@aifabrix/builder 2.44.5 → 2.45.0

package/lib/commands/teardown.js

@@ -0,0 +1,277 @@
+/**
+ * `aifabrix teardown` — full teardown of local infra and CLI state.
+ *
+ * Performs:
+ *   1. `down-infra -v` (stop infra + apps, remove all Docker volumes).
+ *   2. Remove every entry inside `~/.aifabrix/` (or the equivalent
+ *      `getAifabrixSystemDir()`-resolved directory) except `config.yaml`.
+ *      This includes `secrets.local.yaml`, `admin-secrets.env`,
+ *      auth/token files, and any `infra-dev*` directories.
+ *
+ * Confirmation is required by default; pass `--yes` / `-y` to skip.
+ *
+ * @fileoverview aifabrix teardown handler
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const inquirer = require('inquirer');
+const chalk = require('chalk');
+const ora = require('ora');
+
+const config = require('../core/config');
+const installationLog = require('../utils/installation-log');
+const infra = require('../infrastructure');
+const pathsUtil = require('../utils/paths');
+const logger = require('../utils/logger');
+const { withMutedLogger } = require('../utils/with-muted-logger');
+const {
+  formatSuccessLine,
+  formatSuccessParagraph,
+  formatProgress,
+  successGlyph
+} = require('../utils/cli-test-layout-chalk');
+
+/** File name kept by teardown (lowercase exact match). */
+const PRESERVE_FILE = 'config.yaml';
+/** Directory preserved by teardown (holds developer TLS client certs). */
+const PRESERVE_CERTS_DIR = 'certs';
+
+const PRESERVE_ENTRY_NAMES = new Set([PRESERVE_FILE, PRESERVE_CERTS_DIR]);
+
+const SEPARATOR = '────────────────────────────────────────';
+
+function title(text) {
+  return chalk.bold(text);
+}
+
+function shouldUseSpinner() {
+  return Boolean(process && process.stdout && process.stdout.isTTY);
+}
+
+function startSpinner(text) {
+  if (!shouldUseSpinner()) {
+    logger.log(formatProgress(text));
+    return null;
+  }
+  return ora({ text, spinner: 'dots' }).start();
+}
+
+function stopSpinnerSuccess(spinner, text) {
+  if (!spinner) {
+    logger.log(formatSuccessLine(text));
+    return;
+  }
+  spinner.succeed(text);
+}
+
+/**
+ * Ask the user to confirm teardown unless `assumeYes` is true.
+ * @async
+ * @param {boolean} assumeYes
+ * @returns {Promise<boolean>}
+ */
+async function confirmTeardown(assumeYes) {
+  if (assumeYes) return true;
+  const { ok } = await inquirer.prompt([
+    {
+      type: 'confirm',
+      name: 'ok',
+      message:
+        'This will stop all infra + apps, DELETE every Docker volume, and remove every file in ~/.aifabrix/ except config.yaml and certs/. Continue?',
+      default: false
+    }
+  ]);
+  return ok === true;
+}
+
+/**
+ * Remove every entry in the AI Fabrix system directory except `config.yaml`.
+ * Each removal is logged. Errors per entry are caught and logged so the
+ * teardown surfaces partial-success information instead of bailing on the
+ * first ENOENT/EBUSY.
+ *
+ * @returns {{ removed: string[], failed: string[] }}
+ */
+function cleanAifabrixSystemDir() {
+  const dir = pathsUtil.getAifabrixSystemDir();
+  const removed = [];
+  const failed = [];
+  if (!fs.existsSync(dir)) {
+    return { removed, failed };
+  }
+  const entries = fs.readdirSync(dir, { withFileTypes: true });
+  for (const entry of entries) {
+    if (PRESERVE_ENTRY_NAMES.has(entry.name)) continue;
+    const target = path.join(dir, entry.name);
+    try {
+      fs.rmSync(target, { recursive: true, force: true });
+      removed.push(target);
+    } catch (err) {
+      failed.push(target);
+    }
+  }
+  return { removed, failed };
+}
+
+/**
+ * Stop infra with `down-infra -v` semantics. Tolerates already-down state.
+ * @async
+ * @returns {Promise<void>}
+ */
+async function stopInfraQuietly() {
+  try {
+    const spin = startSpinner('Stopping infrastructure (down-infra -v)...');
+    await withMutedLogger(async() => {
+      await infra.stopInfraWithVolumes();
+    });
+    stopSpinnerSuccess(spin, 'Infrastructure stopped and volumes removed');
+  } catch (err) {
+    logger.log(
+      chalk.yellow(
+        `Infrastructure already down or could not be stopped cleanly: ${err.message}`
+      )
+    );
+  }
+}
+
+function logFooterStart(label) {
+  logger.log('');
+  logger.log(SEPARATOR);
+  logger.log(title(label));
+  logger.log(SEPARATOR);
+  logger.log('');
+}
+
+function logFooterEnd() {
+  logger.log(SEPARATOR);
+}
+
+function logSection(label, value) {
+  logger.log(title(label));
+  logger.log(`  ${value}`);
+  logger.log('');
+}
+
+async function buildDeveloperLabel() {
+  const developerId = await config.getDeveloperId();
+  const idNum = typeof developerId === 'string' ? parseInt(developerId, 10) : developerId;
+  if (!Number.isFinite(idNum)) return 'unknown';
+  return `dev${String(idNum).padStart(2, '0')} (id: ${idNum})`;
+}
+
+function logTeardownHeader() {
+  logger.log('');
+  logger.log(title('AI Fabrix Shutdown'));
+  logger.log(SEPARATOR);
+  logger.log('');
+}
+
+function logTeardownFooter({ devStr, removedCount, failedCount }) {
+  logFooterStart('Stopped');
+  logSection('Developer', devStr);
+  logSection(
+    'Cleaned',
+    `${successGlyph()} Removed ${removedCount} item(s) (${PRESERVE_FILE} and ${PRESERVE_CERTS_DIR}/ preserved)`
+  );
+  logger.log(chalk.yellow('⚠ Volumes removed: all local data deleted'));
+  logger.log('');
+  if (failedCount > 0) {
+    logger.log(chalk.yellow(`⚠ Could not remove ${failedCount} item(s)`));
+    logger.log('');
+  }
+  logFooterEnd();
+}
+
+function cleanFilesWithSpinner() {
+  const cleanSpin = startSpinner('Removing installation files...');
+  const result = cleanAifabrixSystemDir();
+  stopSpinnerSuccess(cleanSpin, `Removed ${result.removed.length} installation item(s)`);
+  return result;
+}
+
+async function appendTeardownAbortedLog(options) {
+  const t = new Date();
+  try {
+    await installationLog.appendInstallationRecord({
+      command: 'teardown',
+      outcome: 'aborted',
+      startedAt: t,
+      completedAt: t,
+      options
+    });
+  } catch {
+    // ignore
+  }
+}
+
+async function appendTeardownSuccessLog(options, startedAt) {
+  let cfg = {};
+  try {
+    cfg = await config.getConfig();
+  } catch {
+    cfg = {};
+  }
+  try {
+    await installationLog.appendInstallationRecord({
+      command: 'teardown',
+      outcome: 'success',
+      startedAt,
+      completedAt: new Date(),
+      options,
+      infra: { cfg, options: {} },
+      cleanup: { volumesRemoved: true, configPreserved: true },
+      configExtra: {
+        controllerUrl: await installationLog.resolveControllerUrlForLog(),
+        adminEmail: await installationLog.resolveAdminEmailPresence()
+      }
+    });
+  } catch {
+    // ignore
+  }
+}
+
+/**
+ * Run the teardown.
+ *
+ * @async
+ * @function handleTeardown
+ * @param {Object} [options] - Commander options
+ * @param {boolean} [options.yes] - Skip the confirmation prompt
+ * @returns {Promise<void>}
+ */
+async function handleTeardown(options = {}) {
+  const assumeYes = options.yes === true || options.assumeYes === true;
+  logTeardownHeader();
+
+  const ok = await confirmTeardown(assumeYes);
+  if (!ok) {
+    await appendTeardownAbortedLog(options);
+    logger.log(chalk.yellow('Aborted by user.'));
+    return;
+  }
+
+  const startedAt = new Date();
+  try {
+    await stopInfraQuietly();
+    const { removed, failed } = cleanFilesWithSpinner();
+    const devStr = await buildDeveloperLabel();
+    logTeardownFooter({ devStr, removedCount: removed.length, failedCount: failed.length });
+
+    logger.log(formatSuccessParagraph('aifabrix teardown complete.'));
+  } finally {
+    await appendTeardownSuccessLog(options, startedAt);
+  }
+}
+
+module.exports = {
+  handleTeardown,
+  cleanAifabrixSystemDir,
+  stopInfraQuietly,
+  PRESERVE_FILE,
+  PRESERVE_CERTS_DIR
+};

package/lib/commands/up-common.js

@@ -20,6 +20,24 @@ const { loadConfigFile, writeConfigFile } = require('../utils/config-format');
 const { isYamlPath } = require('../utils/config-format');
 const { copyTemplateFiles } = require('../validation/template');
 const { ensureReadmeForAppPath, ensureReadmeForApp } = require('../app/readme');
+const { refreshUrlsLocalRegistryFromBuilder } = require('../utils/urls-local-registry');
+
+/**
+ * @param {string[]} entries
+ * @returns {string[]}
+ */
+function uniqueResolvedRoots(entries) {
+  const seen = new Set();
+  const out = [];
+  for (const e of entries) {
+    const r = path.resolve(e);
+    if (!seen.has(r)) {
+      seen.add(r);
+      out.push(r);
+    }
+  }
+  return out;
+}
 
 /**
  * Copy template to a target path if application config is missing there.
@@ -98,8 +116,9 @@ function patchEnvOutputPathInFile(configPath) {
 function validateEnvOutputPathFolderOrNull(appName) {
   if (!appName || typeof appName !== 'string') return;
   const pathsToPatch = [pathsUtil.getBuilderPath(appName)];
+  const envBuilderRoot = process.env.AIFABRIX_BUILDER_DIR && String(process.env.AIFABRIX_BUILDER_DIR).trim();
   const cwdBuilderPath = path.join(process.cwd(), 'builder', appName);
-  if (path.resolve(cwdBuilderPath) !== path.resolve(pathsToPatch[0])) {
+  if (envBuilderRoot && path.resolve(cwdBuilderPath) !== path.resolve(pathsToPatch[0])) {
     pathsToPatch.push(cwdBuilderPath);
   }
   for (const appPath of pathsToPatch) {
@@ -176,49 +195,88 @@ function patchEnvOutputPathForDeployOnly(appName) {
  *
  * @returns {Promise<void>}
  */
-async function applyUpPlatformForceConfig() {
+async function applyUpPlatformForceConfig(opts = {}) {
+  const silent = Boolean(opts.silent);
   const deviceCleared = await config.clearAllDeviceTokens();
   const clientCleared = await config.clearAllClientTokens();
   await config.setCurrentEnvironment('dev');
   const defaultControllerUrl = await getDefaultControllerUrl();
   await config.setControllerUrl(defaultControllerUrl);
-  logger.log(
-    chalk.blue(
-      `--force: cleared ${deviceCleared} device token(s) and ${clientCleared} client token(s); ` +
-        `environment set to dev; default controller set to ${defaultControllerUrl} (run aifabrix login after platform is up)`
-    )
-  );
+
+  const summary = { deviceCleared, clientCleared, defaultControllerUrl, environment: 'dev' };
+  if (!silent) {
+    logger.log(
+      chalk.blue(
+        `--force: cleared ${deviceCleared} device token(s) and ${clientCleared} client token(s); ` +
+          `environment set to dev; default controller set to ${defaultControllerUrl} (run aifabrix login after platform is up)`
+      )
+    );
+  }
+  return summary;
 }
 
 /**
- * Removes builder app directories for the given app names. Only removes paths under the builder root
- * to prevent path traversal. Uses getBuilderPath for each app and validates before removal.
+ * True when resolved path is the root itself or a subdirectory of an allowed builder root.
+ * @param {string} resolvedAppPath
+ * @param {string[]} allowedRoots - Absolute resolved directory roots
+ * @returns {boolean}
+ */
+function isUnderAllowedBuilderRoot(resolvedAppPath, allowedRoots) {
+  for (const root of allowedRoots) {
+    const r = path.resolve(root);
+    if (resolvedAppPath === r || resolvedAppPath.startsWith(r + path.sep)) {
+      return true;
+    }
+  }
+  return false;
+}
+
+/**
+ * Removes builder app directories for the given app names. Only removes paths under an allowed
+ * builder root (project `builder/` or `~/.aifabrix/builder/`) to prevent path traversal.
+ * Uses {@link pathsUtil.getBuilderPath} for each app (system apps may resolve under the config dir).
  *
  * @param {string[]} appNames - Application names (e.g. ['keycloak', 'miso-controller', 'dataplane'])
  * @returns {Promise<void>}
- * @throws {Error} If any path is outside builder root (path traversal attempt)
+ * @throws {Error} If any path is outside allowed builder roots (path traversal attempt)
  */
-async function cleanBuilderAppDirs(appNames) {
+async function cleanBuilderAppDirs(appNames, opts = {}) {
+  const silent = Boolean(opts.silent);
   if (!Array.isArray(appNames) || appNames.length === 0) return;
-  const builderRoot = path.resolve(pathsUtil.getBuilderRoot());
+  const allowedRoots = uniqueResolvedRoots([
+    path.join(process.cwd(), 'builder'),
+    pathsUtil.getBuilderRoot(),
+    pathsUtil.getSystemBuilderRoot()
+  ]);
+  const cleaned = [];
   for (const appName of appNames) {
     if (!appName || typeof appName !== 'string') continue;
     const appPath = path.resolve(pathsUtil.getBuilderPath(appName));
-    if (!appPath.startsWith(builderRoot + path.sep) && appPath !== builderRoot) {
-      throw new Error(`Path ${appPath} is outside builder root ${builderRoot}; refusing to clean`);
+    if (!isUnderAllowedBuilderRoot(appPath, allowedRoots)) {
+      throw new Error(
+        `Path ${appPath} is outside allowed builder roots (${allowedRoots.join(', ')}); refusing to clean`
+      );
     }
     if (fs.existsSync(appPath)) {
       fs.rmSync(appPath, { recursive: true });
-      logger.log(chalk.blue(`Cleaned builder/${appName}`));
+      cleaned.push(appName);
+      if (!silent) {
+        logger.log(chalk.blue(`Cleaned builder/${appName}`));
+      }
     }
   }
+  return cleaned;
 }
 
 /**
  * Ensures builder app directory exists from template if application config is missing.
  * If builder/<appName>/application config does not exist, copies from templates/applications/<appName>.
  * Uses AIFABRIX_BUILDER_DIR when set (e.g. by up-miso/up-dataplane from config aifabrix-env-config).
- * When using a custom builder dir, also populates cwd/builder/<appName> so the repo's builder/ is not empty.
+ * When `process.env.AIFABRIX_BUILDER_DIR` is set and the primary app path differs from
+ * `cwd/builder/<appName>`, also copies into `cwd/builder/<appName>` so the repo tree is not empty
+ * while using a custom builder root. Skips that extra copy for platform apps (`keycloak`,
+ * `miso-controller`, `dataplane`) so they materialize only under the system builder root, and when
+ * no custom dir is in use.
  *
  * @async
  * @function ensureAppFromTemplate
@@ -241,8 +299,13 @@ async function ensureAppFromTemplate(appName) {
     logger.log(formatSuccessLine(`Copied template for ${appName}`));
   }
 
+  const envBuilderRoot = process.env.AIFABRIX_BUILDER_DIR && String(process.env.AIFABRIX_BUILDER_DIR).trim();
   const cwdBuilderPath = path.join(process.cwd(), 'builder', appName);
-  if (path.resolve(cwdBuilderPath) !== path.resolve(appPath)) {
+  if (
+    envBuilderRoot &&
+    path.resolve(cwdBuilderPath) !== path.resolve(appPath) &&
+    !pathsUtil.isSystemBuilderAppName(appName)
+  ) {
     const cwdCopied = await ensureTemplateAtPath(appName, cwdBuilderPath);
     if (cwdCopied) {
       logger.log(chalk.blue(`Creating builder/${appName} in project (from template)...`));
@@ -254,11 +317,42 @@ async function ensureAppFromTemplate(appName) {
   return primaryCopied;
 }
 
+/**
+ * Merge builder/packages `application.yaml` into `~/.aifabrix/urls.local.yaml`.
+ * Same scan as the end of {@link prepareUrlsLocalRegistryForUpPlatform}; call after platform app
+ * templates exist (e.g. `up-miso`, `up-dataplane`) so declarative `url://` and tooling see ports/patterns.
+ */
+function refreshUrlsLocalRegistryForCurrentProject() {
+  try {
+    refreshUrlsLocalRegistryFromBuilder(pathsUtil.getProjectRoot());
+  } catch (error) {
+    logger.warn(chalk.yellow(`⚠  Could not refresh URLs registry: ${error.message}`));
+  }
+}
+
+/**
+ * For `aifabrix up-platform` only: materialize all three platform apps from templates if missing
+ * (paths follow cwd / material `builder/` only — no `AIFABRIX_BUILDER_DIR` override), then refresh
+ * `~/.aifabrix/urls.local.yaml` so declarative `url://` expansion (e.g. cross-references between
+ * miso-controller, dataplane, keycloak) sees every app's port and pattern before Keycloak or Miso
+ * resolve their `.env` files.
+ *
+ * @returns {Promise<void>}
+ */
+async function prepareUrlsLocalRegistryForUpPlatform() {
+  await ensureAppFromTemplate('keycloak');
+  await ensureAppFromTemplate('miso-controller');
+  await ensureAppFromTemplate('dataplane');
+  refreshUrlsLocalRegistryForCurrentProject();
+}
+
 module.exports = {
   applyUpPlatformForceConfig,
   cleanBuilderAppDirs,
   ensureAppFromTemplate,
   patchEnvOutputPathForDeployOnly,
   validateEnvOutputPathFolderOrNull,
-  getEnvOutputPathFolder
+  getEnvOutputPathFolder,
+  prepareUrlsLocalRegistryForUpPlatform,
+  refreshUrlsLocalRegistryForCurrentProject
 };

package/lib/commands/up-dataplane.js

@@ -2,17 +2,16 @@ const { formatSuccessLine, formatSuccessParagraph } = require('../utils/cli-test
 /**
  * AI Fabrix Builder - Up Dataplane Command
  *
- * Always local deployment: registers or rotates dataplane app in dev, sends
- * deployment manifest to Miso Controller, then runs the dataplane app locally
- * (same as aifabrix deploy dataplane --local). If app is already
- * registered, uses rotate-secret; otherwise registers.
+ * Always local deployment: requires dev infra (same gate as up-miso), then registers or
+ * rotates dataplane in dev, sends deployment manifest to Miso Controller, then runs dataplane
+ * locally (same as aifabrix deploy dataplane --local). If app is already registered, uses
+ * rotate-secret; otherwise registers.
  *
  * @fileoverview up-dataplane command implementation
  * @author AI Fabrix Team
  * @version 2.0.0
  */
 
-const path = require('path');
 const readline = require('readline');
 const chalk = require('chalk');
 const pathsUtil = require('../utils/paths');
@@ -29,7 +28,8 @@ const { checkApplicationExists } = require('../utils/app-existence');
 const { checkHealthEndpoint } = require('../utils/health-check');
 const { validateControllerUrl } = require('../utils/auth-config-validator');
 const app = require('../app');
-const { ensureAppFromTemplate, validateEnvOutputPathFolderOrNull } = require('./up-common');
+const { assertDevInfraUp } = require('./dev-infra-gate');
+const { ensureAppFromTemplate, validateEnvOutputPathFolderOrNull, refreshUrlsLocalRegistryForCurrentProject } = require('./up-common');
 
 const CONTROLLER_HEALTH_PATH = '/health';
 
@@ -130,7 +130,14 @@ async function registerOrRotateDataplane(options, controllerUrl, environmentKey,
  */
 async function deployDataplaneToController(options) {
   const imageOverride = options.image || buildDataplaneImageRef(options);
-  const deployOpts = { imageOverride, image: imageOverride, registryMode: options.registryMode };
+  const deployOpts = {
+    imageOverride,
+    image: imageOverride,
+    registryMode: options.registryMode,
+    // Guided up-platform already shows a top-level spinner for the dataplane step.
+    // Avoid nested deploy polling spinners/logs.
+    silentPoll: options.platformInstall === true
+  };
   await app.deployApp('dataplane', deployOpts);
 }
 
@@ -160,6 +167,20 @@ function buildDataplaneImageRef(options = {}) {
   }
 }
 
+function emitDataplaneManifestLineFromBuilder() {
+  const { emitSystemBuilderAppManifestLineIfTTY } = require('../utils/manifest-source-emit');
+  emitSystemBuilderAppManifestLineIfTTY(logger, 'dataplane');
+}
+
+function assertDevEnvironmentForDataplane(cfg) {
+  const environment = (cfg && cfg.environment) ? cfg.environment : 'dev';
+  if (environment !== 'dev') {
+    throw new Error(
+      'Dataplane is only supported in dev environment. Set with: aifabrix auth --set-environment dev.'
+    );
+  }
+}
+
 /**
  * Handle up-dataplane command: ensure logged in, environment dev, ensure dataplane,
  * register or rotate (if already registered), deploy (send manifest to controller),
@@ -171,40 +192,44 @@ function buildDataplaneImageRef(options = {}) {
  * @param {string} [options.registry] - Override registry for dataplane
  * @param {string} [options.registryMode] - Override registry mode (acr|external)
  * @param {string} [options.image] - Override image reference for dataplane
+ * @param {boolean} [options.skipInfraCheck] - When true, skip Postgres/Redis gate (caller already verified, e.g. guided up-dataplane).
  * @returns {Promise<void>}
- * @throws {Error} If not logged in, environment not dev, or any step fails
+ * @throws {Error} If infra not up, controller unavailable, not logged in, environment not dev, or any step fails
  */
 async function handleUpDataplane(options = {}) {
-  const builderDir = await config.getAifabrixBuilderDir();
-  if (builderDir) {
-    process.env.AIFABRIX_BUILDER_DIR = path.resolve(builderDir);
-  }
   logger.log(chalk.blue('Starting up-dataplane (register/rotate, deploy, then run dataplane locally)...\n'));
 
+  if (options.skipInfraCheck !== true) {
+    await assertDevInfraUp();
+  }
+
   const controllerUrl = await resolveControllerUrlWithHealthCheck();
   const environmentKey = await resolveEnvironment();
   const authConfig = await checkAuthentication(controllerUrl, environmentKey, { throwOnFailure: true });
 
   const cfg = await config.getConfig();
-  const environment = (cfg && cfg.environment) ? cfg.environment : 'dev';
-  if (environment !== 'dev') {
-    throw new Error(
-      'Dataplane is only supported in dev environment. Set with: aifabrix auth --set-environment dev.'
-    );
-  }
+  assertDevEnvironmentForDataplane(cfg);
   logger.log(formatSuccessLine('Logged in and environment is dev'));
 
   await ensureAppFromTemplate('dataplane');
   // If envOutputPath target folder does not exist, set envOutputPath to null
   validateEnvOutputPathFolderOrNull('dataplane');
 
+  refreshUrlsLocalRegistryForCurrentProject();
+
+  if (options.platformInstall !== true) {
+    emitDataplaneManifestLineFromBuilder();
+  }
+
   await registerOrRotateDataplane(options, controllerUrl, environmentKey, authConfig);
 
   await deployDataplaneToController(options);
   logger.log('');
   await app.runApp('dataplane', {
     skipEnvOutputPath: true,
-    registry: options.registry || undefined
+    registry: options.registry || undefined,
+    base: options.base !== false,
+    skipManifestMetadataLine: true
   });
 
   logger.log(formatSuccessParagraph('up-dataplane complete. Dataplane is registered, deployed in dev, and running locally.'));

package/lib/commands/up-miso.js

@@ -1,22 +1,25 @@
-const { formatSuccessLine, formatSuccessParagraph } = require('../utils/cli-test-layout-chalk');
+const { formatSuccessParagraph } = require('../utils/cli-test-layout-chalk');
 /**
  * AI Fabrix Builder - Up Miso Command
  *
  * Installs keycloak and miso-controller from images (no build). For dataplane, use up-dataplane.
- * Assumes infra is up; sets dev secrets and resolves (no force; existing .env values preserved).
+ * Ensures dev Postgres/Redis are up, then sets dev secrets and resolves (no force; existing .env values preserved).
  *
  * @fileoverview up-miso command implementation
  * @author AI Fabrix Team
  * @version 2.0.0
  */
 
-const path = require('path');
 const chalk = require('chalk');
 const logger = require('../utils/logger');
-const config = require('../core/config');
-const infra = require('../infrastructure');
 const app = require('../app');
-const { ensureAppFromTemplate, patchEnvOutputPathForDeployOnly, validateEnvOutputPathFolderOrNull } = require('./up-common');
+const { assertDevInfraUp } = require('./dev-infra-gate');
+const {
+  ensureAppFromTemplate,
+  patchEnvOutputPathForDeployOnly,
+  validateEnvOutputPathFolderOrNull,
+  refreshUrlsLocalRegistryForCurrentProject
+} = require('./up-common');
 
 /**
  * Parse --image options array into map { keycloak?: string, 'miso-controller'?: string }
@@ -45,11 +48,14 @@ function parseImageOptions(imageOpts) {
  */
 async function runMisoApps(options) {
   const imageMap = parseImageOptions(options.image);
+  const useBaseImage = options.base !== false;
   const common = {
     registry: options.registry,
     registryMode: options.registryMode,
     skipEnvOutputPath: true,
-    skipInfraCheck: true
+    skipInfraCheck: true,
+    base: useBaseImage,
+    skipManifestMetadataLine: true
   };
   const keycloakRunOpts = { ...common };
   if (imageMap.keycloak) {
@@ -59,9 +65,12 @@ async function runMisoApps(options) {
   if (imageMap['miso-controller']) {
     misoRunOpts.image = imageMap['miso-controller'];
   }
+  const { emitSystemBuilderAppManifestLineIfTTY } = require('../utils/manifest-source-emit');
   logger.log(chalk.blue('Starting keycloak...'));
+  emitSystemBuilderAppManifestLineIfTTY(logger, 'keycloak');
   await app.runApp('keycloak', keycloakRunOpts);
   logger.log(chalk.blue('Starting miso-controller...'));
+  emitSystemBuilderAppManifestLineIfTTY(logger, 'miso-controller');
   await app.runApp('miso-controller', misoRunOpts);
 }
 
@@ -78,18 +87,8 @@ async function runMisoApps(options) {
  * @throws {Error} If infra not up or any step fails
  */
 async function handleUpMiso(options = {}) {
-  const builderDir = await config.getAifabrixBuilderDir();
-  if (builderDir) {
-    process.env.AIFABRIX_BUILDER_DIR = path.resolve(builderDir);
-  }
   logger.log(chalk.blue('Starting up-miso (keycloak + miso-controller from images)...\n'));
-  // Strict: only this developer's infra (same as status), so up-miso and status agree
-  const health = await infra.checkInfraHealth(undefined, { strict: true });
-  const allHealthy = Object.values(health).every(status => status === 'healthy');
-  if (!allHealthy) {
-    throw new Error('Infrastructure is not up. Run \'aifabrix up-infra\' first.');
-  }
-  logger.log(formatSuccessLine('Infrastructure is up'));
+  await assertDevInfraUp();
   await ensureAppFromTemplate('keycloak');
   await ensureAppFromTemplate('miso-controller');
   // If envOutputPath target folder does not exist, set envOutputPath to null
@@ -98,6 +97,7 @@ async function handleUpMiso(options = {}) {
   // Deploy-only: do not copy .env to repo paths; patch variables so envOutputPath is null
   patchEnvOutputPathForDeployOnly('keycloak');
   patchEnvOutputPathForDeployOnly('miso-controller');
+  refreshUrlsLocalRegistryForCurrentProject();
   await runMisoApps(options);
   logger.log(formatSuccessParagraph('up-miso complete. Keycloak and miso-controller are running.') +
     chalk.gray('\n  Run onboarding and register Keycloak from the miso-controller repo if needed. Use \'aifabrix up-dataplane\' for dataplane.'));