@ait-co/console-cli 0.1.34 → 0.1.36

package/README.en.md

@@ -22,7 +22,7 @@ The installer detects OS (`uname -s`) and arch (`uname -m`), downloads the match
 Pin a specific version:
 
 ```sh
-curl -fsSL https://raw.githubusercontent.com/apps-in-toss-community/console-cli/main/install.sh | AITCC_VERSION=v0.1.1 sh
+curl -fsSL https://raw.githubusercontent.com/apps-in-toss-community/console-cli/main/install.sh | AITCC_VERSION=v0.1.34 sh
 ```
 
 Override the install directory with `AITCC_INSTALL_DIR=/custom/path` (default `$HOME/.local/bin`).
@@ -128,7 +128,7 @@ For one-shot CI runs (e.g. `aitcc app deploy` from a workflow), seed the runner
 
 ```sh
 # Desktop (already logged in):
-aitcc auth export --format env >> $GITHUB_ENV       # or: aitcc auth export --format env  → store as a secret
+aitcc auth export --format env >> $GITHUB_ENV       # or store as a secret
 # CI (with the secret exposed as $AITCC_SESSION):
 aitcc app deploy ./aitc-sdk-example.ait --json
 ```

package/README.md

@@ -22,7 +22,7 @@ installer가 OS(`uname -s`)와 아키텍처(`uname -m`)를 자동 감지해 최
 특정 버전 고정:
 
 ```sh
-curl -fsSL https://raw.githubusercontent.com/apps-in-toss-community/console-cli/main/install.sh | AITCC_VERSION=v0.1.1 sh
+curl -fsSL https://raw.githubusercontent.com/apps-in-toss-community/console-cli/main/install.sh | AITCC_VERSION=v0.1.34 sh
 ```
 
 설치 경로를 바꾸려면 `AITCC_INSTALL_DIR=/custom/path` (기본 `$HOME/.local/bin`).
@@ -124,7 +124,7 @@ OS 키체인 대신 plain `0600` 파일을 쓰는 이유는 [CLAUDE.md](./CLAUDE
 
 ## CI/CD 통합
 
-워크플로의 한 번성 실행(`aitcc app deploy` 등)을 위해 desktop에서 캡처한 세션을 runner에 주입합니다:
+워크플로의 일회성 실행(`aitcc app deploy` 등)을 위해 desktop에서 캡처한 세션을 runner에 주입합니다:
 
 ```sh
 # Desktop (이미 로그인된 상태):

package/dist/cli.mjs

@@ -7,8 +7,8 @@ import { isMap, parse, parseDocument } from "yaml";
 import { unzipSync } from "fflate";
 import { checkbox, confirm, editor, input, password, select } from "@inquirer/prompts";
 import { imageSize } from "image-size";
-import { execFile, spawn } from "node:child_process";
-import { constants, createReadStream, existsSync } from "node:fs";
+import { execFile, execFileSync, spawn } from "node:child_process";
+import { constants, createReadStream, existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
 import { createInterface } from "node:readline/promises";
 import { promisify } from "node:util";
 import { createHash } from "node:crypto";
@@ -682,14 +682,15 @@ async function postBundleTestPush(workspaceId, miniAppId, deploymentId, cookies,
 	if (raw === null || typeof raw !== "object" || Array.isArray(raw)) return {};
 	return raw;
 }
-async function fetchBundleTestLinks(workspaceId, miniAppId, cookies, opts = {}) {
+async function fetchBundleTestLinks(workspaceId, miniAppId, deploymentId, cookies, opts = {}) {
 	const raw = await requestConsoleApi({
-		url: `${BASE$4}/workspaces/${workspaceId}/mini-app/${miniAppId}/bundles/test-links`,
+		url: `${BASE$4}/workspaces/${workspaceId}/mini-app/${miniAppId}/bundles/test-links?deploymentId=${encodeURIComponent(deploymentId)}`,
 		cookies,
 		...opts.fetchImpl ? { fetchImpl: opts.fetchImpl } : {}
 	});
-	if (raw === null || typeof raw !== "object" || Array.isArray(raw)) return {};
-	return raw;
+	if (raw === null || typeof raw !== "object" || Array.isArray(raw)) throw new Error(`Unexpected test-links shape for app=${miniAppId}`);
+	const data = raw;
+	return { linkUri: typeof data.linkUri === "string" ? data.linkUri : "" };
 }
 async function createMiniApp(workspaceId, payload, cookies, opts = {}) {
 	return normalizeCreateResult(await requestConsoleApi({
@@ -3382,7 +3383,8 @@ function formatDiffValue(v) {
 	return String(v);
 }
 function describeServiceStatus(s) {
-	if (s === "PREPARE") return "PREPARE (출시 전 — release 토글 미사용)";
+	if (s === "PREPARE") return "PREPARE (출시 전 — 번들 출시 검수 미통과)";
+	if (s === "OPENED") return "OPENED (출시 중)";
 	if (s === "RUNNING") return "RUNNING (출시 중)";
 	if (s === "STOPPED") return "STOPPED (운영 중지)";
 	return s;
@@ -3583,6 +3585,9 @@ function deriveReviewState(env) {
 		lockReason: locked ? "review-pending" : null
 	};
 }
+function isInServiceStatus(serviceStatus) {
+	return serviceStatus === "OPENED" || serviceStatus === "RUNNING";
+}
 function deriveLsStatus(derived, serviceStatus) {
 	if (!derived) return {
 		status: "unknown",
@@ -3592,7 +3597,7 @@ function deriveLsStatus(derived, serviceStatus) {
 	const locked = derived.approvalType === "REVIEW";
 	const lockReason = locked ? "review-pending" : null;
 	let status = derived.state;
-	if (status === "approved" && serviceStatus === "RUNNING") status = "in-service";
+	if (status === "approved" && isInServiceStatus(serviceStatus)) status = "in-service";
 	return {
 		status,
 		locked,
@@ -4523,7 +4528,7 @@ const bundlesCommand = defineCommand({
 		"test-links": defineCommand({
 			meta: {
 				name: "test-links",
-				description: "Show per-device test URLs for the mini-app."
+				description: "Show the test deep-link URL for a specific bundle."
 			},
 			args: {
 				id: {
@@ -4531,6 +4536,10 @@ const bundlesCommand = defineCommand({
 					description: "Mini-app ID. Optional when `aitcc.yaml` provides `miniAppId`.",
 					required: false
 				},
+				"deployment-id": {
+					type: "string",
+					description: "deploymentId of the bundle to fetch the test link for."
+				},
 				workspace: {
 					type: "string",
 					description: "Workspace ID. Defaults to the selected workspace."
@@ -4542,6 +4551,15 @@ const bundlesCommand = defineCommand({
 				}
 			},
 			async run({ args }) {
+				const deploymentId = typeof args["deployment-id"] === "string" ? args["deployment-id"] : "";
+				if (deploymentId === "") {
+					if (args.json) emitJson({
+						ok: false,
+						reason: "missing-deployment-id"
+					});
+					else process.stderr.write("app bundles test-links: --deployment-id <uuid> is required.\n");
+					return exitAfterFlush(ExitCode.Usage);
+				}
 				const ctx = await resolveAppOrFail({
 					json: args.json,
 					appIdRaw: args.id,
@@ -4553,26 +4571,22 @@ const bundlesCommand = defineCommand({
 				printContextHeader(ctx, { json: args.json });
 				const { session, workspaceId } = ctx;
 				try {
-					const links = await fetchBundleTestLinks(workspaceId, appId, session.cookies);
+					const { linkUri } = await fetchBundleTestLinks(workspaceId, appId, deploymentId, session.cookies);
 					if (args.json) {
 						emitJson({
 							ok: true,
 							workspaceId,
 							appId,
-							links
+							deploymentId,
+							linkUri
 						});
 						return exitAfterFlush(ExitCode.Ok);
 					}
-					const keys = Object.keys(links);
-					if (keys.length === 0) {
-						process.stdout.write(`App ${appId} (ws ${workspaceId}): no test links available\n`);
+					if (linkUri === "") {
+						process.stdout.write(`App ${appId} (ws ${workspaceId}): no test link available for deployment ${deploymentId}\n`);
 						return exitAfterFlush(ExitCode.Ok);
 					}
-					process.stdout.write(`App ${appId} (ws ${workspaceId}):\n`);
-					for (const k of keys) {
-						const v = links[k];
-						process.stdout.write(`  ${k}\t${typeof v === "string" ? v : JSON.stringify(v)}\n`);
-					}
+					process.stdout.write(`App ${appId} (ws ${workspaceId}):\n  ${linkUri}\n`);
 					return exitAfterFlush(ExitCode.Ok);
 				} catch (err) {
 					return emitFailureFromError(args.json, err);
@@ -6971,6 +6985,81 @@ const completionCommand = defineCommand({
 	}
 });
 //#endregion
+//#region src/ait-token-profile.ts
+const AIT_CREDENTIALS_PATH = join(homedir(), ".ait", "credentials");
+function credentialsPath() {
+	const override = process.env._AIT_CREDENTIALS_PATH_OVERRIDE;
+	if (override && override.length > 0) return override;
+	return AIT_CREDENTIALS_PATH;
+}
+function readCredentials(path) {
+	if (!existsSync(path)) return {};
+	try {
+		const raw = readFileSync(path, "utf8");
+		const parsed = JSON.parse(raw);
+		if (parsed !== null && typeof parsed === "object" && !Array.isArray(parsed)) return parsed;
+		return {};
+	} catch {
+		return {};
+	}
+}
+function writeCredentials(path, map) {
+	const dir = join(path, "..");
+	if (!existsSync(dir)) mkdirSync(dir, { recursive: true });
+	writeFileSync(path, JSON.stringify(map, null, 2) + "\n", {
+		encoding: "utf8",
+		mode: 384
+	});
+}
+/**
+* Save a Deploy Key to the `ait` token profile store.
+*
+* Tries direct-write first.  If that fails and `ait` is on PATH, falls back
+* to spawning `ait token add --api-key ... <profile>`.
+*
+* SECRET-HANDLING: `apiKey` must not appear in any log or thrown message.
+* The `detail` field in failure results contains only non-secret context.
+*/
+function saveAitTokenProfile(profile, apiKey) {
+	const path = credentialsPath();
+	try {
+		const map = readCredentials(path);
+		map[profile] = apiKey;
+		writeCredentials(path, map);
+		return {
+			ok: true,
+			method: "direct",
+			profile
+		};
+	} catch (err) {
+		const detail = err instanceof Error ? err.message : String(err);
+		try {
+			execFileSync("ait", [
+				"token",
+				"add",
+				"--api-key",
+				apiKey,
+				profile
+			], {
+				stdio: "ignore",
+				timeout: 1e4,
+				env: { ...process.env }
+			});
+			return {
+				ok: true,
+				method: "spawn",
+				profile
+			};
+		} catch {
+			return {
+				ok: false,
+				reason: "write-failed",
+				detail
+			};
+		}
+	}
+}
+//#endregion
 //#region src/api/api-keys.ts
 const BASE$2 = "https://apps-in-toss.toss.im/console/api-public/v3/appsintossconsole";
 async function fetchApiKeys(workspaceId, cookies, opts = {}) {
@@ -7126,6 +7215,10 @@ const createCommand = defineCommand({
 			type: "string",
 			description: "Workspace ID. Defaults to the selected workspace."
 		},
+		"save-profile": {
+			type: "string",
+			description: "After issuing, save the key as an `ait` token profile (written to `~/.ait/credentials`). The named profile can then be used with `ait deploy --profile <name>` immediately. If omitted, the key is printed to stdout once and not persisted locally."
+		},
 		json: {
 			type: "boolean",
 			description: "Emit machine-readable JSON to stdout.",
@@ -7175,6 +7268,14 @@ const createCommand = defineCommand({
 				name,
 				target
 			}, session.cookies);
+			const saveProfileName = args["save-profile"] ? String(args["save-profile"]) : void 0;
+			let savedProfile;
+			let saveProfileWarning;
+			if (saveProfileName !== void 0) {
+				const saveResult = saveAitTokenProfile(saveProfileName, result.apiKey);
+				if (saveResult.ok) savedProfile = saveResult.profile;
+				else saveProfileWarning = `Could not save to ait profile "${saveProfileName}": ${saveResult.detail}. Save the key manually with \`ait token add --api-key <key> ` + saveProfileName + "`.";
+			}
 			if (args.json) {
 				emitJson({
 					ok: true,
@@ -7185,12 +7286,16 @@ const createCommand = defineCommand({
 						isAll: target.isAll,
 						appNames: [...target.appNames]
 					},
+					...savedProfile !== void 0 ? { savedProfile } : {},
+					...saveProfileWarning !== void 0 ? { saveProfileWarning } : {},
 					extra: result.extra
 				});
 				return exitAfterFlush(ExitCode.Ok);
 			}
 			process.stdout.write(`${result.apiKey}\n`);
-			process.stderr.write("⚠️  This key is shown only once. Save it to a secret manager now — it cannot be retrieved later.\n");
+			if (savedProfile !== void 0) process.stderr.write(`Saved as ait profile "${savedProfile}". Run: ait deploy --profile ${savedProfile}\n`);
+			else process.stderr.write("⚠️  This key is shown only once. Save it to a secret manager now — it cannot be retrieved later.\n");
+			if (saveProfileWarning !== void 0) process.stderr.write(`Warning: ${saveProfileWarning}\n`);
 			return exitAfterFlush(ExitCode.Ok);
 		} catch (err) {
 			return emitFailureFromError(args.json, err);
@@ -9233,7 +9338,7 @@ function resolveVersion() {
 		if (typeof injected === "string" && injected.length > 0) return injected;
 	} catch {}
 	try {
-		return "0.1.34";
+		return "0.1.36";
 	} catch {}
 	return "0.0.0-dev";
 }