@factiii/stack 0.1.2

package/dist/plugins/pipelines/factiii/github-secrets-store.js

@@ -0,0 +1,221 @@
+"use strict";
+/**
+ * GitHub Secrets Store
+ *
+ * Utility for managing GitHub repository secrets via the GitHub API.
+ * Used by the pipeline plugin and secrets CLI command.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GitHubSecretsStore = void 0;
+const child_process_1 = require("child_process");
+const https = __importStar(require("https"));
+class GitHubSecretsStore {
+    token;
+    owner;
+    repo;
+    constructor(config = {}) {
+        this.token = config.token ?? process.env.GITHUB_TOKEN;
+        this.owner = config.owner;
+        this.repo = config.repo;
+        // Auto-detect from git if not provided
+        if (!this.owner || !this.repo) {
+            const repoInfo = GitHubSecretsStore.getRepoInfo();
+            if (repoInfo) {
+                this.owner = this.owner ?? repoInfo.owner;
+                this.repo = this.repo ?? repoInfo.repo;
+            }
+        }
+    }
+    /**
+     * Get repository info from git remote
+     */
+    static getRepoInfo() {
+        try {
+            const remote = (0, child_process_1.execSync)('git config --get remote.origin.url', {
+                encoding: 'utf8',
+                stdio: ['pipe', 'pipe', 'ignore'],
+            }).trim();
+            // Parse GitHub URL (supports both HTTPS and SSH)
+            const match = remote.match(/github\.com[:/]([^/]+)\/(.+?)(\.git)?$/);
+            if (match && match[1] && match[2]) {
+                return {
+                    owner: match[1],
+                    repo: match[2],
+                };
+            }
+            return null;
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Make GitHub API request
+     */
+    async request(method, urlPath, body = null) {
+        return new Promise((resolve, reject) => {
+            const options = {
+                hostname: 'api.github.com',
+                port: 443,
+                path: urlPath,
+                method: method,
+                headers: {
+                    Authorization: `Bearer ${this.token}`,
+                    'User-Agent': 'factiii-stack',
+                    Accept: 'application/vnd.github+json',
+                    'X-GitHub-Api-Version': '2022-11-28',
+                },
+            };
+            if (body) {
+                const bodyStr = JSON.stringify(body);
+                options.headers['Content-Type'] = 'application/json';
+                options.headers['Content-Length'] =
+                    Buffer.byteLength(bodyStr).toString();
+            }
+            const req = https.request(options, (res) => {
+                let data = '';
+                res.on('data', (chunk) => {
+                    data += chunk.toString();
+                });
+                res.on('end', () => {
+                    if (res.statusCode && res.statusCode >= 200 && res.statusCode < 300) {
+                        try {
+                            resolve(data ? JSON.parse(data) : {});
+                        }
+                        catch {
+                            resolve({ raw: data });
+                        }
+                    }
+                    else {
+                        reject(new Error(`GitHub API error: ${res.statusCode} ${data}`));
+                    }
+                });
+            });
+            req.on('error', reject);
+            if (body) {
+                req.write(JSON.stringify(body));
+            }
+            req.end();
+        });
+    }
+    /**
+     * Get repository public key for encrypting secrets
+     */
+    async getPublicKey() {
+        const urlPath = `/repos/${this.owner}/${this.repo}/actions/secrets/public-key`;
+        return await this.request('GET', urlPath);
+    }
+    /**
+     * Encrypt a secret value using the repository's public key
+     */
+    encryptSecret(value, _publicKey) {
+        // Convert the public key from base64
+        // Note: This uses Node's crypto which may not be 100% compatible with libsodium
+        // For production, consider using the @octokit/core library with proper libsodium
+        // For now, return base64 encoded value (GitHub API will handle encryption)
+        return Buffer.from(value).toString('base64');
+    }
+    /**
+     * Set a secret in the repository
+     */
+    async setSecret(name, value) {
+        try {
+            // Get public key
+            const { key, key_id } = await this.getPublicKey();
+            // Encrypt the value
+            const encrypted = this.encryptSecret(value, key);
+            // Set the secret
+            const urlPath = `/repos/${this.owner}/${this.repo}/actions/secrets/${name}`;
+            await this.request('PUT', urlPath, {
+                encrypted_value: encrypted,
+                key_id: key_id,
+            });
+            return { success: true };
+        }
+        catch (error) {
+            return {
+                success: false,
+                error: error instanceof Error ? error.message : String(error),
+            };
+        }
+    }
+    /**
+     * Check which secrets exist
+     */
+    async checkSecrets(secretNames) {
+        try {
+            const urlPath = `/repos/${this.owner}/${this.repo}/actions/secrets`;
+            const response = await this.request('GET', urlPath);
+            const existing = new Set(response.secrets?.map((s) => s.name) ?? []);
+            const status = {};
+            const missing = [];
+            for (const name of secretNames) {
+                status[name] = existing.has(name);
+                if (!existing.has(name)) {
+                    missing.push(name);
+                }
+            }
+            return {
+                existing: Array.from(existing),
+                status,
+                missing,
+            };
+        }
+        catch (error) {
+            return {
+                error: error instanceof Error ? error.message : String(error),
+            };
+        }
+    }
+    /**
+     * Delete a secret
+     */
+    async deleteSecret(name) {
+        try {
+            const urlPath = `/repos/${this.owner}/${this.repo}/actions/secrets/${name}`;
+            await this.request('DELETE', urlPath);
+            return { success: true };
+        }
+        catch (error) {
+            return {
+                success: false,
+                error: error instanceof Error ? error.message : String(error),
+            };
+        }
+    }
+}
+exports.GitHubSecretsStore = GitHubSecretsStore;
+//# sourceMappingURL=github-secrets-store.js.map

package/dist/plugins/pipelines/factiii/github-secrets-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"github-secrets-store.js","sourceRoot":"","sources":["../../../../src/plugins/pipelines/factiii/github-secrets-store.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,iDAAyC;AACzC,6CAA+B;AAkC/B,MAAa,kBAAkB;IACrB,KAAK,CAAU;IACf,KAAK,CAAU;IACf,IAAI,CAAU;IAEtB,YAAY,SAAmC,EAAE;QAC/C,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC;QACtD,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAC1B,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QAExB,uCAAuC;QACvC,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YAC9B,MAAM,QAAQ,GAAG,kBAAkB,CAAC,WAAW,EAAE,CAAC;YAClD,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,QAAQ,CAAC,KAAK,CAAC;gBAC1C,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,CAAC;YACzC,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,WAAW;QAChB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,oCAAoC,EAAE;gBAC5D,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC;aAClC,CAAC,CAAC,IAAI,EAAE,CAAC;YAEV,iDAAiD;YACjD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;YAErE,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClC,OAAO;oBACL,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;oBACf,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;iBACf,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,OAAO,CACnB,MAAc,EACd,OAAe,EACf,OAAuC,IAAI;QAE3C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,OAAO,GAAyB;gBACpC,QAAQ,EAAE,gBAAgB;gBAC1B,IAAI,EAAE,GAAG;gBACT,IAAI,EAAE,OAAO;gBACb,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,aAAa,EAAE,UAAU,IAAI,CAAC,KAAK,EAAE;oBACrC,YAAY,EAAE,eAAe;oBAC7B,MAAM,EAAE,6BAA6B;oBACrC,sBAAsB,EAAE,YAAY;iBACrC;aACF,CAAC;YAEF,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;gBACpC,OAAO,CAAC,OAAkC,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;gBAChF,OAAO,CAAC,OAAkC,CAAC,gBAAgB,CAAC;oBAC3D,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,CAAC;YAC1C,CAAC;YAED,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACzC,IAAI,IAAI,GAAG,EAAE,CAAC;gBAEd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;oBAC/B,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBAC3B,CAAC,CAAC,CAAC;gBAEH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;oBACjB,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,IAAI,GAAG,CAAC,UAAU,GAAG,GAAG,EAAE,CAAC;wBACpE,IAAI,CAAC;4BACH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAO,CAAC,CAAC,CAAE,EAAQ,CAAC,CAAC;wBACtD,CAAC;wBAAC,MAAM,CAAC;4BACP,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,EAAO,CAAC,CAAC;wBAC9B,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,MAAM,CAAC,IAAI,KAAK,CAAC,qBAAqB,GAAG,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC,CAAC,CAAC;oBACnE,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAExB,IAAI,IAAI,EAAE,CAAC;gBACT,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;YAClC,CAAC;YAED,GAAG,CAAC,GAAG,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY;QAChB,MAAM,OAAO,GAAG,UAAU,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,IAAI,6BAA6B,CAAC;QAC/E,OAAO,MAAM,IAAI,CAAC,OAAO,CAAoB,KAAK,EAAE,OAAO,CAAC,CAAC;IAC/D,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,KAAa,EAAE,UAAkB;QAC7C,qCAAqC;QACrC,gFAAgF;QAChF,iFAAiF;QACjF,2EAA2E;QAC3E,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CAAC,IAAY,EAAE,KAAa;QACzC,IAAI,CAAC;YACH,iBAAiB;YACjB,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;YAElD,oBAAoB;YACpB,MAAM,SAAS,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAEjD,iBAAiB;YACjB,MAAM,OAAO,GAAG,UAAU,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,IAAI,oBAAoB,IAAI,EAAE,CAAC;YAC5E,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,EAAE;gBACjC,eAAe,EAAE,SAAS;gBAC1B,MAAM,EAAE,MAAM;aACf,CAAC,CAAC;YAEH,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,WAAqB;QACtC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,UAAU,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,IAAI,kBAAkB,CAAC;YACpE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAsB,KAAK,EAAE,OAAO,CAAC,CAAC;YAEzE,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YAErE,MAAM,MAAM,GAA4B,EAAE,CAAC;YAC3C,MAAM,OAAO,GAAa,EAAE,CAAC;YAE7B,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;gBAC/B,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAClC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBACxB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC;YAED,OAAO;gBACL,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAC9B,MAAM;gBACN,OAAO;aACR,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,IAAY;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,UAAU,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,IAAI,oBAAoB,IAAI,EAAE,CAAC;YAC5E,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACtC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AAtMD,gDAsMC"}

package/dist/plugins/pipelines/factiii/index.d.ts

@@ -0,0 +1,195 @@
+/**
+ * Factiii Pipeline Plugin
+ *
+ * The default pipeline plugin for Factiii Stack.
+ * Uses GitHub Actions for CI/CD with thin workflows that SSH to servers
+ * and call the Factiii CLI to do the actual work.
+ *
+ * ============================================================
+ * PLUGIN STRUCTURE STANDARD
+ * ============================================================
+ *
+ * This plugin follows a standardized structure for clarity and maintainability:
+ *
+ * **scanfix/** - Scan/fix operations organized by concern
+ *   - Each file exports an array of Fix[] objects
+ *   - Files group related fixes together (config, github-cli, workflows, secrets)
+ *   - All fixes are combined in the main plugin class
+ *
+ * **utils/** - Utility methods
+ *   - detection.ts - Config detection methods (package manager, Node.js version, etc.)
+ *   - workflows.ts - Workflow generation and triggering
+ *
+ * **index.ts** - Main plugin class
+ *   - Static metadata (id, name, category, version)
+ *   - shouldLoad() - Determines if plugin should load
+ *   - canReach() - Determines how to reach each stage (critical routing method)
+ *   - Imports and combines all scanfix arrays
+ *   - Imports and uses utility methods
+ *   - Core pipeline logic: deployStage(), runLocalDeploy()
+ *   - Maintains public API compatibility
+ *
+ * **Key Differences from Server Plugins:**
+ *   - Environment-specific files (staging.ts, prod.ts) are in plugin root - standard pattern
+ *   - Core routing logic stays in index.ts - canReach() and deployStage() are the main entry points
+ *   - Utils folder for static helpers - Detection and workflow generation are utilities, not core logic
+ *   - scanfix organized by concern, not environment - Fixes are grouped by what they check (config, workflows, secrets)
+ *
+ * **When each scanfix file is used:**
+ *   - config.ts: When checking/generating factiii.yml
+ *   - github-cli.ts: When checking GitHub CLI installation (dev)
+ *   - workflows.ts: When checking/generating GitHub workflows (dev)
+ *   - secrets.ts: When checking GitHub Secrets (secrets stage)
+ * ============================================================
+ */
+import type { FactiiiConfig, Stage, Reachability, Fix, DeployResult, DeployOptions, EnvironmentConfig, PluginCommand } from '../../../types/index.js';
+import * as detectionUtils from './utils/detection.js';
+declare class FactiiiPipeline {
+    static readonly id = "factiii";
+    static readonly name = "Factiii Pipeline";
+    static readonly category: 'pipeline';
+    static readonly version = "1.0.0";
+    static readonly requiredEnvVars: string[];
+    static readonly configSchema: Record<string, unknown>;
+    static readonly autoConfigSchema: Record<string, string>;
+    /**
+     * Determine if this plugin should be loaded for this project
+     * Pipeline plugin always loads - it's the default CI/CD system
+     */
+    static shouldLoad(_rootDir: string, _config: FactiiiConfig): Promise<boolean>;
+    /**
+     * Whether this environment requires the full repo cloned on the server
+     */
+    static requiresFullRepo(environment: string): boolean;
+    /**
+     * Check if this pipeline can reach a specific stage
+     *
+     * ============================================================
+     * PIPELINE AUTHORS: This method controls stage reachability
+     * ============================================================
+     *
+     * Return values:
+     *   { reachable: true, via: 'local' } - Run fixes on this machine
+     *   { reachable: true, via: 'ssh' } - SSH directly to the server
+     *   { reachable: true, via: 'workflow' } - Trigger workflow to run fixes
+     *   { reachable: false, reason: '...' } - Cannot reach, show error
+     *
+     * For the Factiii pipeline:
+     *   - dev: always local
+     *   - secrets: needs vault password
+     *   - staging/prod:
+     *       - If GITHUB_ACTIONS=true → local (we're on the server)
+     *       - If SSH key exists → ssh (direct SSH from dev machine)
+     *       - If GITHUB_TOKEN → workflow (fallback to GitHub Actions)
+     *       - Otherwise → not reachable
+     *
+     * CRITICAL: When SSHing to a server, the command MUST include
+     *   --staging or --prod to prevent infinite loops.
+     * ============================================================
+     */
+    static canReach(stage: Stage, config: FactiiiConfig): Reachability;
+    static readonly fixes: Fix[];
+    /**
+     * Get the env file for a stage
+     * - dev: .env
+     * - staging: .env.staging
+     * - prod: .env.prod
+     */
+    static getEnvFile(stage: Stage): string;
+    /**
+     * Load environment variables from a file
+     */
+    static loadEnvFile(rootDir: string, envFile: string): Record<string, string>;
+    /**
+     * Find the directory containing Prisma (for db commands)
+     * Checks common monorepo locations
+     */
+    static findDbDir(rootDir: string): string;
+    /**
+     * Run a database command - uses docker exec for staging/prod
+     * @param command - The command to run (e.g., 'prisma migrate status' or 'pnpm db:seed')
+     * @param useNpx - Whether to prefix with npx (false for pnpm commands)
+     */
+    static runDbCommand(command: string, stage: Stage, config: FactiiiConfig, rootDir: string, useNpx?: boolean): void;
+    static readonly commands: PluginCommand[];
+    /**
+     * Auto-detect pipeline configuration
+     */
+    static detectConfig(rootDir: string): Promise<detectionUtils.DetectedConfig>;
+    /**
+     * Detect package manager
+     */
+    static detectPackageManager(rootDir: string): string;
+    /**
+     * Detect Node.js version from package.json
+     */
+    static detectNodeVersion(rootDir: string): string | null;
+    /**
+     * Detect pnpm version from package.json
+     */
+    static detectPnpmVersion(rootDir: string): string | null;
+    /**
+     * Find Dockerfile
+     */
+    static findDockerfile(rootDir: string): string | null;
+    /**
+     * Generate GitHub workflow files in the target repository
+     */
+    static generateWorkflows(rootDir: string): Promise<void>;
+    /**
+     * Build staging Docker image (linux/arm64) on staging server
+     */
+    static buildStagingImage(config: FactiiiConfig, envConfig: EnvironmentConfig): Promise<DeployResult>;
+    /**
+     * Build production Docker image (linux/amd64) on staging server and push to ECR
+     */
+    static buildProductionImage(config: FactiiiConfig, stagingConfig: EnvironmentConfig): Promise<DeployResult>;
+    /**
+     * Trigger a GitHub Actions workflow
+     */
+    static triggerWorkflow(workflowName: string, inputs?: Record<string, string>): Promise<void>;
+    private _config;
+    constructor(config: FactiiiConfig);
+    /**
+     * Deploy to a stage - handles routing based on canReach()
+     *
+     * This is the main entry point for deployments. Checks canReach() to determine:
+     * - 'local': Execute deployment directly (dev stage, or when running on server)
+     * - 'workflow': Trigger GitHub Actions workflow
+     * - Not reachable: Return error with reason
+     */
+    deployStage(stage: Stage, options?: DeployOptions): Promise<DeployResult>;
+    /**
+     * Scan a stage - handles routing based on canReach()
+     *
+     * Returns { handled: true } if pipeline ran scan remotely.
+     * Returns { handled: false } if caller should run scan locally.
+     */
+    scanStage(stage: Stage, _options?: Record<string, unknown>): Promise<{
+        handled: boolean;
+    }>;
+    /**
+     * Fix a stage - handles routing based on canReach()
+     *
+     * Returns { handled: true } if pipeline ran fix remotely.
+     * Returns { handled: false } if caller should run fix locally.
+     */
+    fixStage(stage: Stage, _options?: Record<string, unknown>): Promise<{
+        handled: boolean;
+    }>;
+    /**
+     * Run deployment locally by delegating to server plugin
+     */
+    private runLocalDeploy;
+    /**
+     * Deploy to an environment
+     * @deprecated Use deployStage() which handles routing based on canReach()
+     */
+    deploy(_config: FactiiiConfig, environment: string): Promise<DeployResult>;
+    /**
+     * Undeploy from an environment
+     */
+    undeploy(_config: FactiiiConfig, environment: string): Promise<DeployResult>;
+}
+export default FactiiiPipeline;
+//# sourceMappingURL=index.d.ts.map

package/dist/plugins/pipelines/factiii/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/plugins/pipelines/factiii/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2CG;AAKH,OAAO,KAAK,EACV,aAAa,EACb,KAAK,EACL,YAAY,EACZ,GAAG,EACH,YAAY,EACZ,aAAa,EACb,iBAAiB,EACjB,aAAa,EAEd,MAAM,yBAAyB,CAAC;AAajC,OAAO,KAAK,cAAc,MAAM,sBAAsB,CAAC;AAKvD,cAAM,eAAe;IAKnB,MAAM,CAAC,QAAQ,CAAC,EAAE,aAAa;IAC/B,MAAM,CAAC,QAAQ,CAAC,IAAI,sBAAsB;IAC1C,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,UAAU,CAAc;IAClD,MAAM,CAAC,QAAQ,CAAC,OAAO,WAAW;IAGlC,MAAM,CAAC,QAAQ,CAAC,eAAe,EAAE,MAAM,EAAE,CAAM;IAG/C,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEnD;IAGF,MAAM,CAAC,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAKtD;IAEF;;;OAGG;WACU,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAInF;;OAEG;IACH,MAAM,CAAC,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO;IAMrD;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACH,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,GAAG,YAAY;IA6ElE,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,GAAG,EAAE,CAK1B;IAMF;;;;;OAKG;IACH,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,KAAK,GAAG,MAAM;IAKvC;;OAEG;IACH,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAsB5E;;;OAGG;IACH,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IAuBzC;;;;OAIG;IACH,MAAM,CAAC,YAAY,CACjB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,aAAa,EACrB,OAAO,EAAE,MAAM,EACf,MAAM,GAAE,OAAc,GACrB,IAAI;IA4BP,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,aAAa,EAAE,CAmRvC;IAMF;;OAEG;WACU,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,cAAc,CAAC;IAIlF;;OAEG;IACH,MAAM,CAAC,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IAIpD;;OAEG;IACH,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAIxD;;OAEG;IACH,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAIxD;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAIrD;;OAEG;WACU,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9D;;OAEG;WACU,iBAAiB,CAC5B,MAAM,EAAE,aAAa,EACrB,SAAS,EAAE,iBAAiB,GAC3B,OAAO,CAAC,YAAY,CAAC;IAIxB;;OAEG;WACU,oBAAoB,CAC/B,MAAM,EAAE,aAAa,EACrB,aAAa,EAAE,iBAAiB,GAC/B,OAAO,CAAC,YAAY,CAAC;IAIxB;;OAEG;WACU,eAAe,CAC1B,YAAY,EAAE,MAAM,EACpB,MAAM,GAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAM,GAClC,OAAO,CAAC,IAAI,CAAC;IAQhB,OAAO,CAAC,OAAO,CAAgB;gBAEnB,MAAM,EAAE,aAAa;IAIjC;;;;;;;OAOG;IACG,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,GAAE,aAAkB,GAAG,OAAO,CAAC,YAAY,CAAC;IA0DnF;;;;;OAKG;IACG,SAAS,CAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,GAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAmCpG;;;;;OAKG;IACG,QAAQ,CAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,GAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAmCnG;;OAEG;YACW,cAAc;IAkF5B;;;OAGG;IACG,MAAM,CAAC,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAKhF;;OAEG;IACG,QAAQ,CAAC,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;CAInF;AAED,eAAe,eAAe,CAAC"}