    const eqIdx = trimmed.indexOf('=');
+    if (eqIdx <= 0) return null;
+    const varName = trimmed.slice(0, eqIdx).trim();
+    const value = trimmed.slice(eqIdx + 1).trim();
+    const key = parseSecretKey(value);
+    if (!key) return null;
+    return { varName: varName || 'Secret', key };
+  }
+  const out = [];
+  const seen = new Set();
+  for (const line of raw.split('\n')) {
+    const parsed = parseLine(line);
+    if (!parsed) continue;
+    const dedupeKey = `${parsed.varName}::${parsed.key}`;
+    if (seen.has(dedupeKey)) continue;
+    seen.add(dedupeKey);
+    out.push({ path: parsed.key, description: parsed.varName });
+  }
+  return out;
+}
+function _tryReadTextOrNull(p) {
+  try {
+    return fs.readFileSync(p, 'utf8');
+  } catch (e) {
+    // Some Jest suites partially mock fs.existsSync; treat missing files as absent templates.
+    if (e && e.code === 'ENOENT') return null;
+    throw e;
+  }
+}
 /**
  * Formats a display name from a key
  * @param {string} key - System or app key
@@ -137,17 +203,51 @@ function rbacOptionalFilename(normalizedExt) {
   return normalizedExt === '.yaml' || normalizedExt === '.yml' ? 'rbac.yaml' : 'rbac.json';
 }
+/**
+ * Word-wraps plain description text for Markdown (MD013 ~80 columns). Keeps blank
+ * lines between paragraphs.
+ * @param {string} text - Raw description
+ * @param {number} [maxLen=80] - Target max line length
+ * @returns {string}
+ */
+function wrapPlainTextForMarkdown(text, maxLen = 80) {
+  if (!text || typeof text !== 'string') return text;
+  const blocks = text.split(/\n\s*\n/);
+  const wrapped = blocks.map((block) => {
+    const flat = block.replace(/\s+/g, ' ').trim();
+    if (!flat) return '';
+    const words = flat.split(' ');
+    const lines = [];
+    let current = '';
+    for (const w of words) {
+      const candidate = current ? `${current} ${w}` : w;
+      if (candidate.length <= maxLen) {
+        current = candidate;
+      } else {
+        if (current) lines.push(current);
+        current = w;
+      }
+    }
+    if (current) lines.push(current);
+    return lines.join('\n');
+  });
+  return wrapped.filter(Boolean).join('\n\n');
+}
 function buildExternalReadmeContext(params = {}) {
   const appName = params.appName || params.systemKey || 'external-system';
   const systemKey = params.systemKey || appName;
   const displayName = params.displayName || formatDisplayName(systemKey);
-  const description = params.description || `External system integration for ${systemKey}`;
+  const rawDescription = params.description || `External system integration for ${systemKey}`;
+  const description = wrapPlainTextForMarkdown(rawDescription);
   const systemType = params.systemType || 'openapi';
   const fileExt = params.fileExt !== undefined ? params.fileExt : '.json';
   const normalizedExt = fileExt && fileExt.startsWith('.') ? fileExt : `.${fileExt || 'json'}`;
   const datasources = normalizeDatasources(params.datasources, systemKey, fileExt);
   const authType = params.authType || params.authentication?.type || params.authentication?.method || params.authentication?.authType;
-  const secretPaths = buildSecretPaths(systemKey, authType);
+  const projectRoot = getProjectRoot();
+  const secretPathsFromEnv = extractSecretPathsFromEnvTemplate({ projectRoot, appName });
+  const secretPaths = secretPathsFromEnv.length > 0 ? secretPathsFromEnv : buildSecretPaths(systemKey, authType);
   const rbacOptionalFile = rbacOptionalFilename(normalizedExt);
   return {
@@ -186,13 +286,26 @@ function loadExternalReadmeTemplate() {
  * @param {Object} params - Context parameters
  * @returns {string} README content
  */
+/**
+ * Collapses 3+ consecutive newlines to 2 (fixes MD012 from Handlebars spacing).
+ * @param {string} md - Markdown body
+ * @returns {string}
+ */
+function collapseConsecutiveBlankLines(md) {
+  if (!md || typeof md !== 'string') return md;
+  return md.replace(/\n{3,}/g, '\n\n');
+}
 function generateExternalReadmeContent(params = {}) {
   const template = loadExternalReadmeTemplate();
   const context = buildExternalReadmeContext(params);
-  return template(context);
+  return collapseConsecutiveBlankLines(template(context));
 }
 module.exports = {
   buildExternalReadmeContext,
-  generateExternalReadmeContent
+  generateExternalReadmeContent,
+  wrapPlainTextForMarkdown,
+  collapseConsecutiveBlankLines,
+  extractSecretPathsFromEnvTemplate
 };

package/lib/utils/external-system-local-test-tty.js CHANGED Viewed

@@ -19,6 +19,7 @@ const {
   headerKeyValue,
   formatStatusKeyValue,
   colorRollupPrefixedLine,
+  formatSuccessLine,
   metadata: metaGray
 } = require('./cli-test-layout-chalk');
@@ -338,7 +339,7 @@ function displayLocalExternalTestPlanLayout(results, verbose, appName) {
 function logVerboseSystemRows(systemResults) {
   for (const s of systemResults || []) {
     const ok = s.valid;
-    logger.log(ok ? chalk.green(`  ✔ ${s.file}`) : chalk.red(`  ✖ ${s.file}`));
+    logger.log(ok ? (chalk.green('  ') + formatSuccessLine(s.file)) : chalk.red(`  ✖ ${s.file}`));
     (s.errors || []).forEach(e => logger.log(chalk.red(`    - ${e}`)));
   }
 }
@@ -346,7 +347,7 @@ function logVerboseSystemRows(systemResults) {
 function logVerboseDatasourceRows(datasourceResults) {
   for (const d of datasourceResults || []) {
     const ok = d.valid;
-    logger.log(ok ? chalk.green(`  ✔ ${d.key} (${d.file})`) : chalk.red(`  ✖ ${d.key} (${d.file})`));
+    logger.log(ok ? (chalk.green('  ') + formatSuccessLine(`${d.key} (${d.file})`)) : chalk.red(`  ✖ ${d.key} (${d.file})`));
     (d.errors || []).forEach(e => logger.log(chalk.red(`    - ${e}`)));
     (d.warnings || []).forEach(w => logger.log(chalk.yellow(`    ⚠ ${w}`)));
     if (d.fieldMappingResults && d.fieldMappingResults.mappedFields) {

package/lib/utils/external-system-readiness-core.js CHANGED Viewed

@@ -43,30 +43,57 @@ function unwrapPublicationResult(res) {
  * Rules: inactive/archived → Failed; MCP expected but missing → Partial; draft → Partial; published/deployed + active → Ready.
  * @param {Object} ds - ExternalDataSourceResponse-like
  * @param {boolean} generateMcpContract - From application config
- * @returns {'ready'|'partial'|'failed'}
+ * @returns {{ tier: 'ready'|'partial'|'failed', partialReason: string|null }}
  */
-function classifyDatasourceTierA(ds, generateMcpContract) {
+function classifyDatasourceTierADetail(ds, generateMcpContract) {
   const active = ds.isActive !== false;
   const status = String(ds.status || '').toLowerCase();
   if (!active || status === 'archived') {
-    return 'failed';
+    return { tier: 'failed', partialReason: null };
   }
   if (generateMcpContract === true && !ds.mcpContract) {
-    return 'partial';
+    return { tier: 'partial', partialReason: 'mcp_missing' };
   }
   if (status === 'draft') {
-    return 'partial';
+    return { tier: 'partial', partialReason: 'draft' };
   }
   if (status === 'published' || status === 'deployed') {
-    return 'ready';
+    return { tier: 'ready', partialReason: null };
+  }
+  return { tier: 'partial', partialReason: 'unknown_status' };
+}
+/**
+ * @param {Object} ds - ExternalDataSourceResponse-like
+ * @param {boolean} generateMcpContract - From application config
+ * @returns {'ready'|'partial'|'failed'}
+ */
+function classifyDatasourceTierA(ds, generateMcpContract) {
+  return classifyDatasourceTierADetail(ds, generateMcpContract).tier;
+}
+/**
+ * Short hint for CLI when Tier A is partial (machine codes from classifyDatasourceTierADetail).
+ * @param {string|null} partialReason
+ * @returns {string}
+ */
+function formatTierAPartialHint(partialReason) {
+  if (partialReason === 'mcp_missing') {
+    return 'no MCP contract stored (OpenAPI link or generation)';
+  }
+  if (partialReason === 'draft') {
+    return 'status draft (trigger paths / certification gate)';
   }
-  return 'partial';
+  if (partialReason === 'unknown_status') {
+    return 'unexpected lifecycle status';
+  }
+  return '';
 }
 /**
  * @param {Array<Object>} datasources - Datasource list
  * @param {boolean} generateMcpContract
- * @returns {{ rows: Array<{ key: string, tier: string }>, ready: number, partial: number, failed: number }}
+ * @returns {{ rows: Array<{ key: string, tier: string, partialReason?: string|null }>, ready: number, partial: number, failed: number }}
  */
 function summarizeDatasourceTiersA(datasources, generateMcpContract) {
   const rows = [];
@@ -75,10 +102,14 @@ function summarizeDatasourceTiersA(datasources, generateMcpContract) {
   let failed = 0;
   for (const ds of datasources || []) {
     const key = ds.key || ds.sourceKey || 'unknown';
-    const tier = classifyDatasourceTierA(ds, generateMcpContract);
-    rows.push({ key, tier });
-    if (tier === 'ready') ready += 1;
-    else if (tier === 'partial') partial += 1;
+    const detail = classifyDatasourceTierADetail(ds, generateMcpContract);
+    const row = { key, tier: detail.tier };
+    if (detail.tier === 'partial' && detail.partialReason) {
+      row.partialReason = detail.partialReason;
+    }
+    rows.push(row);
+    if (detail.tier === 'ready') ready += 1;
+    else if (detail.tier === 'partial') partial += 1;
     else failed += 1;
   }
   return { rows, ready, partial, failed };
@@ -401,7 +432,9 @@ module.exports = {
   unwrapApiData,
   unwrapPublicationResult,
   isPublicationResultShape,
+  classifyDatasourceTierADetail,
   classifyDatasourceTierA,
+  formatTierAPartialHint,
   summarizeDatasourceTiersA,
   aggregateVerdictFromCounts,
   classifyDatasourceTierB,

package/lib/utils/external-system-readiness-deploy-display.js CHANGED Viewed

@@ -83,7 +83,7 @@ function logDeployProbeDatasourceSection(probeData) {
  * @param {Object|null} systemFromDataplane
  * @param {boolean} genMcp
  */
-function logDeployContractsSection(systemFromDataplane, genMcp) {
+function logDeployContractsSection(systemFromDataplane, genMcp, dataplaneUrl, systemKey) {
   if (!systemFromDataplane) return;
   logSeparator();
   logSectionTitle('Contracts:');
@@ -94,7 +94,7 @@ function logDeployContractsSection(systemFromDataplane, genMcp) {
   } else {
     logger.log(chalk.gray('○ OpenAPI docs URL not available'));
   }
-  logDocsBlock(systemFromDataplane);
+  logDocsBlock(systemFromDataplane, { dataplaneUrl, systemKey, genMcp: mcpOk });
 }
 /**
@@ -260,7 +260,7 @@ function logDeployReadinessSummary(ctx) {
   logDeployIdentityAndCredentialBlocks(systemCfg, !!probeData);
-  logDeployContractsSection(systemFromDataplane, genMcp);
+  logDeployContractsSection(systemFromDataplane, genMcp, dataplaneUrl, systemKey);
   logDeployNextActionsSection(systemKey, probeData, summary, genMcp);
 }

package/lib/utils/external-system-readiness-display-internals.js CHANGED Viewed

@@ -9,7 +9,11 @@
 const chalk = require('chalk');
 const { failureGlyph, successGlyph } = require('./cli-test-layout-chalk');
 const logger = require('./logger');
-const { extractIdentitySummary, resolveCredentialTestEndpointDisplay } = require('./external-system-readiness-core');
+const {
+  extractIdentitySummary,
+  resolveCredentialTestEndpointDisplay,
+  formatTierAPartialHint
+} = require('./external-system-readiness-core');
 const SEP = chalk.gray('────────────────────────────────');
@@ -56,8 +60,12 @@ function logDatasourceTable(rows, counts, title) {
   logSectionTitle(title && String(title).trim() ? String(title).trim() : 'Datasources:');
   for (const r of rows) {
     const statusLabel = r.tier === 'ready' ? 'Ready' : r.tier === 'failed' ? 'Failed' : 'Partial';
+    const hint =
+      r.tier === 'partial' && r.partialReason
+        ? chalk.gray(` — ${formatTierAPartialHint(r.partialReason)}`)
+        : '';
     logger.log(
-      `${tierGlyph(r.tier)} ${r.key.padEnd(14, ' ')} ${chalk.gray('(' + statusLabel + ')')}`
+      `${tierGlyph(r.tier)} ${r.key.padEnd(14, ' ')} ${chalk.gray('(' + statusLabel + ')')}${hint}`
     );
   }
   logger.log('');
@@ -120,14 +128,35 @@ function logNextActions(actions, extraLine) {
   }
 }
+/**
+ * Dataplane serves MCP OpenAPI docs at /api/v1/mcp/{systemKey}/docs.
+ *
+ * @param {Object} sys - ExternalSystemResponse
+ * @param {{ dataplaneUrl?: string, systemKey?: string, genMcp?: boolean }} [opts]
+ * @returns {string|null}
+ */
+function deriveMcpDocsPageUrl(sys, opts) {
+  if (!sys || !opts) return null;
+  if (sys.mcpDocsPageUrl) return String(sys.mcpDocsPageUrl);
+  const { dataplaneUrl, systemKey, genMcp } = opts;
+  if (!genMcp || !dataplaneUrl || !systemKey) return null;
+  if (!sys.mcpServerUrl) return null;
+  if (!sys.openApiDocsPageUrl && !sys.apiDocumentUrl) return null;
+  const base = String(dataplaneUrl).replace(/\/+$/, '');
+  return `${base}/api/v1/mcp/${encodeURIComponent(systemKey)}/docs`;
+}
 /**
  * @param {Object} sys - ExternalSystemResponse
+ * @param {{ dataplaneUrl?: string, systemKey?: string, genMcp?: boolean }} [opts]
  */
-function logDocsBlock(sys) {
+function logDocsBlock(sys, opts) {
   if (!sys) return;
   const urls = [];
   if (sys.openApiDocsPageUrl) urls.push({ label: 'OpenAPI Docs Page', url: sys.openApiDocsPageUrl });
   if (sys.apiDocumentUrl) urls.push({ label: 'API Docs', url: sys.apiDocumentUrl });
+  const mcpDocs = deriveMcpDocsPageUrl(sys, opts);
+  if (mcpDocs) urls.push({ label: 'MCP Docs Page', url: mcpDocs });
   if (sys.mcpServerUrl) urls.push({ label: 'MCP Server', url: sys.mcpServerUrl });
   if (urls.length === 0) return;
   logSeparator();
@@ -147,5 +176,6 @@ module.exports = {
   logIdentityBlock,
   logCredentialIntentBlock,
   logNextActions,
+  deriveMcpDocsPageUrl,
   logDocsBlock
 };

package/lib/utils/external-system-readiness-display.js CHANGED Viewed

@@ -44,7 +44,16 @@ function logPublishResultBlock(publication) {
   }
   logSeparator();
   logSectionTitle('MCP Contract:');
-  logger.log(genMcp ? formatSuccessLine('Generated') : chalk.gray('○ Not requested (generateMcpContract false)'));
+  if (genMcp) {
+    logger.log(formatSuccessLine('Generation requested (manifest generateMcpContract)'));
+    logger.log(
+      chalk.gray(
+        '  Per-datasource MCP appears when dataplane stores mcpContract (OpenAPI resolves + generation succeeds).'
+      )
+    );
+  } else {
+    logger.log(chalk.gray('○ Not requested (generateMcpContract false)'));
+  }
 }
 /**

package/lib/utils/file-upload.js CHANGED Viewed

@@ -33,10 +33,10 @@ async function validateFileExists(filePath) {
  * @param {Object} additionalFields - Additional fields
  * @returns {Promise<FormData>} FormData object
  */
-async function buildFormData(filePath, fieldName, additionalFields) {
+async function buildFormData(filePath, fieldName, additionalFields, opts = {}) {
   const formData = new FormData();
   const fileContent = await fs.readFile(filePath);
-  const fileName = path.basename(filePath);
+  const fileName = opts.filenameOverride ? String(opts.filenameOverride) : path.basename(filePath);
   const fileBlob = new Blob([fileContent], { type: 'application/octet-stream' });
   formData.append(fieldName, fileBlob, fileName);
@@ -74,6 +74,43 @@ async function uploadFile(url, filePath, fieldName = 'file', authConfig = {}, ad
   return await client.postFormData(endpointPath, formData);
 }
+/**
+ * Upload a file using multipart/form-data but override the filename sent to the server.
+ * Useful when the server derives a key from the upload filename.
+ *
+ * @async
+ * @function uploadFileAs
+ * @param {string} url - Full API endpoint URL
+ * @param {string} filePath - Path to file to upload
+ * @param {string} filenameOverride - Filename to present to server (e.g. 'my-key.json')
+ * @param {string} fieldName - Form field name for the file (default: 'file')
+ * @param {Object} [authConfig] - Authentication configuration
+ * @param {Object} [additionalFields] - Additional form fields to include
+ * @returns {Promise<Object>} API response
+ */
+async function uploadFileAs(
+  url,
+  filePath,
+  filenameOverride,
+  fieldName = 'file',
+  authConfig = {},
+  additionalFields = {}
+) {
+  await validateFileExists(filePath);
+  if (!filenameOverride || typeof filenameOverride !== 'string') {
+    throw new Error('filenameOverride is required and must be a string');
+  }
+  const parsed = new URL(url);
+  const baseUrl = parsed.origin;
+  const endpointPath = parsed.pathname + parsed.search;
+  const formData = await buildFormData(filePath, fieldName, additionalFields, { filenameOverride });
+  const client = new ApiClient(baseUrl, authConfig);
+  return await client.postFormData(endpointPath, formData);
+}
 module.exports = {
-  uploadFile
+  uploadFile,
+  uploadFileAs
 };

package/lib/utils/health-check-db-init.js ADDED Viewed

@@ -0,0 +1,107 @@
+const chalk = require('chalk');
+const { formatSuccessLine } = require('./cli-test-layout-chalk');
+const logger = require('./logger');
+const { execWithDockerEnv } = require('./docker-exec');
+/**
+ * Checks if db-init container exists.
+ * @async
+ * @param {string} dbInitContainer
+ * @returns {Promise<boolean>}
+ */
+async function checkDbInitContainerExists(dbInitContainer) {
+  try {
+    const { stdout } = await execWithDockerEnv(
+      `docker ps -a --filter "name=${dbInitContainer}" --format "{{.Names}}"`
+    );
+    return stdout.trim() === dbInitContainer;
+  } catch {
+    return false;
+  }
+}
+/**
+ * Gets container exit code.
+ * @async
+ * @param {string} dbInitContainer
+ * @returns {Promise<string>}
+ */
+async function getContainerExitCode(dbInitContainer) {
+  const { stdout: exitCode } = await execWithDockerEnv(
+    `docker inspect --format='{{.State.ExitCode}}' ${dbInitContainer}`
+  );
+  return exitCode.trim();
+}
+/**
+ * Handles exited container status.
+ * @async
+ * @param {string} dbInitContainer
+ * @returns {Promise<boolean>}
+ */
+async function handleExitedContainer(dbInitContainer) {
+  const { stdout: status } = await execWithDockerEnv(
+    `docker inspect --format='{{.State.Status}}' ${dbInitContainer}`
+  );
+  if (status.trim() === 'exited') {
+    const exitCode = await getContainerExitCode(dbInitContainer);
+    if (exitCode === '0') {
+      logger.log(formatSuccessLine('Database initialization already completed'));
+    } else {
+      logger.log(chalk.yellow(`⚠ Database initialization exited with code ${exitCode}`));
+    }
+    return true;
+  }
+  return false;
+}
+/**
+ * Waits for container to exit (best-effort).
+ * @async
+ * @param {string} dbInitContainer
+ * @param {number} maxAttempts
+ * @returns {Promise<void>}
+ */
+async function waitForContainerExit(dbInitContainer, maxAttempts) {
+  for (let attempts = 0; attempts < maxAttempts; attempts++) {
+    const { stdout: currentStatus } = await execWithDockerEnv(
+      `docker inspect --format='{{.State.Status}}' ${dbInitContainer}`
+    );
+    if (currentStatus.trim() === 'exited') {
+      const exitCode = await getContainerExitCode(dbInitContainer);
+      if (exitCode === '0') {
+        logger.log(formatSuccessLine('Database initialization completed'));
+      } else {
+        logger.log(chalk.yellow(`⚠ Database initialization exited with code ${exitCode}`));
+      }
+      return;
+    }
+    await new Promise(resolve => setTimeout(resolve, 1000));
+  }
+}
+/**
+ * Checks if db-init container exists and waits for it to complete.
+ * @async
+ * @param {string} appName
+ * @returns {Promise<void>}
+ */
+async function waitForDbInit(appName) {
+  const dbInitContainer = `aifabrix-${appName}-db-init`;
+  try {
+    if (!(await checkDbInitContainerExists(dbInitContainer))) {
+      return;
+    }
+    if (await handleExitedContainer(dbInitContainer)) {
+      return;
+    }
+    logger.log(chalk.blue('Waiting for database initialization to complete...'));
+    await waitForContainerExit(dbInitContainer, 30);
+  } catch {
+    // db-init container might not exist, which is fine
+  }
+}
+module.exports = { waitForDbInit };