@aifabrix/builder 2.7.0 → 2.8.0

package/lib/app-deploy.js

@@ -366,6 +366,24 @@ async function deployApp(appName, options = {}) {
 
     validateAppName(appName);
 
+    // 2. Check if app type is external - route to external deployment
+    const yaml = require('js-yaml');
+    const fs = require('fs').promises;
+    const path = require('path');
+    const variablesPath = path.join(process.cwd(), 'builder', appName, 'variables.yaml');
+    try {
+      const variablesContent = await fs.readFile(variablesPath, 'utf8');
+      const variables = yaml.load(variablesContent);
+      if (variables.app && variables.app.type === 'external') {
+        const externalDeploy = require('./external-system-deploy');
+        await externalDeploy.deployExternalSystem(appName, options);
+        return { success: true, type: 'external' };
+      }
+    } catch (error) {
+      // If variables.yaml doesn't exist or can't be read, continue with normal deployment
+      // The error will be properly handled in loadDeploymentConfig
+    }
+
     // 2. Load deployment configuration
     config = await loadDeploymentConfig(appName, options);
     controllerUrl = config.controllerUrl || options.controller || 'unknown';

package/lib/app-dockerfile.js

@@ -84,6 +84,21 @@ async function generateAndCopyDockerfile(appPath, dockerfilePath, config) {
  * @returns {Promise<string>} Path to generated Dockerfile
  */
 async function generateDockerfileForApp(appName, options = {}) {
+  // Check if app type is external - skip Dockerfile generation
+  const configPath = path.join(process.cwd(), 'builder', appName, 'variables.yaml');
+  try {
+    const yamlContent = await fs.readFile(configPath, 'utf8');
+    const variables = yaml.load(yamlContent);
+    if (variables.app && variables.app.type === 'external') {
+      logger.log(chalk.yellow('⚠️  External systems don\'t require Dockerfiles. Skipping...'));
+      return null;
+    }
+  } catch (error) {
+    // If variables.yaml doesn't exist, continue with normal generation
+    if (error.code !== 'ENOENT') {
+      throw error;
+    }
+  }
   try {
     // Validate app name
     validateAppName(appName);

package/lib/app-prompts.js

@@ -13,11 +13,17 @@ const inquirer = require('inquirer');
 /**
  * Builds basic questions (port, language)
  * @param {Object} options - Provided options
+ * @param {string} [appType] - Application type (webapp, api, service, functionapp, external)
  * @returns {Array} Array of question objects
  */
-function buildBasicQuestions(options) {
+function buildBasicQuestions(options, appType) {
   const questions = [];
 
+  // Skip port and language for external type
+  if (appType === 'external') {
+    return questions;
+  }
+
   // Port validation
   if (!options.port) {
     questions.push({
@@ -55,11 +61,17 @@ function buildBasicQuestions(options) {
 /**
  * Builds service questions (database, redis, storage, authentication)
  * @param {Object} options - Provided options
+ * @param {string} [appType] - Application type (webapp, api, service, functionapp, external)
  * @returns {Array} Array of question objects
  */
-function buildServiceQuestions(options) {
+function buildServiceQuestions(options, appType) {
   const questions = [];
 
+  // Skip service questions for external type
+  if (appType === 'external') {
+    return questions;
+  }
+
   if (!Object.prototype.hasOwnProperty.call(options, 'database')) {
     questions.push({
       type: 'confirm',
@@ -99,6 +111,116 @@ function buildServiceQuestions(options) {
   return questions;
 }
 
+/**
+ * Builds external system configuration questions
+ * @param {Object} options - Provided options
+ * @param {string} appName - Application name
+ * @returns {Array} Array of question objects
+ */
+function buildExternalSystemQuestions(options, appName) {
+  const questions = [];
+
+  // System key (defaults to app name)
+  if (!options.systemKey) {
+    questions.push({
+      type: 'input',
+      name: 'systemKey',
+      message: 'What is the system key?',
+      default: appName,
+      validate: (input) => {
+        if (!input || input.trim().length === 0) {
+          return 'System key is required';
+        }
+        if (!/^[a-z0-9-]+$/.test(input)) {
+          return 'System key must contain only lowercase letters, numbers, and hyphens';
+        }
+        return true;
+      }
+    });
+  }
+
+  // System display name
+  if (!options.systemDisplayName) {
+    questions.push({
+      type: 'input',
+      name: 'systemDisplayName',
+      message: 'What is the system display name?',
+      default: appName.replace(/-/g, ' ').replace(/\b\w/g, l => l.toUpperCase()),
+      validate: (input) => {
+        if (!input || input.trim().length === 0) {
+          return 'System display name is required';
+        }
+        return true;
+      }
+    });
+  }
+
+  // System description
+  if (!options.systemDescription) {
+    questions.push({
+      type: 'input',
+      name: 'systemDescription',
+      message: 'What is the system description?',
+      default: `External system integration for ${appName}`,
+      validate: (input) => {
+        if (!input || input.trim().length === 0) {
+          return 'System description is required';
+        }
+        return true;
+      }
+    });
+  }
+
+  // System type
+  if (!options.systemType) {
+    questions.push({
+      type: 'list',
+      name: 'systemType',
+      message: 'What is the system type?',
+      choices: [
+        { name: 'OpenAPI', value: 'openapi' },
+        { name: 'MCP (Model Context Protocol)', value: 'mcp' },
+        { name: 'Custom', value: 'custom' }
+      ],
+      default: 'openapi'
+    });
+  }
+
+  // Authentication type
+  if (!options.authType) {
+    questions.push({
+      type: 'list',
+      name: 'authType',
+      message: 'What authentication type does the system use?',
+      choices: [
+        { name: 'OAuth2', value: 'oauth2' },
+        { name: 'API Key', value: 'apikey' },
+        { name: 'Basic Auth', value: 'basic' }
+      ],
+      default: 'apikey'
+    });
+  }
+
+  // Number of datasources
+  if (!options.datasourceCount) {
+    questions.push({
+      type: 'input',
+      name: 'datasourceCount',
+      message: 'How many datasources do you want to create?',
+      default: '1',
+      validate: (input) => {
+        const count = parseInt(input, 10);
+        if (isNaN(count) || count < 1 || count > 10) {
+          return 'Datasource count must be a number between 1 and 10';
+        }
+        return true;
+      }
+    });
+  }
+
+  return questions;
+}
+
 /**
  * Builds workflow questions (GitHub, Controller)
  * @param {Object} options - Provided options
@@ -186,7 +308,7 @@ function resolveOptionalBoolean(optionValue, answerValue, defaultValue) {
  * @returns {Object} Resolved configuration
  */
 function resolveConflicts(options, answers) {
-  return {
+  const config = {
     port: parseInt(resolveField(options.port, answers.port, 3000), 10),
     language: resolveField(options.language, answers.language, 'typescript'),
     database: resolveField(options.database, answers.database, false),
@@ -197,6 +319,28 @@ function resolveConflicts(options, answers) {
     controller: resolveOptionalBoolean(options.controller, answers.controller, false),
     controllerUrl: resolveField(options.controllerUrl, answers.controllerUrl, undefined)
   };
+
+  // Add external system fields if present
+  if (answers.systemKey || options.systemKey) {
+    config.systemKey = resolveField(options.systemKey, answers.systemKey, undefined);
+  }
+  if (answers.systemDisplayName || options.systemDisplayName) {
+    config.systemDisplayName = resolveField(options.systemDisplayName, answers.systemDisplayName, undefined);
+  }
+  if (answers.systemDescription || options.systemDescription) {
+    config.systemDescription = resolveField(options.systemDescription, answers.systemDescription, undefined);
+  }
+  if (answers.systemType || options.systemType) {
+    config.systemType = resolveField(options.systemType, answers.systemType, 'openapi');
+  }
+  if (answers.authType || options.authType) {
+    config.authType = resolveField(options.authType, answers.authType, 'apikey');
+  }
+  if (answers.datasourceCount || options.datasourceCount) {
+    config.datasourceCount = parseInt(resolveField(options.datasourceCount, answers.datasourceCount, 1), 10);
+  }
+
+  return config;
 }
 
 /**
@@ -225,17 +369,36 @@ async function promptForOptions(appName, options) {
     options.github = false;
   }
 
-  const questions = [
-    ...buildBasicQuestions(options),
-    ...buildServiceQuestions(options),
-    ...buildWorkflowQuestions(options)
-  ];
+  // Get app type from options (default to webapp)
+  const appType = options.type || 'webapp';
+
+  // Build questions based on app type
+  let questions = [];
+  if (appType === 'external') {
+    // For external type, prompt for external system configuration
+    questions = [
+      ...buildExternalSystemQuestions(options, appName),
+      ...buildWorkflowQuestions(options)
+    ];
+  } else {
+    // For regular apps, use standard prompts
+    questions = [
+      ...buildBasicQuestions(options, appType),
+      ...buildServiceQuestions(options, appType),
+      ...buildWorkflowQuestions(options)
+    ];
+  }
 
   // Prompt for missing options
   const answers = questions.length > 0 ? await inquirer.prompt(questions) : {};
 
   // Merge provided options with answers
-  return mergePromptAnswers(appName, options, answers);
+  const merged = mergePromptAnswers(appName, options, answers);
+
+  // Add type to merged config
+  merged.type = appType;
+
+  return merged;
 }
 
 module.exports = {

package/lib/app-push.js

@@ -179,6 +179,21 @@ function displayPushResults(registry, imageName, tags) {
  * @returns {Promise<void>} Resolves when push is complete
  */
 async function pushApp(appName, options = {}) {
+  // Check if app type is external - skip push
+  const configPath = path.join(process.cwd(), 'builder', appName, 'variables.yaml');
+  try {
+    const yamlContent = await fs.readFile(configPath, 'utf8');
+    const config = yaml.load(yamlContent);
+    if (config.app && config.app.type === 'external') {
+      logger.log(chalk.yellow('⚠️  External systems don\'t require Docker images. Skipping push...'));
+      return;
+    }
+  } catch (error) {
+    // If variables.yaml doesn't exist, continue with normal push
+    if (error.code !== 'ENOENT') {
+      throw error;
+    }
+  }
   try {
     // Validate app name
     validateAppName(appName);

package/lib/app-register.js

@@ -138,6 +138,20 @@ function extractAppConfiguration(variables, appKey, options) {
   const appKeyFromFile = variables.app?.key || appKey;
   const displayName = variables.app?.name || options.name || appKey;
   const description = variables.app?.description || '';
+
+  // Handle external type
+  if (variables.app?.type === 'external') {
+    return {
+      appKey: appKeyFromFile,
+      displayName,
+      description,
+      appType: 'external',
+      registryMode: 'external',
+      port: null, // External systems don't need ports
+      language: null // External systems don't need language
+    };
+  }
+
   const appType = variables.build?.language === 'typescript' ? 'webapp' : 'service';
   const registryMode = 'external';
   const port = variables.build?.port || options.port || 3000;

package/lib/app-run.js

@@ -43,6 +43,31 @@ async function runApp(appName, options = {}) {
   }
 
   try {
+    // Validate app name first
+    if (!appName || typeof appName !== 'string') {
+      throw new Error('Application name is required');
+    }
+
+    // Check if app type is external - skip Docker run
+    const yaml = require('js-yaml');
+    const fs = require('fs').promises;
+    const path = require('path');
+    const variablesPath = path.join(process.cwd(), 'builder', appName, 'variables.yaml');
+    try {
+      const variablesContent = await fs.readFile(variablesPath, 'utf8');
+      const variables = yaml.load(variablesContent);
+      if (variables.app && variables.app.type === 'external') {
+        logger.log(chalk.yellow('⚠️  External systems don\'t run as Docker containers.'));
+        logger.log(chalk.blue('Use "aifabrix build" to deploy to dataplane, then test via OpenAPI endpoints.'));
+        return;
+      }
+    } catch (error) {
+      // If variables.yaml doesn't exist, continue with normal run
+      if (error.code !== 'ENOENT') {
+        throw error;
+      }
+    }
+
     // Validate app name and load configuration
     const appConfig = await helpers.validateAppConfiguration(appName);
 

package/lib/app.js

@@ -38,20 +38,31 @@ function displaySuccessMessage(appName, config, envConversionMessage, hasAppFile
   if (hasAppFiles) {
     logger.log(chalk.blue(`Application files: apps/${appName}/`));
   }
-  logger.log(chalk.blue(`Language: ${config.language}`));
-  logger.log(chalk.blue(`Port: ${config.port}`));
 
-  if (config.database) logger.log(chalk.yellow('  - Database enabled'));
-  if (config.redis) logger.log(chalk.yellow('  - Redis enabled'));
-  if (config.storage) logger.log(chalk.yellow('  - Storage enabled'));
-  if (config.authentication) logger.log(chalk.yellow('  - Authentication enabled'));
-
-  logger.log(chalk.gray(envConversionMessage));
-
-  logger.log(chalk.green('\nNext steps:'));
-  logger.log(chalk.white('1. Copy env.template to .env and fill in your values'));
-  logger.log(chalk.white('2. Run: aifabrix build ' + appName));
-  logger.log(chalk.white('3. Run: aifabrix run ' + appName));
+  if (config.type === 'external') {
+    logger.log(chalk.blue('Type: External System'));
+    logger.log(chalk.blue(`System Key: ${config.systemKey || appName}`));
+    logger.log(chalk.green('\nNext steps:'));
+    logger.log(chalk.white('1. Edit external system JSON files in builder/' + appName + '/schemas/'));
+    logger.log(chalk.white('2. Run: aifabrix app register ' + appName + ' --environment dev'));
+    logger.log(chalk.white('3. Run: aifabrix build ' + appName + ' (deploys to dataplane)'));
+    logger.log(chalk.white('4. Run: aifabrix deploy ' + appName + ' (publishes to dataplane)'));
+  } else {
+    logger.log(chalk.blue(`Language: ${config.language}`));
+    logger.log(chalk.blue(`Port: ${config.port}`));
+
+    if (config.database) logger.log(chalk.yellow('  - Database enabled'));
+    if (config.redis) logger.log(chalk.yellow('  - Redis enabled'));
+    if (config.storage) logger.log(chalk.yellow('  - Storage enabled'));
+    if (config.authentication) logger.log(chalk.yellow('  - Authentication enabled'));
+
+    logger.log(chalk.gray(envConversionMessage));
+
+    logger.log(chalk.green('\nNext steps:'));
+    logger.log(chalk.white('1. Copy env.template to .env and fill in your values'));
+    logger.log(chalk.white('2. Run: aifabrix build ' + appName));
+    logger.log(chalk.white('3. Run: aifabrix run ' + appName));
+  }
 }
 
 /**
@@ -284,6 +295,12 @@ async function createApp(appName, options = {}) {
 
     await generateConfigFiles(appPath, appName, config, existingEnv);
 
+    // Generate external system files if type is external
+    if (config.type === 'external') {
+      const externalGenerator = require('./external-system-generator');
+      await externalGenerator.generateExternalSystemFiles(appPath, appName, config);
+    }
+
     if (options.app) {
       await setupAppFiles(appName, appPath, config, options);
     }

package/lib/audit-logger.js

@@ -106,9 +106,14 @@ function createAuditEntry(level, message, metadata = {}) {
   for (const [key, value] of Object.entries(metadata)) {
     // Skip null and undefined values to keep logs clean
     if (value !== null && value !== undefined) {
-      entry.metadata[key] = maskSensitiveData(
-        typeof value === 'string' ? value : JSON.stringify(value)
-      );
+      // Only mask strings; preserve other types (numbers, booleans, etc.)
+      if (typeof value === 'string') {
+        entry.metadata[key] = maskSensitiveData(value);
+      } else {
+        // For non-string values, stringify only if it's an object/array
+        // Preserve primitives (numbers, booleans) as-is
+        entry.metadata[key] = typeof value === 'object' ? JSON.stringify(value) : value;
+      }
     }
   }
 
@@ -280,7 +285,7 @@ async function logApiCall(url, options, statusCode, duration, success, errorInfo
     path,
     url: maskSensitiveData(url),
     controllerUrl: maskSensitiveData(controllerUrl),
-    statusCode,
+    statusCode: Number(statusCode),
     duration,
     success,
     timestamp: Date.now()

package/lib/build.js

@@ -335,6 +335,14 @@ async function postBuildTasks(appName, buildConfig) {
  * // Returns: 'myapp:latest'
  */
 async function buildApp(appName, options = {}) {
+  // Check if app type is external - deploy to dataplane instead of Docker build
+  const variables = await loadVariablesYaml(appName);
+  if (variables.app && variables.app.type === 'external') {
+    const externalDeploy = require('./external-system-deploy');
+    await externalDeploy.buildExternalSystem(appName, options);
+    return null;
+  }
+
   try {
     logger.log(chalk.blue(`\n🔨 Building application: ${appName}`));
 

package/lib/cli.js

@@ -38,6 +38,8 @@ function setupCommands(program) {
     .option('--client-id <id>', 'Client ID (for credentials method, overrides secrets.local.yaml)')
     .option('--client-secret <secret>', 'Client Secret (for credentials method, overrides secrets.local.yaml)')
     .option('-e, --environment <env>', 'Environment key (updates root-level environment in config.yaml, e.g., miso, dev, tst, pro)')
+    .option('--offline', 'Request offline token (adds offline_access scope, device flow only)')
+    .option('--scope <scopes>', 'Custom OAuth2 scope string (device flow only, default: "openid profile email")')
     .action(async(options) => {
       try {
         await handleLogin(options);
@@ -103,12 +105,18 @@ function setupCommands(program) {
     .option('-a, --authentication', 'Requires authentication/RBAC')
     .option('-l, --language <lang>', 'Runtime language (typescript/python)')
     .option('-t, --template <name>', 'Template to use (e.g., miso-controller, keycloak)')
+    .option('--type <type>', 'Application type (webapp, api, service, functionapp, external)', 'webapp')
     .option('--app', 'Generate minimal application files (package.json, index.ts or requirements.txt, main.py)')
     .option('-g, --github', 'Generate GitHub Actions workflows')
     .option('--github-steps <steps>', 'Extra GitHub workflow steps (comma-separated, e.g., npm,test)')
     .option('--main-branch <branch>', 'Main branch name for workflows', 'main')
     .action(async(appName, options) => {
       try {
+        // Validate type if provided
+        const validTypes = ['webapp', 'api', 'service', 'functionapp', 'external'];
+        if (options.type && !validTypes.includes(options.type)) {
+          throw new Error(`Invalid type: ${options.type}. Must be one of: ${validTypes.join(', ')}`);
+        }
         await app.createApp(appName, options);
       } catch (error) {
         handleCommandError(error, 'create');
@@ -158,6 +166,46 @@ function setupCommands(program) {
       }
     });
 
+  // Environment deployment command
+  const environment = program
+    .command('environment')
+    .description('Manage environments');
+
+  const deployEnvHandler = async(envKey, options) => {
+    try {
+      const environmentDeploy = require('./environment-deploy');
+      await environmentDeploy.deployEnvironment(envKey, options);
+    } catch (error) {
+      handleCommandError(error, 'environment deploy');
+      process.exit(1);
+    }
+  };
+
+  environment
+    .command('deploy <env>')
+    .description('Deploy/setup environment in Miso Controller')
+    .option('-c, --controller <url>', 'Controller URL (required)')
+    .option('--config <file>', 'Environment configuration file')
+    .option('--skip-validation', 'Skip environment validation')
+    .option('--poll', 'Poll for deployment status', true)
+    .option('--no-poll', 'Do not poll for status')
+    .action(deployEnvHandler);
+
+  // Alias: env deploy (register as separate command since Commander.js doesn't support multi-word aliases)
+  const env = program
+    .command('env')
+    .description('Environment management (alias for environment)');
+
+  env
+    .command('deploy <env>')
+    .description('Deploy/setup environment in Miso Controller')
+    .option('-c, --controller <url>', 'Controller URL (required)')
+    .option('--config <file>', 'Environment configuration file')
+    .option('--skip-validation', 'Skip environment validation')
+    .option('--poll', 'Poll for deployment status', true)
+    .option('--no-poll', 'Do not poll for status')
+    .action(deployEnvHandler);
+
   program.command('deploy <app>')
     .description('Deploy to Azure via Miso Controller')
     .option('-c, --controller <url>', 'Controller URL')

package/lib/commands/login.js

@@ -302,20 +302,51 @@ async function pollAndSaveDeviceCodeToken(controllerUrl, deviceCode, interval, e
   }
 }
 
+/**
+ * Build scope string from options
+ * @param {boolean} [offline] - Whether to request offline_access
+ * @param {string} [customScope] - Custom scope string
+ * @returns {string} Scope string
+ */
+function buildScope(offline, customScope) {
+  const defaultScope = 'openid profile email';
+
+  if (customScope) {
+    // If custom scope provided, use it and optionally add offline_access
+    if (offline && !customScope.includes('offline_access')) {
+      return `${customScope} offline_access`;
+    }
+    return customScope;
+  }
+
+  // Default scope with optional offline_access
+  if (offline) {
+    return `${defaultScope} offline_access`;
+  }
+
+  return defaultScope;
+}
+
 /**
  * Handle device code flow login
  * @async
  * @param {string} controllerUrl - Controller URL
  * @param {string} [environment] - Environment key from options
+ * @param {boolean} [offline] - Whether to request offline_access scope
+ * @param {string} [scope] - Custom scope string
  * @returns {Promise<{token: string, environment: string}>} Token and environment
  */
-async function handleDeviceCodeLogin(controllerUrl, environment) {
+async function handleDeviceCodeLogin(controllerUrl, environment, offline, scope) {
   const envKey = await getEnvironmentKey(environment);
+  const requestScope = buildScope(offline, scope);
 
   logger.log(chalk.blue('\n📱 Initiating device code flow...\n'));
+  if (offline) {
+    logger.log(chalk.gray(`Requesting offline token (scope: ${requestScope})\n`));
+  }
 
   try {
-    const deviceCodeResponse = await initiateDeviceCodeFlow(controllerUrl, envKey);
+    const deviceCodeResponse = await initiateDeviceCodeFlow(controllerUrl, envKey, requestScope);
 
     displayDeviceCodeInfo(deviceCodeResponse.user_code, deviceCodeResponse.verification_uri, logger, chalk);
 
@@ -369,6 +400,12 @@ async function handleLogin(options) {
   let token;
   let expiresAt;
 
+  // Validate scope options - only applicable to device flow
+  if (method === 'credentials' && (options.offline || options.scope)) {
+    logger.log(chalk.yellow('⚠️  Warning: --offline and --scope options are only available for device flow'));
+    logger.log(chalk.gray('   These options will be ignored for credentials method\n'));
+  }
+
   if (method === 'credentials') {
     if (!options.app) {
       logger.error(chalk.red('❌ --app is required for credentials login method'));
@@ -379,7 +416,7 @@ async function handleLogin(options) {
     expiresAt = loginResult.expiresAt;
     await saveCredentialsLoginConfig(controllerUrl, token, expiresAt, environment, options.app);
   } else if (method === 'device') {
-    const result = await handleDeviceCodeLogin(controllerUrl, options.environment);
+    const result = await handleDeviceCodeLogin(controllerUrl, options.environment, options.offline, options.scope);
     token = result.token;
     environment = result.environment;
     return; // Early return for device flow (already saved config)