@eve-horizon/cli 0.2.19 → 0.2.20

package/dist/index.js

@@ -49861,6 +49861,8 @@ for cloud deployments. Credentials are stored globally per API URL.`,
           "--project <id>       Project ID (uses profile default)",
           "--env <name>         Environment name (optional source)",
           "--json <payload>     JSON body inline or @file",
+          "--data <payload>     Alias for --json (curl-style)",
+          "-d <payload>         Shorthand alias for --json",
           "--jq <expr>          Filter JSON output with jq",
           "--graphql <query>    GraphQL query inline or @file",
           "--variables <json>   JSON variables for GraphQL query",
@@ -49870,6 +49872,7 @@ for cloud deployments. Credentials are stored globally per API URL.`,
         examples: [
           'eve api call app GET /notes --jq ".items"',
           'eve api call app POST /notes --json "{"title":"Hello"}"',
+          'eve api call app POST /notes --data "{"title":"Hello"}"',
           'eve api call graphql POST /graphql --graphql "{ notes { id } }"'
         ]
       },
@@ -50833,6 +50836,81 @@ eve-new-project-setup skill to complete configuration.`,
       "eve analytics env-health --org org_xxx"
     ]
   },
+  ollama: {
+    description: "Manage inference targets, installs, models, and aliases for managed model routing.",
+    usage: "eve ollama <subcommand> [options]",
+    subcommands: {
+      targets: {
+        description: "List inference targets",
+        usage: "eve ollama targets [--scope-kind <platform|org|project>] [--scope-id <id>] [--json]"
+      },
+      target: {
+        description: "Manage a single target (add, rm, test)",
+        usage: "eve ollama target <add|rm|test> [options]",
+        options: [
+          "add: --name <name> --base-url <url> [--scope-kind <kind>] [--scope-id <id>] [--target-type <type>] [--transport-profile <profile>] [--api-key-ref <secret-ref>]",
+          "rm: <target-id>",
+          "test: <target-id> [--org-id <id>] [--project-id <id>]"
+        ]
+      },
+      models: {
+        description: "List canonical inference models",
+        usage: "eve ollama models [--json]"
+      },
+      model: {
+        description: "Create canonical inference model",
+        usage: "eve ollama model add --canonical <id> --provider <name> --slug <provider-model-slug>"
+      },
+      aliases: {
+        description: "List alias routes",
+        usage: "eve ollama aliases [--scope-kind <kind>] [--scope-id <id>] [--json]"
+      },
+      alias: {
+        description: "Set or remove alias route",
+        usage: "eve ollama alias <set|rm> [options]",
+        options: [
+          "set: --alias <name> --target-id <target-id> --model-id <model-id> [--scope-kind <kind>] [--scope-id <id>]",
+          "rm: --alias <name> [--scope-kind <kind>] [--scope-id <id>]"
+        ]
+      },
+      installs: {
+        description: "List target-model installs",
+        usage: "eve ollama installs [--target-id <id>] [--model-id <id>] [--json]"
+      },
+      install: {
+        description: "Install or remove model availability on a target",
+        usage: "eve ollama install <add|rm> --target-id <target-id> --model-id <model-id> [options]",
+        options: [
+          "add: --target-id <target-id> --model-id <model-id> [--requires-warm-start true|false] [--min-target-capacity <n>]",
+          "rm: --target-id <target-id> --model-id <model-id>"
+        ]
+      },
+      assignments: {
+        description: "Inspect target assignment/load and queue depth",
+        usage: "eve ollama assignments [--scope-kind <platform|org|project>] [--scope-id <id>] [--json]"
+      },
+      "route-policies": {
+        description: "List route policies by scope",
+        usage: "eve ollama route-policies [--scope-kind <platform|org|project>] [--scope-id <id>] [--json]"
+      },
+      "route-policy": {
+        description: "Set or remove a route policy",
+        usage: "eve ollama route-policy <set|rm> [options]",
+        options: [
+          "set: --scope-kind <kind> [--scope-id <id>] --preferred-target-id <target-id> [--fallback-to-alias-target true|false]",
+          "rm: --scope-kind <kind> [--scope-id <id>]"
+        ]
+      }
+    },
+    examples: [
+      "eve ollama target add --name local --base-url http://localhost:11434 --scope-kind platform --target-type external_ollama",
+      "eve ollama model add --canonical gpt-oss:120b --provider ollama --slug gpt-oss:120b",
+      "eve ollama install add --target-id itgt_xxx --model-id imod_xxx --min-target-capacity 1",
+      "eve ollama alias set --alias gpt-oss --target-id itgt_xxx --model-id imod_xxx --scope-kind project --scope-id proj_xxx",
+      "eve ollama assignments --scope-kind project --scope-id proj_xxx",
+      "eve ollama route-policy set --scope-kind project --scope-id proj_xxx --preferred-target-id itgt_xxx"
+    ]
+  },
   migrate: {
     description: "Migration helpers for upgrading config formats.",
     usage: "eve migrate <subcommand>",
@@ -50886,6 +50964,7 @@ function showMainHelp() {
   console.log("  auth       Authentication (login, logout, status)");
   console.log("  webhooks   Manage outbound webhook subscriptions");
   console.log("  analytics  Org analytics (jobs, pipelines, env health)");
+  console.log("  ollama     Manage inference targets, aliases, and model routes");
   console.log("  access     Access control: permissions, roles, bindings, policy-as-code sync");
   console.log("  admin      User and identity management (invite)");
   console.log("  skills     Install skills from skills.txt (skills CLI)");
@@ -51009,6 +51088,15 @@ To list available projects: eve project list`
   }
   return response.data;
 }
+function unwrapListResponse(value) {
+  if (Array.isArray(value)) {
+    return value;
+  }
+  if (value && typeof value === "object" && Array.isArray(value.data)) {
+    return value.data;
+  }
+  throw new Error("Expected list response envelope with data[]");
+}
 async function requestRaw(context2, path6, options = {}) {
   const headers = {
     ...options.headers
@@ -55691,6 +55779,8 @@ var configSchema = external_exports.object({
   ORCHESTRATOR_PORT: external_exports.coerce.number().default(4802),
   // Max concurrent jobs the orchestrator can process per replica (default: half of ORCH_CONCURRENCY_MAX)
   ORCH_CONCURRENCY: external_exports.coerce.number().int().min(1).default(4),
+  // Main orchestrator claim/dispatch loop cadence (milliseconds)
+  ORCH_LOOP_INTERVAL_MS: external_exports.coerce.number().int().min(100).default(5e3),
   // Phase 3: Auto-tuner configuration
   ORCH_CONCURRENCY_MIN: external_exports.coerce.number().int().min(1).default(1),
   // Minimum concurrency for auto-tuner
@@ -55976,6 +56066,17 @@ var PaginationSchema = external_exports.object({
   offset: external_exports.number().int().nonnegative(),
   count: external_exports.number().int().nonnegative()
 });
+var ApiListPaginationSchema = external_exports.object({
+  total: external_exports.number().int().nonnegative(),
+  limit: external_exports.number().int().nonnegative(),
+  offset: external_exports.number().int().nonnegative(),
+  has_more: external_exports.boolean().optional(),
+  next_offset: external_exports.number().int().nonnegative().nullable().optional()
+});
+var createApiListResponseSchema = (itemSchema) => external_exports.object({
+  data: external_exports.array(itemSchema),
+  pagination: ApiListPaginationSchema.optional()
+});
 var GitShaSchema = external_exports.string().length(40, "git_sha must be exactly 40 characters").regex(/^[a-f0-9]{40}$/, {
   message: "git_sha must be a 40-character lowercase hex SHA. Did you pass a branch name or uppercase SHA? Use the CLI to resolve refs automatically."
 });
@@ -56665,10 +56766,16 @@ var AttemptListResponseSchema = external_exports.object({
 var AuthStatusResponseSchema = external_exports.object({
   auth_enabled: external_exports.boolean(),
   authenticated: external_exports.boolean(),
+  type: external_exports.enum(["user", "job", "service_principal"]).optional(),
   user_id: external_exports.string().optional(),
   email: external_exports.string().optional(),
+  org_id: external_exports.string().nullable().optional(),
+  project_id: external_exports.string().optional(),
+  job_id: external_exports.string().optional(),
   role: external_exports.string().optional(),
   is_admin: external_exports.boolean().optional(),
+  is_job_token: external_exports.boolean().optional(),
+  is_service_principal: external_exports.boolean().optional(),
   permissions: external_exports.array(external_exports.string()).optional()
 });
 var AuthChallengeRequestSchema = external_exports.object({
@@ -56783,6 +56890,22 @@ var OrgInviteResponseSchema = external_exports.object({
   used_at: external_exports.string().nullable(),
   created_at: external_exports.string()
 });
+var OrgInviteListResponseSchema = createApiListResponseSchema(OrgInviteResponseSchema);
+var AccessRequestResponseSchema = external_exports.object({
+  id: external_exports.string(),
+  provider: external_exports.string(),
+  fingerprint: external_exports.string(),
+  email: external_exports.string().nullable(),
+  desired_org_name: external_exports.string(),
+  desired_org_slug: external_exports.string().nullable(),
+  status: external_exports.string(),
+  reviewed_at: external_exports.string().nullable(),
+  review_notes: external_exports.string().nullable(),
+  user_id: external_exports.string().nullable(),
+  org_id: external_exports.string().nullable(),
+  created_at: external_exports.string()
+});
+var AccessRequestListResponseSchema = createApiListResponseSchema(AccessRequestResponseSchema);
 var CreateServicePrincipalRequestSchema = external_exports.object({
   name: external_exports.string().min(1).max(100).regex(/^[a-z0-9_-]+$/),
   description: external_exports.string().max(500).optional()
@@ -56800,6 +56923,7 @@ var ServicePrincipalResponseSchema = external_exports.object({
   created_at: external_exports.string(),
   updated_at: external_exports.string()
 });
+var ServicePrincipalListResponseSchema = createApiListResponseSchema(ServicePrincipalResponseSchema);
 var ServicePrincipalTokenResponseSchema = external_exports.object({
   id: external_exports.string(),
   principal_id: external_exports.string(),
@@ -56808,6 +56932,7 @@ var ServicePrincipalTokenResponseSchema = external_exports.object({
   last_used_at: external_exports.string().nullable(),
   created_at: external_exports.string()
 });
+var ServicePrincipalTokenListResponseSchema = createApiListResponseSchema(ServicePrincipalTokenResponseSchema);
 var MintServicePrincipalTokenResponseSchema = external_exports.object({
   token_id: external_exports.string(),
   access_token: external_exports.string(),
@@ -56835,6 +56960,7 @@ var AccessRoleResponseSchema = external_exports.object({
   created_at: external_exports.string(),
   updated_at: external_exports.string()
 });
+var AccessRoleListResponseSchema = createApiListResponseSchema(AccessRoleResponseSchema);
 var CreateAccessBindingRequestSchema = external_exports.object({
   role_name: external_exports.string().min(1),
   principal_type: external_exports.enum(["user", "service_principal"]),
@@ -56851,6 +56977,7 @@ var AccessBindingResponseSchema = external_exports.object({
   created_by: external_exports.string().nullable(),
   created_at: external_exports.string()
 });
+var AccessBindingListResponseSchema = createApiListResponseSchema(AccessBindingResponseSchema);
 var AccessCanResponseSchema = external_exports.object({
   allowed: external_exports.boolean(),
   source: external_exports.string()
@@ -58249,6 +58376,7 @@ var ResolvedResourceSchema = external_exports.object({
   version: external_exports.number().int().optional(),
   resolved_at: external_exports.string()
 });
+var ResolveResourcesListResponseSchema = createApiListResponseSchema(ResolvedResourceSchema);
 
 // ../shared/dist/schemas/error.js
 var ApiErrorDetailSchema = external_exports.object({
@@ -58291,6 +58419,7 @@ var WebhookResponseSchema = external_exports.object({
   created_at: external_exports.string(),
   updated_at: external_exports.string()
 });
+var WebhookListResponseSchema = createApiListResponseSchema(WebhookResponseSchema);
 var WebhookDeliveryResponseSchema = external_exports.object({
   id: external_exports.string(),
   subscription_id: external_exports.string(),
@@ -58302,6 +58431,7 @@ var WebhookDeliveryResponseSchema = external_exports.object({
   response_status: external_exports.number().nullable().optional(),
   created_at: external_exports.string()
 });
+var WebhookDeliveryListResponseSchema = createApiListResponseSchema(WebhookDeliveryResponseSchema);
 var WebhookReplayDryRunResponseSchema = external_exports.object({
   event_count: external_exports.number().int(),
   earliest: external_exports.string().nullable().optional(),
@@ -58427,6 +58557,170 @@ var BatchValidateResponseSchema = external_exports.object({
   errors: external_exports.array(BatchValidationErrorSchema)
 });
 
+// ../shared/dist/schemas/managed-models.js
+var ManagedModelCapabilitySchema = external_exports.object({
+  streaming: external_exports.boolean(),
+  tool_calling: external_exports.boolean(),
+  reasoning: external_exports.boolean()
+});
+var ManagedModelConfigV1Schema = external_exports.object({
+  display_name: external_exports.string().min(1),
+  inference_provider: external_exports.string().min(1),
+  harness: external_exports.string().optional(),
+  api_model_id: external_exports.string().min(1),
+  base_url: external_exports.string().min(1),
+  auth_header: external_exports.string().min(1),
+  auth_scheme: external_exports.string(),
+  secret_ref: external_exports.string().min(1),
+  extra_headers: external_exports.record(external_exports.string()),
+  capabilities: ManagedModelCapabilitySchema
+}).passthrough();
+var ManagedModelConfigV2Schema = external_exports.object({
+  display_name: external_exports.string().min(1),
+  provider: external_exports.string().min(1),
+  api_model_id: external_exports.string().min(1),
+  capabilities: ManagedModelCapabilitySchema,
+  harness: external_exports.string().optional(),
+  base_url: external_exports.string().optional(),
+  secret_ref: external_exports.string().optional(),
+  extra_headers: external_exports.record(external_exports.string()).optional()
+}).passthrough();
+var ManagedModelConfigSchema = external_exports.union([
+  ManagedModelConfigV1Schema,
+  ManagedModelConfigV2Schema
+]);
+var ManagedModelRegistrySchema = external_exports.record(ManagedModelConfigSchema);
+
+// ../shared/dist/schemas/inference.js
+var InferenceScopeKindSchema = external_exports.enum(["platform", "org", "project"]);
+var InferenceTargetTypeSchema = external_exports.enum(["ollama_pool", "external_ollama", "openai_compat"]);
+var InferenceTransportProfileSchema = external_exports.enum(["ollama_api", "openai_compat"]);
+var InferenceTargetStatusSchema = external_exports.enum(["unknown", "healthy", "unhealthy", "draining", "disabled"]);
+var InferenceTargetSchema = external_exports.object({
+  id: external_exports.string(),
+  scope_kind: InferenceScopeKindSchema,
+  scope_id: external_exports.string().nullable(),
+  name: external_exports.string(),
+  target_type: InferenceTargetTypeSchema,
+  transport_profile: InferenceTransportProfileSchema,
+  base_url: external_exports.string(),
+  health_probe_url: external_exports.string().nullable(),
+  capacity: external_exports.number().int(),
+  max_concurrent_inflight: external_exports.number().int(),
+  status: InferenceTargetStatusSchema,
+  transport_metadata: external_exports.record(external_exports.unknown()),
+  created_by: external_exports.string().nullable(),
+  updated_by: external_exports.string().nullable(),
+  created_at: external_exports.string(),
+  updated_at: external_exports.string()
+});
+var InferenceModelSchema = external_exports.object({
+  id: external_exports.string(),
+  canonical_model_id: external_exports.string(),
+  provider: external_exports.string(),
+  provider_model_slug: external_exports.string(),
+  max_context: external_exports.number().int().nullable(),
+  supports_json_schema: external_exports.boolean(),
+  metadata: external_exports.record(external_exports.unknown()),
+  created_at: external_exports.string(),
+  updated_at: external_exports.string()
+});
+var InferenceAliasSchema = external_exports.object({
+  id: external_exports.string(),
+  scope_kind: InferenceScopeKindSchema,
+  scope_id: external_exports.string().nullable(),
+  alias: external_exports.string(),
+  target_id: external_exports.string(),
+  model_id: external_exports.string(),
+  pin_model_id: external_exports.string().nullable(),
+  pinned_at: external_exports.string().nullable(),
+  created_by: external_exports.string().nullable(),
+  updated_by: external_exports.string().nullable(),
+  created_at: external_exports.string(),
+  updated_at: external_exports.string()
+});
+var InferenceInstallSchema = external_exports.object({
+  id: external_exports.string(),
+  target_id: external_exports.string(),
+  model_id: external_exports.string(),
+  requires_warm_start: external_exports.boolean(),
+  min_target_capacity: external_exports.number().int(),
+  allowed_scopes: external_exports.record(external_exports.unknown()),
+  route_hints: external_exports.record(external_exports.unknown()),
+  created_at: external_exports.string(),
+  updated_at: external_exports.string()
+});
+var InferenceRoutePolicySchema = external_exports.object({
+  id: external_exports.string(),
+  scope_kind: InferenceScopeKindSchema,
+  scope_id: external_exports.string().nullable(),
+  preferred_target_id: external_exports.string(),
+  fallback_to_alias_target: external_exports.boolean(),
+  created_by: external_exports.string().nullable(),
+  updated_by: external_exports.string().nullable(),
+  created_at: external_exports.string(),
+  updated_at: external_exports.string()
+});
+var CreateInferenceTargetRequestSchema = external_exports.object({
+  scope_kind: InferenceScopeKindSchema,
+  scope_id: external_exports.string().optional(),
+  name: external_exports.string().min(1),
+  target_type: InferenceTargetTypeSchema,
+  transport_profile: InferenceTransportProfileSchema.default("ollama_api"),
+  base_url: external_exports.string().min(1),
+  health_probe_url: external_exports.string().optional(),
+  capacity: external_exports.number().int().positive().optional(),
+  max_concurrent_inflight: external_exports.number().int().positive().optional(),
+  status: InferenceTargetStatusSchema.optional(),
+  transport_metadata: external_exports.record(external_exports.unknown()).optional()
+});
+var UpdateInferenceTargetRequestSchema = external_exports.object({
+  name: external_exports.string().min(1).optional(),
+  target_type: InferenceTargetTypeSchema.optional(),
+  transport_profile: InferenceTransportProfileSchema.optional(),
+  base_url: external_exports.string().min(1).optional(),
+  health_probe_url: external_exports.string().optional(),
+  capacity: external_exports.number().int().positive().optional(),
+  max_concurrent_inflight: external_exports.number().int().positive().optional(),
+  status: InferenceTargetStatusSchema.optional(),
+  transport_metadata: external_exports.record(external_exports.unknown()).optional()
+});
+var CreateInferenceModelRequestSchema = external_exports.object({
+  canonical_model_id: external_exports.string().min(1),
+  provider: external_exports.string().min(1),
+  provider_model_slug: external_exports.string().min(1),
+  max_context: external_exports.number().int().positive().optional(),
+  supports_json_schema: external_exports.boolean().optional(),
+  metadata: external_exports.record(external_exports.unknown()).optional()
+});
+var CreateInferenceInstallRequestSchema = external_exports.object({
+  requires_warm_start: external_exports.boolean().optional(),
+  min_target_capacity: external_exports.number().int().positive().optional(),
+  allowed_scopes: external_exports.record(external_exports.unknown()).optional(),
+  route_hints: external_exports.record(external_exports.unknown()).optional()
+});
+var UpsertInferenceRoutePolicyRequestSchema = external_exports.object({
+  scope_kind: InferenceScopeKindSchema,
+  scope_id: external_exports.string().optional(),
+  preferred_target_id: external_exports.string().min(1),
+  fallback_to_alias_target: external_exports.boolean().optional()
+});
+var UpsertInferenceAliasRequestSchema = external_exports.object({
+  scope_kind: InferenceScopeKindSchema,
+  scope_id: external_exports.string().optional(),
+  alias: external_exports.string().min(1),
+  target_id: external_exports.string().min(1),
+  model_id: external_exports.string().min(1),
+  pin_model_id: external_exports.string().optional()
+});
+var InferenceChatCompletionsRequestSchema = external_exports.object({
+  model: external_exports.string().min(1),
+  messages: external_exports.array(external_exports.record(external_exports.unknown())).min(1),
+  stream: external_exports.boolean().optional(),
+  project_id: external_exports.string().optional(),
+  org_id: external_exports.string().optional()
+}).passthrough();
+
 // ../shared/dist/observability.js
 var import_async_hooks = require("async_hooks");
 var correlationStorage = new import_async_hooks.AsyncLocalStorage();
@@ -60766,7 +61060,7 @@ async function handleCreate(flags, context2, json) {
       `/projects/${resolvedProjectId}/apis`
     );
     const availableApis = new Map(
-      (apiListResponse.data || []).map((a) => [a.name, a.type])
+      (apiListResponse.data || []).map((a) => [a.name, { type: a.type, base_url: a.base_url }])
     );
     const missing2 = apiNames.filter((name) => !availableApis.has(name));
     if (missing2.length > 0) {
@@ -60775,11 +61069,67 @@ async function handleCreate(flags, context2, json) {
 Available APIs: ${[...availableApis.keys()].join(", ") || "(none)"}`
       );
     }
+    const contextArgs = [`--project ${resolvedProjectId}`];
+    if (envName) {
+      contextArgs.push(`--env ${envName}`);
+    }
+    const contextSuffix = contextArgs.join(" ");
     const apiLines = apiNames.map((name) => {
-      const type = availableApis.get(name) ?? "openapi";
-      return `- \`${name}\` (${type}) \u2014 Use \`eve api call ${name} <METHOD> <path>\` to interact.
-  Run \`eve api spec ${name}\` to see all endpoints.
-  Auth is handled automatically via EVE_JOB_TOKEN.`;
+      const info = availableApis.get(name);
+      const type = info?.type ?? "openapi";
+      const baseUrl = info?.base_url || "<base_url>";
+      return `- \`${name}\` (${type})
+  - Use this runtime-safe Node helper for in-job API calls (no extra tools required).
+    \`\`\`bash
+    API_URL="${baseUrl}" node - <<'NODE'
+    const fs = require("fs");
+    const tokenFromJob = process.env.EVE_JOB_TOKEN;
+    const tokenFromCreds = () => {
+      const credsPath = \`\${process.env.HOME}/.eve/credentials.json\`;
+      if (!fs.existsSync(credsPath)) {
+        return undefined;
+      }
+      const creds = JSON.parse(fs.readFileSync(credsPath, "utf8"));
+      const apiKey = \`\${(process.env.EVE_API_URL || "").replace(/\\/+$/, "")}\`;
+      return creds.tokens?.[apiKey]?.access_token;
+    };
+    const token = tokenFromJob ?? tokenFromCreds();
+    const apiUrl = process.env.API_URL;
+    if (!apiUrl) {
+      throw new Error("Set API_URL before running the script.");
+    }
+    const method = process.env.EVE_APP_API_METHOD ?? "GET";
+    const path = process.env.EVE_APP_API_PATH ?? "/";
+    const bodyArg = process.env.EVE_APP_API_BODY;
+    if (!token) {
+      throw new Error("Missing token. Set EVE_JOB_TOKEN or keep ~/.eve/credentials.json for external shells.");
+    }
+    const options = {
+      method: method.toUpperCase(),
+      headers: {
+        Authorization: \`Bearer \${token}\`,
+        "Content-Type": "application/json",
+      },
+    };
+    if (bodyArg) {
+      options.body = bodyArg;
+    }
+    (async () => {
+      const response = await fetch(new URL(path, apiUrl).toString(), options);
+      const text = await response.text();
+      console.log(text);
+      if (!response.ok) {
+        process.exitCode = 1;
+      }
+    })().catch((error) => {
+      console.error(error);
+      process.exit(1);
+    });
+    NODE
+    # Example:
+    #   API_URL="${baseUrl}" EVE_APP_API_METHOD=GET EVE_APP_API_PATH=/api/auth-config node - <<'NODE'
+    \`\`\`
+  - Discover endpoints with \`eve api spec ${name} ${contextSuffix}\` in your own shell (outside the job runtime).`;
     });
     body.description = body.description + `
 
@@ -61615,6 +61965,25 @@ function formatDiagnose(job, attempts, latestResult, logs, receipt) {
       }
       console.log("");
     }
+    const llmRouting = latest.runtime_meta?.llm_routing;
+    if (llmRouting) {
+      const mode = llmRouting.mode === "bridge" ? "bridge" : "direct";
+      const bridgeId = typeof llmRouting.bridge_id === "string" ? llmRouting.bridge_id : null;
+      const harnessCompat = typeof llmRouting.harness_compatibility === "string" ? llmRouting.harness_compatibility : "unknown";
+      const providerCompat = typeof llmRouting.provider_compatibility === "string" ? llmRouting.provider_compatibility : "unknown";
+      const effectiveBaseUrl = typeof llmRouting.effective_base_url === "string" ? redactUrlForDisplay(llmRouting.effective_base_url) : null;
+      console.log("LLM Routing:");
+      console.log(`  Mode:               ${mode}`);
+      console.log(`  Harness Protocol:   ${harnessCompat}`);
+      console.log(`  Provider Protocol:  ${providerCompat}`);
+      if (bridgeId) {
+        console.log(`  Bridge ID:          ${bridgeId}`);
+      }
+      if (effectiveBaseUrl) {
+        console.log(`  Effective Base URL: ${effectiveBaseUrl}`);
+      }
+      console.log("");
+    }
   }
   if (receipt) {
     console.log("Receipt Summary:");
@@ -61652,7 +62021,14 @@ function formatDiagnose(job, attempts, latestResult, logs, receipt) {
       console.log("");
       return;
     }
-    if (latestResult?.errorMessage?.includes("git clone")) {
+    if (latestResult?.errorMessage?.includes("No protocol bridge")) {
+      console.log("  \u2717 Protocol bridge routing failed");
+      console.log("    Hint: Configure a bridge for this harness/provider protocol pair");
+      console.log("    Hint: Verify bridge registry and managed model harness/provider settings");
+    } else if (latestResult?.errorMessage?.includes("Bridge") && latestResult.errorMessage.includes("missing")) {
+      console.log("  \u2717 Bridge runtime configuration missing");
+      console.log("    Hint: Set EVE_BRIDGE_LITELLM_ANTHROPIC_OPENAI_URL and EVE_BRIDGE_LITELLM_ANTHROPIC_OPENAI_KEY");
+    } else if (latestResult?.errorMessage?.includes("git clone")) {
       console.log("  \u2717 Git clone failed - check repo URL and credentials");
       console.log("    Hint: Ensure GITHUB_TOKEN is set in project/org secrets");
     } else if (latestResult?.errorMessage?.includes("Service")) {
@@ -61732,6 +62108,20 @@ function formatDate(dateStr) {
     return dateStr;
   }
 }
+function redactUrlForDisplay(value) {
+  try {
+    const url = new URL(value);
+    if (url.username || url.password) {
+      url.username = "***";
+      url.password = "";
+    }
+    url.search = "";
+    url.hash = "";
+    return url.toString();
+  } catch {
+    return value;
+  }
+}
 function formatDependencies(response) {
   console.log("");
   if (response.dependencies.length > 0) {
@@ -64158,9 +64548,13 @@ No token minted (use --scopes to mint a token).`);
       if (!orgId) {
         throw new Error("Usage: eve auth list-service-accounts --org <org_id>");
       }
-      const principals = await requestJson(context2, `/orgs/${orgId}/service-principals`);
+      const principalsResponse = await requestJson(
+        context2,
+        `/orgs/${orgId}/service-principals`
+      );
+      const principals = unwrapListResponse(principalsResponse);
       if (json) {
-        outputJson(principals, json);
+        outputJson({ data: principals }, json);
         return;
       }
       if (!principals || principals.length === 0) {
@@ -64186,7 +64580,11 @@ No token minted (use --scopes to mint a token).`);
       }
       let resolvedId = spId;
       if (!resolvedId && name) {
-        const principals = await requestJson(context2, `/orgs/${orgId}/service-principals`);
+        const principalsResponse = await requestJson(
+          context2,
+          `/orgs/${orgId}/service-principals`
+        );
+        const principals = unwrapListResponse(principalsResponse);
         const match = principals?.find((sp) => sp.name === name);
         if (!match) {
           throw new Error(`Service account not found: ${name}`);
@@ -67189,7 +67587,7 @@ async function handleList5(positionals, flags, context2, jsonOutput) {
     throw new Error("Usage: eve api list [project] [--project=<id>] [--env=<name>]");
   }
   const query = buildQuery8({
-    env: getStringFlag(flags, ["env"])
+    env: resolveEnv(flags)
   });
   const response = await requestJson(
     context2,
@@ -67208,7 +67606,7 @@ async function handleList5(positionals, flags, context2, jsonOutput) {
 async function handleShow5(positionals, flags, context2, jsonOutput) {
   const name = positionals[0] ?? getStringFlag(flags, ["name"]);
   const projectId = positionals[1] ?? getStringFlag(flags, ["project"]) ?? context2.projectId;
-  const env = getStringFlag(flags, ["env"]);
+  const env = resolveEnv(flags);
   if (!name || !projectId) {
     throw new Error("Usage: eve api show <name> [project] [--project=<id>] [--env=<name>]");
   }
@@ -67219,7 +67617,7 @@ async function handleShow5(positionals, flags, context2, jsonOutput) {
 async function handleSpec(positionals, flags, context2, jsonOutput) {
   const name = positionals[0] ?? getStringFlag(flags, ["name"]);
   const projectId = positionals[1] ?? getStringFlag(flags, ["project"]) ?? context2.projectId;
-  const env = getStringFlag(flags, ["env"]);
+  const env = resolveEnv(flags);
   if (!name || !projectId) {
     throw new Error("Usage: eve api spec <name> [project] [--project=<id>] [--env=<name>]");
   }
@@ -67233,7 +67631,7 @@ async function handleSpec(positionals, flags, context2, jsonOutput) {
 async function handleRefresh(positionals, flags, context2, jsonOutput) {
   const name = positionals[0] ?? getStringFlag(flags, ["name"]);
   const projectId = positionals[1] ?? getStringFlag(flags, ["project"]) ?? context2.projectId;
-  const env = getStringFlag(flags, ["env"]);
+  const env = resolveEnv(flags);
   if (!name || !projectId) {
     throw new Error("Usage: eve api refresh <name> [project] [--project=<id>] [--env=<name>]");
   }
@@ -67246,7 +67644,7 @@ async function handleRefresh(positionals, flags, context2, jsonOutput) {
 async function handleExamples(positionals, flags, context2, jsonOutput) {
   const name = positionals[0] ?? getStringFlag(flags, ["name"]);
   const projectId = positionals[1] ?? getStringFlag(flags, ["project"]) ?? context2.projectId;
-  const env = getStringFlag(flags, ["env"]);
+  const env = resolveEnv(flags);
   if (!name || !projectId) {
     throw new Error("Usage: eve api examples <name> [project] [--project=<id>] [--env=<name>]");
   }
@@ -67309,7 +67707,7 @@ async function handleCall(positionals, flags, context2) {
     throw new Error("Usage: eve api call <name> <method> <path> [--json <payload>] [--jq <expr>]");
   }
   const projectId = getStringFlag(flags, ["project"]) ?? context2.projectId;
-  const env = getStringFlag(flags, ["env"]);
+  const env = resolveEnv(flags);
   if (!projectId) {
     throw new Error("Missing project id. Provide --project or set a profile default.");
   }
@@ -67317,9 +67715,10 @@ async function handleCall(positionals, flags, context2) {
   const api = await requestJson(context2, `/projects/${projectId}/apis/${name}${query}`);
   const jqExpr = getStringFlag(flags, ["jq"]);
   const printCurl = Boolean(flags["print-curl"]);
-  const jsonPayloadFlag = flags.json;
+  const extraPositionals = positionals.slice(3);
+  const jsonPayloadFlag = resolveJsonPayloadFlag(flags, extraPositionals);
   if (jsonPayloadFlag === true) {
-    throw new Error("Usage: --json <payload|@file>");
+    throw new Error("Usage: --json <payload|@file> (or --data/-d)");
   }
   const graphqlFlag = flags.graphql;
   const graphqlQuery = graphqlFlag === true ? void 0 : getStringFlag(flags, ["graphql"]);
@@ -67327,7 +67726,7 @@ async function handleCall(positionals, flags, context2) {
     throw new Error("Usage: --graphql <query|@file>");
   }
   if (graphqlQuery && jsonPayloadFlag) {
-    throw new Error("Use --variables for GraphQL variables; --json is for JSON bodies.");
+    throw new Error("Use --variables for GraphQL variables; --json/--data/-d is for JSON bodies.");
   }
   const variablesFlag = getStringFlag(flags, ["variables"]);
   const variables = variablesFlag ? resolveJsonInput(variablesFlag) : void 0;
@@ -67338,7 +67737,8 @@ async function handleCall(positionals, flags, context2) {
   } : void 0;
   const body = graphqlBody ?? jsonBody;
   const method = methodInput.toUpperCase();
-  const path6 = resolveApiPath(api.base_url, pathInput);
+  const resolvedBaseUrl = resolveApiBaseUrlForRuntime(api.base_url, context2.apiUrl);
+  const path6 = resolveApiPath(resolvedBaseUrl, pathInput);
   const tokenOverride = getStringFlag(flags, ["token"]);
   const authToken = tokenOverride ?? process.env.EVE_JOB_TOKEN ?? context2.token;
   if (printCurl) {
@@ -67376,10 +67776,49 @@ async function handleCall(positionals, flags, context2) {
   }
   process.stdout.write(text);
 }
+function resolveJsonPayloadFlag(flags, extraPositionals) {
+  const jsonFlag = flags.json;
+  const dataFlag = flags.data;
+  const shorthandDataFlag = resolveShorthandDataFlag(extraPositionals);
+  const candidates = [jsonFlag, dataFlag, shorthandDataFlag].filter(
+    (value) => value !== void 0
+  );
+  if (candidates.length <= 1) {
+    return candidates[0];
+  }
+  const [first, ...rest] = candidates;
+  const conflicts = rest.some((value) => value !== first);
+  if (conflicts) {
+    throw new Error("Use only one JSON body flag: --json, --data, or -d.");
+  }
+  return first;
+}
+function resolveShorthandDataFlag(extraPositionals) {
+  for (let i = 0; i < extraPositionals.length; i += 1) {
+    const arg = extraPositionals[i];
+    if (arg.startsWith("--data=")) {
+      return arg.slice("--data=".length);
+    }
+    if (arg.startsWith("-d=")) {
+      return arg.slice("-d=".length);
+    }
+    if (arg === "--data" || arg === "-d") {
+      const next = extraPositionals[i + 1];
+      if (!next || next.startsWith("-")) {
+        return true;
+      }
+      return next;
+    }
+  }
+  return void 0;
+}
 function buildQuery8(params) {
   const query = Object.entries(params).filter(([, value]) => value !== void 0).map(([key, value]) => `${encodeURIComponent(key)}=${encodeURIComponent(String(value))}`).join("&");
   return query ? `?${query}` : "";
 }
+function resolveEnv(flags) {
+  return getStringFlag(flags, ["env"]) ?? process.env.EVE_ENV_NAME;
+}
 function formatApiSourcesTable(apis) {
   const nameWidth = Math.max(4, ...apis.map((api) => api.name.length));
   const typeWidth = Math.max(4, ...apis.map((api) => api.type.length));
@@ -67453,6 +67892,96 @@ function resolveApiPath(baseUrl, path6) {
   const trimmedPath = path6.startsWith("/") ? path6 : `/${path6}`;
   return `${trimmedBase}${trimmedPath}`;
 }
+function resolveApiBaseUrlForRuntime(baseUrl, eveApiUrl) {
+  if (!baseUrl) return baseUrl;
+  const inK8s = Boolean(process.env.KUBERNETES_SERVICE_HOST);
+  if (inK8s) {
+    return rewriteIngressToServiceDns(baseUrl) ?? baseUrl;
+  }
+  return rewriteServiceDnsToIngress(baseUrl, eveApiUrl) ?? baseUrl;
+}
+function rewriteIngressToServiceDns(baseUrl) {
+  try {
+    const url = new URL(baseUrl);
+    if (url.hostname.endsWith(".svc.cluster.local")) {
+      return baseUrl;
+    }
+    const labels = url.hostname.split(".");
+    if (labels.length < 3) {
+      return null;
+    }
+    const component = labels[0];
+    const slug = labels[1];
+    const slugParts = slug.split("-");
+    if (slugParts.length < 3) {
+      return null;
+    }
+    const envName = slugParts[slugParts.length - 1];
+    const namespace = `eve-${slug}`;
+    const internalHost = `${envName}-${component}.${namespace}.svc.cluster.local`;
+    url.hostname = internalHost;
+    return stripTrailingSlash(url.toString());
+  } catch {
+    return null;
+  }
+}
+function rewriteServiceDnsToIngress(baseUrl, eveApiUrl) {
+  try {
+    const url = new URL(baseUrl);
+    if (!url.hostname.endsWith(".svc.cluster.local")) {
+      return null;
+    }
+    const labels = url.hostname.split(".");
+    if (labels.length < 5) {
+      return null;
+    }
+    const serviceLabel = labels[0];
+    const namespace = labels[1];
+    if (!namespace.startsWith("eve-")) {
+      return null;
+    }
+    const slug = namespace.slice(4);
+    const slugParts = slug.split("-");
+    if (slugParts.length < 3) {
+      return null;
+    }
+    const envName = slugParts[slugParts.length - 1];
+    const envPrefix = `${envName}-`;
+    if (!serviceLabel.startsWith(envPrefix)) {
+      return null;
+    }
+    const component = serviceLabel.slice(envPrefix.length);
+    if (!component) {
+      return null;
+    }
+    const ingressDomain = inferIngressDomain(eveApiUrl);
+    if (!ingressDomain) {
+      return null;
+    }
+    url.hostname = `${component}.${slug}.${ingressDomain}`;
+    url.port = "";
+    return stripTrailingSlash(url.toString());
+  } catch {
+    return null;
+  }
+}
+function inferIngressDomain(eveApiUrl) {
+  try {
+    const apiHost = new URL(eveApiUrl).hostname;
+    if (apiHost.startsWith("api.eve.")) {
+      return apiHost.slice("api.eve.".length);
+    }
+    if (apiHost.startsWith("api.")) {
+      return apiHost.slice("api.".length);
+    }
+    return process.env.EVE_DEFAULT_DOMAIN ?? null;
+  } catch {
+    return process.env.EVE_DEFAULT_DOMAIN ?? null;
+  }
+}
+function stripTrailingSlash(url) {
+  return url.endsWith("/") ? url.slice(0, -1) : url;
+}
 function resolveRepoRoot() {
   let current = process.cwd();
   while (true) {
@@ -68777,12 +69306,13 @@ ${response.length} record(s)`);
           return;
         }
         default: {
-          const requests = await requestJson(
+          const requestsResponse = await requestJson(
             context2,
             "/admin/access-requests"
           );
+          const requests = unwrapListResponse(requestsResponse);
           if (json) {
-            outputJson(requests, true);
+            outputJson({ data: requests }, true);
             return;
           }
           if (requests.length === 0) {
@@ -70979,12 +71509,13 @@ async function handleRoles(action, positionals, flags, context2, json) {
       return;
     }
     case "list": {
-      const roles = await requestJson(
+      const rolesResponse = await requestJson(
         context2,
         `/orgs/${orgId}/access/roles`
       );
+      const roles = unwrapListResponse(rolesResponse);
       if (json) {
-        outputJson(roles, json);
+        outputJson({ data: roles }, json);
         return;
       }
       if (roles.length === 0) {
@@ -71002,10 +71533,11 @@ async function handleRoles(action, positionals, flags, context2, json) {
       if (!name) {
         throw new Error("Role name is required: eve access roles show <name> --org <org_id>");
       }
-      const roles = await requestJson(
+      const rolesResponse = await requestJson(
         context2,
         `/orgs/${orgId}/access/roles`
       );
+      const roles = unwrapListResponse(rolesResponse);
       const role = roles.find((r) => r.name === name);
       if (!role) {
         throw new Error(`Role '${name}' not found in this org`);
@@ -71030,10 +71562,11 @@ async function handleRoles(action, positionals, flags, context2, json) {
       if (!name) {
         throw new Error("Role name is required: eve access roles update <name> --org <org_id> [--permissions <perms>] [--add-permissions <perms>] [--description <desc>]");
       }
-      const roles = await requestJson(
+      const rolesResponse = await requestJson(
         context2,
         `/orgs/${orgId}/access/roles`
       );
+      const roles = unwrapListResponse(rolesResponse);
       const role = roles.find((r) => r.name === name);
       if (!role) {
         throw new Error(`Role '${name}' not found in this org`);
@@ -71076,10 +71609,11 @@ async function handleRoles(action, positionals, flags, context2, json) {
       if (!name) {
         throw new Error("Role name is required: eve access roles delete <name> --org <org_id>");
       }
-      const roles = await requestJson(
+      const rolesResponse = await requestJson(
         context2,
         `/orgs/${orgId}/access/roles`
       );
+      const roles = unwrapListResponse(rolesResponse);
       const role = roles.find((r) => r.name === name);
       if (!role) {
         throw new Error(`Role '${name}' not found in this org`);
@@ -71169,10 +71703,11 @@ async function handleUnbind(flags, context2, json) {
   if (projectId) {
     params.set("project_id", projectId);
   }
-  const bindings = await requestJson(
+  const bindingsResponse = await requestJson(
     context2,
     `/orgs/${orgId}/access/bindings?${params.toString()}`
   );
+  const bindings = unwrapListResponse(bindingsResponse);
   const matching = bindings.find((b) => {
     if (b.role_name !== roleName) return false;
     if (b.principal_type !== principalType) return false;
@@ -71212,9 +71747,10 @@ async function handleBindings(action, flags, context2, json) {
   }
   const queryString = params.toString();
   const path6 = queryString ? `/orgs/${orgId}/access/bindings?${queryString}` : `/orgs/${orgId}/access/bindings`;
-  const bindings = await requestJson(context2, path6);
+  const bindingsResponse = await requestJson(context2, path6);
+  const bindings = unwrapListResponse(bindingsResponse);
   if (json) {
-    outputJson(bindings, json);
+    outputJson({ data: bindings }, json);
     return;
   }
   if (bindings.length === 0) {
@@ -71323,10 +71859,12 @@ function bindingKey(roleName, principalType, principalId, projectId) {
   return `${roleName}|${principalType}|${principalId}|${scope}`;
 }
 async function computePlan(yaml, orgId, context2) {
-  const [apiRoles, apiBindings] = await Promise.all([
+  const [apiRolesResponse, apiBindingsResponse] = await Promise.all([
     requestJson(context2, `/orgs/${orgId}/access/roles`),
     requestJson(context2, `/orgs/${orgId}/access/bindings`)
   ]);
+  const apiRoles = unwrapListResponse(apiRolesResponse);
+  const apiBindings = unwrapListResponse(apiBindingsResponse);
   const rolesByName = new Map(apiRoles.map((r) => [r.name, r]));
   const plan = {
     roles: [],
@@ -71945,7 +72483,7 @@ async function handleResources(subcommand, positionals, flags, context2) {
       if (!uri) {
         throw new Error("Usage: eve resources cat <uri>");
       }
-      const result = await requestJson(
+      const resultResponse = await requestJson(
         context2,
         `/orgs/${orgId}/resources/resolve`,
         {
@@ -71953,8 +72491,9 @@ async function handleResources(subcommand, positionals, flags, context2) {
           body: { uris: [uri], include_content: true }
         }
       );
+      const result = unwrapListResponse(resultResponse);
       if (json) {
-        outputJson(result, json);
+        outputJson({ data: result }, json);
         return;
       }
       const content = result?.[0]?.content;
@@ -72310,6 +72849,374 @@ async function handleAnalytics(subcommand, _positionals, flags, context2) {
   }
 }
 
+// src/commands/ollama.ts
+function asString(flags, key) {
+  const value = flags[key];
+  return typeof value === "string" ? value : void 0;
+}
+function requireString(flags, key) {
+  const value = asString(flags, key);
+  if (!value) throw new Error(`Missing required flag --${key}`);
+  return value;
+}
+function printTable(headers, rows) {
+  const widths = headers.map((header, idx) => Math.max(header.length, ...rows.map((row) => row[idx]?.length ?? 0)));
+  const line = `+${widths.map((w) => "-".repeat(w + 2)).join("+")}+`;
+  console.log(line);
+  console.log(formatRow3(headers, widths));
+  console.log(line);
+  for (const row of rows) {
+    console.log(formatRow3(row, widths));
+  }
+  console.log(line);
+}
+function formatRow3(columns, widths) {
+  const padded = columns.map((value, idx) => ` ${pad2(value, widths[idx])} `);
+  return `|${padded.join("|")}|`;
+}
+function pad2(value, width) {
+  return value.length >= width ? value : `${value}${" ".repeat(width - value.length)}`;
+}
+async function handleOllama(subcommand, positionals, flags, context2) {
+  const json = Boolean(flags.json);
+  switch (subcommand) {
+    case "targets": {
+      const scopeKind = asString(flags, "scope-kind");
+      const scopeId = asString(flags, "scope-id");
+      const query = new URLSearchParams();
+      if (scopeKind) query.set("scope_kind", scopeKind);
+      if (scopeId) query.set("scope_id", scopeId);
+      const suffix = query.toString() ? `?${query.toString()}` : "";
+      const targets = await requestJson(context2, `/inference/targets${suffix}`);
+      if (json) {
+        outputJson(targets, json);
+        return;
+      }
+      if (targets.length === 0) {
+        console.log("No inference targets found.");
+        return;
+      }
+      printTable(
+        ["ID", "Name", "Scope", "Type", "Transport", "Status", "Base URL"],
+        targets.map((item) => [
+          item.id,
+          item.name,
+          item.scope_id ? `${item.scope_kind}:${item.scope_id}` : item.scope_kind,
+          item.target_type,
+          item.transport_profile,
+          item.status,
+          item.base_url
+        ])
+      );
+      return;
+    }
+    case "target": {
+      const action = positionals[0];
+      if (action === "add") {
+        const body = {
+          scope_kind: asString(flags, "scope-kind") ?? "platform",
+          name: requireString(flags, "name"),
+          target_type: asString(flags, "target-type") ?? "external_ollama",
+          transport_profile: asString(flags, "transport-profile") ?? "ollama_api",
+          base_url: requireString(flags, "base-url")
+        };
+        const scopeId = asString(flags, "scope-id");
+        if (scopeId) body.scope_id = scopeId;
+        const apiKeyRef = asString(flags, "api-key-ref");
+        if (apiKeyRef) {
+          body.transport_metadata = {
+            api_key_ref: apiKeyRef,
+            auth_header: asString(flags, "auth-header") ?? "Authorization",
+            auth_scheme: asString(flags, "auth-scheme") ?? "Bearer"
+          };
+        }
+        const created = await requestJson(context2, "/inference/targets", {
+          method: "POST",
+          body
+        });
+        outputJson(created, json);
+        if (!json) console.log(`Created target ${created.id}`);
+        return;
+      }
+      if (action === "rm") {
+        const targetId = positionals[1];
+        if (!targetId) throw new Error("Usage: eve ollama target rm <target-id>");
+        await requestJson(context2, `/inference/targets/${targetId}`, {
+          method: "DELETE"
+        });
+        if (!json) console.log(`Deleted target ${targetId}`);
+        return;
+      }
+      if (action === "test") {
+        const targetId = positionals[1];
+        if (!targetId) throw new Error("Usage: eve ollama target test <target-id> [--org-id <id>] [--project-id <id>]");
+        const query = new URLSearchParams();
+        const orgId = asString(flags, "org-id");
+        const projectId = asString(flags, "project-id");
+        if (orgId) query.set("org_id", orgId);
+        if (projectId) query.set("project_id", projectId);
+        const suffix = query.toString() ? `?${query.toString()}` : "";
+        const result = await requestJson(context2, `/inference/targets/${targetId}/test${suffix}`, {
+          method: "POST"
+        });
+        outputJson(result, json);
+        if (!json) console.log("Target test completed");
+        return;
+      }
+      throw new Error("Usage: eve ollama target <add|rm|test> ...");
+    }
+    case "models": {
+      const models = await requestJson(context2, "/inference/models");
+      if (json) {
+        outputJson(models, json);
+        return;
+      }
+      if (models.length === 0) {
+        console.log("No inference models found.");
+        return;
+      }
+      printTable(
+        ["ID", "Canonical", "Provider", "Provider Slug"],
+        models.map((item) => [item.id, item.canonical_model_id, item.provider, item.provider_model_slug])
+      );
+      return;
+    }
+    case "model": {
+      const action = positionals[0];
+      if (action !== "add") throw new Error("Usage: eve ollama model add --canonical <id> --provider <name> --slug <provider-model-slug>");
+      const created = await requestJson(context2, "/inference/models", {
+        method: "POST",
+        body: {
+          canonical_model_id: requireString(flags, "canonical"),
+          provider: requireString(flags, "provider"),
+          provider_model_slug: requireString(flags, "slug")
+        }
+      });
+      outputJson(created, json);
+      if (!json) console.log(`Model available as ${created.id}`);
+      return;
+    }
+    case "aliases": {
+      const scopeKind = asString(flags, "scope-kind");
+      const scopeId = asString(flags, "scope-id");
+      const query = new URLSearchParams();
+      if (scopeKind) query.set("scope_kind", scopeKind);
+      if (scopeId) query.set("scope_id", scopeId);
+      const suffix = query.toString() ? `?${query.toString()}` : "";
+      const aliases = await requestJson(context2, `/inference/aliases${suffix}`);
+      if (json) {
+        outputJson(aliases, json);
+        return;
+      }
+      if (aliases.length === 0) {
+        console.log("No inference aliases found.");
+        return;
+      }
+      printTable(
+        ["Alias", "Scope", "Target ID", "Model ID"],
+        aliases.map((item) => [
+          item.alias,
+          item.scope_id ? `${item.scope_kind}:${item.scope_id}` : item.scope_kind,
+          item.target_id,
+          item.model_id
+        ])
+      );
+      return;
+    }
+    case "alias": {
+      const action = positionals[0];
+      if (action === "set") {
+        const alias = requireString(flags, "alias");
+        const targetId = requireString(flags, "target-id");
+        const modelId = requireString(flags, "model-id");
+        const scopeKind = asString(flags, "scope-kind") ?? "platform";
+        const scopeId = asString(flags, "scope-id");
+        const body = {
+          alias,
+          target_id: targetId,
+          model_id: modelId,
+          scope_kind: scopeKind
+        };
+        if (scopeId) body.scope_id = scopeId;
+        const saved = await requestJson(context2, "/inference/aliases", {
+          method: "POST",
+          body
+        });
+        outputJson(saved, json);
+        if (!json) console.log(`Alias ${alias} saved`);
+        return;
+      }
+      if (action === "rm") {
+        const scopeKind = asString(flags, "scope-kind") ?? "platform";
+        const alias = requireString(flags, "alias");
+        const scopeId = asString(flags, "scope-id");
+        const query = new URLSearchParams();
+        if (scopeId) query.set("scope_id", scopeId);
+        const suffix = query.toString() ? `?${query.toString()}` : "";
+        await requestJson(context2, `/inference/aliases/${scopeKind}/${alias}${suffix}`, {
+          method: "DELETE"
+        });
+        if (!json) console.log(`Alias ${alias} deleted`);
+        return;
+      }
+      throw new Error("Usage: eve ollama alias <set|rm> ...");
+    }
+    case "installs": {
+      const targetId = asString(flags, "target-id");
+      const modelId = asString(flags, "model-id");
+      const query = new URLSearchParams();
+      if (targetId) query.set("target_id", targetId);
+      if (modelId) query.set("model_id", modelId);
+      const suffix = query.toString() ? `?${query.toString()}` : "";
+      const installs = await requestJson(context2, `/inference/installs${suffix}`);
+      if (json) {
+        outputJson(installs, json);
+        return;
+      }
+      if (installs.length === 0) {
+        console.log("No inference installs found.");
+        return;
+      }
+      printTable(
+        ["ID", "Target ID", "Model ID", "Warm Start", "Min Capacity"],
+        installs.map((item) => [
+          item.id,
+          item.target_id,
+          item.model_id,
+          item.requires_warm_start ? "yes" : "no",
+          String(item.min_target_capacity)
+        ])
+      );
+      return;
+    }
+    case "assignments": {
+      const scopeKind = asString(flags, "scope-kind");
+      const scopeId = asString(flags, "scope-id");
+      const query = new URLSearchParams();
+      if (scopeKind) query.set("scope_kind", scopeKind);
+      if (scopeId) query.set("scope_id", scopeId);
+      const suffix = query.toString() ? `?${query.toString()}` : "";
+      const assignments = await requestJson(context2, `/inference/assignments${suffix}`);
+      if (json) {
+        outputJson(assignments, json);
+        return;
+      }
+      if (assignments.length === 0) {
+        console.log("No inference assignments found.");
+        return;
+      }
+      printTable(
+        ["Target", "Scope", "Inflight", "Queue", "Max Inflight", "Status"],
+        assignments.map((item) => [
+          item.target_name,
+          item.scope_id ? `${item.scope_kind}:${item.scope_id}` : item.scope_kind,
+          String(item.inflight),
+          String(item.queue_depth),
+          String(item.max_concurrent_inflight),
+          item.status
+        ])
+      );
+      return;
+    }
+    case "route-policies": {
+      const scopeKind = asString(flags, "scope-kind");
+      const scopeId = asString(flags, "scope-id");
+      const query = new URLSearchParams();
+      if (scopeKind) query.set("scope_kind", scopeKind);
+      if (scopeId) query.set("scope_id", scopeId);
+      const suffix = query.toString() ? `?${query.toString()}` : "";
+      const policies = await requestJson(context2, `/inference/route-policies${suffix}`);
+      if (json) {
+        outputJson(policies, json);
+        return;
+      }
+      if (policies.length === 0) {
+        console.log("No inference route policies found.");
+        return;
+      }
+      printTable(
+        ["Scope", "Preferred Target", "Fallback"],
+        policies.map((item) => [
+          item.scope_id ? `${item.scope_kind}:${item.scope_id}` : item.scope_kind,
+          item.preferred_target_id,
+          item.fallback_to_alias_target ? "yes" : "no"
+        ])
+      );
+      return;
+    }
+    case "route-policy": {
+      const action = positionals[0];
+      if (action === "set") {
+        const scopeKind = asString(flags, "scope-kind") ?? "platform";
+        const scopeId = asString(flags, "scope-id");
+        const preferredTargetId = requireString(flags, "preferred-target-id");
+        const fallback = asString(flags, "fallback-to-alias-target");
+        const body = {
+          scope_kind: scopeKind,
+          preferred_target_id: preferredTargetId
+        };
+        if (scopeId) body.scope_id = scopeId;
+        if (fallback !== void 0) body.fallback_to_alias_target = fallback === "true" || fallback === "1";
+        const saved = await requestJson(context2, "/inference/route-policies", {
+          method: "POST",
+          body
+        });
+        outputJson(saved, json);
+        if (!json) console.log("Route policy saved");
+        return;
+      }
+      if (action === "rm") {
+        const scopeKind = asString(flags, "scope-kind") ?? "platform";
+        const scopeId = asString(flags, "scope-id");
+        const query = new URLSearchParams();
+        if (scopeId) query.set("scope_id", scopeId);
+        const suffix = query.toString() ? `?${query.toString()}` : "";
+        await requestJson(context2, `/inference/route-policies/${scopeKind}${suffix}`, {
+          method: "DELETE"
+        });
+        if (!json) console.log("Route policy deleted");
+        return;
+      }
+      throw new Error("Usage: eve ollama route-policy <set|rm> [options]");
+    }
+    case "install": {
+      const action = positionals[0];
+      if (action === "add") {
+        const targetId = requireString(flags, "target-id");
+        const modelId = requireString(flags, "model-id");
+        const body = {};
+        const requiresWarmStart = asString(flags, "requires-warm-start");
+        if (requiresWarmStart !== void 0) {
+          body.requires_warm_start = requiresWarmStart === "true" || requiresWarmStart === "1";
+        }
+        const minTargetCapacity = asString(flags, "min-target-capacity");
+        if (minTargetCapacity) {
+          body.min_target_capacity = Number(minTargetCapacity);
+        }
+        const saved = await requestJson(context2, `/inference/targets/${targetId}/models/${modelId}`, {
+          method: "POST",
+          body
+        });
+        outputJson(saved, json);
+        if (!json) console.log(`Installed model ${modelId} on target ${targetId}`);
+        return;
+      }
+      if (action === "rm") {
+        const targetId = requireString(flags, "target-id");
+        const modelId = requireString(flags, "model-id");
+        await requestJson(context2, `/inference/targets/${targetId}/models/${modelId}`, {
+          method: "DELETE"
+        });
+        if (!json) console.log(`Removed model ${modelId} from target ${targetId}`);
+        return;
+      }
+      throw new Error("Usage: eve ollama install <add|rm> --target-id <id> --model-id <id>");
+    }
+    default:
+      throw new Error("Usage: eve ollama <targets|target|models|model|aliases|alias|installs|install|assignments|route-policies|route-policy>");
+  }
+}
+
 // src/index.ts
 async function main() {
   const { flags, positionals } = parseArgs(process.argv.slice(2));
@@ -72433,6 +73340,9 @@ async function main() {
     case "analytics":
       await handleAnalytics(subcommand, rest, flags, context2);
       return;
+    case "ollama":
+      await handleOllama(subcommand, rest, flags, context2);
+      return;
     default:
       showMainHelp();
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@eve-horizon/cli",
-  "version": "0.2.19",
+  "version": "0.2.20",
   "description": "Eve Horizon CLI",
   "license": "MIT",
   "repository": {