npm - @factiii/stack - Versions diffs - 0.1.2 - Mend

@factiii/stack 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (400) hide show

package/README.md +420 -0
package/bin/factiii +229 -0
package/dist/cli/check-config.d.ts +9 -0
package/dist/cli/check-config.d.ts.map +1 -0
package/dist/cli/check-config.js +19 -0
package/dist/cli/check-config.js.map +1 -0
package/dist/cli/deploy-secrets.d.ts +16 -0
package/dist/cli/deploy-secrets.d.ts.map +1 -0
package/dist/cli/deploy-secrets.js +227 -0
package/dist/cli/deploy-secrets.js.map +1 -0
package/dist/cli/deploy.d.ts +30 -0
package/dist/cli/deploy.d.ts.map +1 -0
package/dist/cli/deploy.js +306 -0
package/dist/cli/deploy.js.map +1 -0
package/dist/cli/deployer.d.ts +13 -0
package/dist/cli/deployer.d.ts.map +1 -0
package/dist/cli/deployer.js +21 -0
package/dist/cli/deployer.js.map +1 -0
package/dist/cli/dev-sync.d.ts +30 -0
package/dist/cli/dev-sync.d.ts.map +1 -0
package/dist/cli/dev-sync.js +500 -0
package/dist/cli/dev-sync.js.map +1 -0
package/dist/cli/execute-plugin-command.d.ts +25 -0
package/dist/cli/execute-plugin-command.d.ts.map +1 -0
package/dist/cli/execute-plugin-command.js +237 -0
package/dist/cli/execute-plugin-command.js.map +1 -0
package/dist/cli/fix.d.ts +22 -0
package/dist/cli/fix.d.ts.map +1 -0
package/dist/cli/fix.js +267 -0
package/dist/cli/fix.js.map +1 -0
package/dist/cli/index.d.ts +17 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +31 -0
package/dist/cli/index.js.map +1 -0
package/dist/cli/init.d.ts +9 -0
package/dist/cli/init.d.ts.map +1 -0
package/dist/cli/init.js +190 -0
package/dist/cli/init.js.map +1 -0
package/dist/cli/plugin-commands.d.ts +22 -0
package/dist/cli/plugin-commands.d.ts.map +1 -0
package/dist/cli/plugin-commands.js +121 -0
package/dist/cli/plugin-commands.js.map +1 -0
package/dist/cli/scan.d.ts +66 -0
package/dist/cli/scan.d.ts.map +1 -0
package/dist/cli/scan.js +511 -0
package/dist/cli/scan.js.map +1 -0
package/dist/cli/secrets.d.ts +19 -0
package/dist/cli/secrets.d.ts.map +1 -0
package/dist/cli/secrets.js +318 -0
package/dist/cli/secrets.js.map +1 -0
package/dist/cli/undeploy.d.ts +9 -0
package/dist/cli/undeploy.d.ts.map +1 -0
package/dist/cli/undeploy.js +95 -0
package/dist/cli/undeploy.js.map +1 -0
package/dist/cli/upgrade.d.ts +9 -0
package/dist/cli/upgrade.d.ts.map +1 -0
package/dist/cli/upgrade.js +24 -0
package/dist/cli/upgrade.js.map +1 -0
package/dist/cli/validate.d.ts +9 -0
package/dist/cli/validate.d.ts.map +1 -0
package/dist/cli/validate.js +20 -0
package/dist/cli/validate.js.map +1 -0
package/dist/generators/generate-factiii-auto.d.ts +31 -0
package/dist/generators/generate-factiii-auto.d.ts.map +1 -0
package/dist/generators/generate-factiii-auto.js +251 -0
package/dist/generators/generate-factiii-auto.js.map +1 -0
package/dist/generators/generate-factiii-yml.d.ts +23 -0
package/dist/generators/generate-factiii-yml.d.ts.map +1 -0
package/dist/generators/generate-factiii-yml.js +228 -0
package/dist/generators/generate-factiii-yml.js.map +1 -0
package/dist/generators/index.d.ts +8 -0
package/dist/generators/index.d.ts.map +1 -0
package/dist/generators/index.js +14 -0
package/dist/generators/index.js.map +1 -0
package/dist/index.d.ts +39 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +90 -0
package/dist/index.js.map +1 -0
package/dist/plugins/addons/server-mode/index.d.ts +57 -0
package/dist/plugins/addons/server-mode/index.d.ts.map +1 -0
package/dist/plugins/addons/server-mode/index.js +136 -0
package/dist/plugins/addons/server-mode/index.js.map +1 -0
package/dist/plugins/addons/server-mode/scanfix/mac.d.ts +17 -0
package/dist/plugins/addons/server-mode/scanfix/mac.d.ts.map +1 -0
package/dist/plugins/addons/server-mode/scanfix/mac.js +461 -0
package/dist/plugins/addons/server-mode/scanfix/mac.js.map +1 -0
package/dist/plugins/addons/server-mode/scanfix/ubuntu.d.ts +12 -0
package/dist/plugins/addons/server-mode/scanfix/ubuntu.d.ts.map +1 -0
package/dist/plugins/addons/server-mode/scanfix/ubuntu.js +246 -0
package/dist/plugins/addons/server-mode/scanfix/ubuntu.js.map +1 -0
package/dist/plugins/addons/server-mode/scanfix/windows.d.ts +14 -0
package/dist/plugins/addons/server-mode/scanfix/windows.d.ts.map +1 -0
package/dist/plugins/addons/server-mode/scanfix/windows.js +113 -0
package/dist/plugins/addons/server-mode/scanfix/windows.js.map +1 -0
package/dist/plugins/approved.json +13 -0
package/dist/plugins/frameworks/prisma-trpc/index.d.ts +65 -0
package/dist/plugins/frameworks/prisma-trpc/index.d.ts.map +1 -0
package/dist/plugins/frameworks/prisma-trpc/index.js +668 -0
package/dist/plugins/frameworks/prisma-trpc/index.js.map +1 -0
package/dist/plugins/index.d.ts +101 -0
package/dist/plugins/index.d.ts.map +1 -0
package/dist/plugins/index.js +411 -0
package/dist/plugins/index.js.map +1 -0
package/dist/plugins/interfaces/addon.d.ts +43 -0
package/dist/plugins/interfaces/addon.d.ts.map +1 -0
package/dist/plugins/interfaces/addon.js +53 -0
package/dist/plugins/interfaces/addon.js.map +1 -0
package/dist/plugins/interfaces/framework.d.ts +43 -0
package/dist/plugins/interfaces/framework.d.ts.map +1 -0
package/dist/plugins/interfaces/framework.js +53 -0
package/dist/plugins/interfaces/framework.js.map +1 -0
package/dist/plugins/interfaces/index.d.ts +10 -0
package/dist/plugins/interfaces/index.d.ts.map +1 -0
package/dist/plugins/interfaces/index.js +17 -0
package/dist/plugins/interfaces/index.js.map +1 -0
package/dist/plugins/interfaces/pipeline.d.ts +78 -0
package/dist/plugins/interfaces/pipeline.d.ts.map +1 -0
package/dist/plugins/interfaces/pipeline.js +82 -0
package/dist/plugins/interfaces/pipeline.js.map +1 -0
package/dist/plugins/interfaces/server.d.ts +65 -0
package/dist/plugins/interfaces/server.d.ts.map +1 -0
package/dist/plugins/interfaces/server.js +72 -0
package/dist/plugins/interfaces/server.js.map +1 -0
package/dist/plugins/pipelines/aws/configs/ec2.d.ts +9 -0
package/dist/plugins/pipelines/aws/configs/ec2.d.ts.map +1 -0
package/dist/plugins/pipelines/aws/configs/ec2.js +34 -0
package/dist/plugins/pipelines/aws/configs/ec2.js.map +1 -0
package/dist/plugins/pipelines/aws/configs/free-tier.d.ts +13 -0
package/dist/plugins/pipelines/aws/configs/free-tier.d.ts.map +1 -0
package/dist/plugins/pipelines/aws/configs/free-tier.js +86 -0
package/dist/plugins/pipelines/aws/configs/free-tier.js.map +1 -0
package/dist/plugins/pipelines/aws/configs/index.d.ts +14 -0
package/dist/plugins/pipelines/aws/configs/index.d.ts.map +1 -0
package/dist/plugins/pipelines/aws/configs/index.js +21 -0
package/dist/plugins/pipelines/aws/configs/index.js.map +1 -0
package/dist/plugins/pipelines/aws/configs/types.d.ts +36 -0
package/dist/plugins/pipelines/aws/configs/types.d.ts.map +1 -0
package/dist/plugins/pipelines/aws/configs/types.js +9 -0
package/dist/plugins/pipelines/aws/configs/types.js.map +1 -0
package/dist/plugins/pipelines/aws/dev.d.ts +10 -0
package/dist/plugins/pipelines/aws/dev.d.ts.map +1 -0
package/dist/plugins/pipelines/aws/dev.js +70 -0
package/dist/plugins/pipelines/aws/dev.js.map +1 -0
package/dist/plugins/pipelines/aws/index.d.ts +118 -0
package/dist/plugins/pipelines/aws/index.d.ts.map +1 -0
package/dist/plugins/pipelines/aws/index.js +346 -0
package/dist/plugins/pipelines/aws/index.js.map +1 -0
package/dist/plugins/pipelines/aws/prod.d.ts +19 -0
package/dist/plugins/pipelines/aws/prod.d.ts.map +1 -0
package/dist/plugins/pipelines/aws/prod.js +362 -0
package/dist/plugins/pipelines/aws/prod.js.map +1 -0
package/dist/plugins/pipelines/aws/scanfix/aws-cli.d.ts +7 -0
package/dist/plugins/pipelines/aws/scanfix/aws-cli.d.ts.map +1 -0
package/dist/plugins/pipelines/aws/scanfix/aws-cli.js +31 -0
package/dist/plugins/pipelines/aws/scanfix/aws-cli.js.map +1 -0
package/dist/plugins/pipelines/aws/scanfix/config.d.ts +7 -0
package/dist/plugins/pipelines/aws/scanfix/config.d.ts.map +1 -0
package/dist/plugins/pipelines/aws/scanfix/config.js +134 -0
package/dist/plugins/pipelines/aws/scanfix/config.js.map +1 -0
package/dist/plugins/pipelines/factiii/github-secrets-store.d.ts +65 -0
package/dist/plugins/pipelines/factiii/github-secrets-store.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/github-secrets-store.js +221 -0
package/dist/plugins/pipelines/factiii/github-secrets-store.js.map +1 -0
package/dist/plugins/pipelines/factiii/index.d.ts +195 -0
package/dist/plugins/pipelines/factiii/index.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/index.js +862 -0
package/dist/plugins/pipelines/factiii/index.js.map +1 -0
package/dist/plugins/pipelines/factiii/prod.d.ts +17 -0
package/dist/plugins/pipelines/factiii/prod.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/prod.js +282 -0
package/dist/plugins/pipelines/factiii/prod.js.map +1 -0
package/dist/plugins/pipelines/factiii/scanfix/config.d.ts +7 -0
package/dist/plugins/pipelines/factiii/scanfix/config.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/scanfix/config.js +80 -0
package/dist/plugins/pipelines/factiii/scanfix/config.js.map +1 -0
package/dist/plugins/pipelines/factiii/scanfix/github-cli.d.ts +7 -0
package/dist/plugins/pipelines/factiii/scanfix/github-cli.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/scanfix/github-cli.js +43 -0
package/dist/plugins/pipelines/factiii/scanfix/github-cli.js.map +1 -0
package/dist/plugins/pipelines/factiii/scanfix/secrets.d.ts +7 -0
package/dist/plugins/pipelines/factiii/scanfix/secrets.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/scanfix/secrets.js +237 -0
package/dist/plugins/pipelines/factiii/scanfix/secrets.js.map +1 -0
package/dist/plugins/pipelines/factiii/scanfix/workflows.d.ts +7 -0
package/dist/plugins/pipelines/factiii/scanfix/workflows.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/scanfix/workflows.js +169 -0
package/dist/plugins/pipelines/factiii/scanfix/workflows.js.map +1 -0
package/dist/plugins/pipelines/factiii/staging.d.ts +25 -0
package/dist/plugins/pipelines/factiii/staging.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/staging.js +223 -0
package/dist/plugins/pipelines/factiii/staging.js.map +1 -0
package/dist/plugins/pipelines/factiii/utils/detection.d.ts +36 -0
package/dist/plugins/pipelines/factiii/utils/detection.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/utils/detection.js +140 -0
package/dist/plugins/pipelines/factiii/utils/detection.js.map +1 -0
package/dist/plugins/pipelines/factiii/utils/workflows.d.ts +16 -0
package/dist/plugins/pipelines/factiii/utils/workflows.d.ts.map +1 -0
package/dist/plugins/pipelines/factiii/utils/workflows.js +129 -0
package/dist/plugins/pipelines/factiii/utils/workflows.js.map +1 -0
package/dist/plugins/pipelines/factiii/workflows/factiii-cicd-prod.yml +112 -0
package/dist/plugins/pipelines/factiii/workflows/factiii-cicd-staging.yml +112 -0
package/dist/plugins/pipelines/factiii/workflows/factiii-command.yml +130 -0
package/dist/plugins/pipelines/factiii/workflows/factiii-deploy.yml +198 -0
package/dist/plugins/pipelines/factiii/workflows/factiii-dev-sync.yml +179 -0
package/dist/plugins/pipelines/factiii/workflows/factiii-fix.yml +176 -0
package/dist/plugins/pipelines/factiii/workflows/factiii-scan.yml +176 -0
package/dist/plugins/pipelines/factiii/workflows/factiii-undeploy.yml +95 -0
package/dist/plugins/servers/amazon-linux/index.d.ts +93 -0
package/dist/plugins/servers/amazon-linux/index.d.ts.map +1 -0
package/dist/plugins/servers/amazon-linux/index.js +217 -0
package/dist/plugins/servers/amazon-linux/index.js.map +1 -0
package/dist/plugins/servers/mac/dev.d.ts +10 -0
package/dist/plugins/servers/mac/dev.d.ts.map +1 -0
package/dist/plugins/servers/mac/dev.js +71 -0
package/dist/plugins/servers/mac/dev.js.map +1 -0
package/dist/plugins/servers/mac/index.d.ts +101 -0
package/dist/plugins/servers/mac/index.d.ts.map +1 -0
package/dist/plugins/servers/mac/index.js +257 -0
package/dist/plugins/servers/mac/index.js.map +1 -0
package/dist/plugins/servers/mac/scanfix/config.d.ts +7 -0
package/dist/plugins/servers/mac/scanfix/config.d.ts.map +1 -0
package/dist/plugins/servers/mac/scanfix/config.js +168 -0
package/dist/plugins/servers/mac/scanfix/config.js.map +1 -0
package/dist/plugins/servers/mac/scanfix/containers.d.ts +7 -0
package/dist/plugins/servers/mac/scanfix/containers.d.ts.map +1 -0
package/dist/plugins/servers/mac/scanfix/containers.js +167 -0
package/dist/plugins/servers/mac/scanfix/containers.js.map +1 -0
package/dist/plugins/servers/mac/scanfix/system.d.ts +7 -0
package/dist/plugins/servers/mac/scanfix/system.d.ts.map +1 -0
package/dist/plugins/servers/mac/scanfix/system.js +144 -0
package/dist/plugins/servers/mac/scanfix/system.js.map +1 -0
package/dist/plugins/servers/mac/staging.d.ts +21 -0
package/dist/plugins/servers/mac/staging.d.ts.map +1 -0
package/dist/plugins/servers/mac/staging.js +708 -0
package/dist/plugins/servers/mac/staging.js.map +1 -0
package/dist/plugins/servers/ubuntu/index.d.ts +93 -0
package/dist/plugins/servers/ubuntu/index.d.ts.map +1 -0
package/dist/plugins/servers/ubuntu/index.js +224 -0
package/dist/plugins/servers/ubuntu/index.js.map +1 -0
package/dist/plugins/servers/windows/index.d.ts +90 -0
package/dist/plugins/servers/windows/index.d.ts.map +1 -0
package/dist/plugins/servers/windows/index.js +205 -0
package/dist/plugins/servers/windows/index.js.map +1 -0
package/dist/scanfix/commands/index.d.ts +27 -0
package/dist/scanfix/commands/index.d.ts.map +1 -0
package/dist/scanfix/commands/index.js +97 -0
package/dist/scanfix/commands/index.js.map +1 -0
package/dist/scanfix/commands/mac.d.ts +11 -0
package/dist/scanfix/commands/mac.d.ts.map +1 -0
package/dist/scanfix/commands/mac.js +31 -0
package/dist/scanfix/commands/mac.js.map +1 -0
package/dist/scanfix/commands/ubuntu.d.ts +11 -0
package/dist/scanfix/commands/ubuntu.d.ts.map +1 -0
package/dist/scanfix/commands/ubuntu.js +30 -0
package/dist/scanfix/commands/ubuntu.js.map +1 -0
package/dist/scanfix/fixes/certbot.d.ts +25 -0
package/dist/scanfix/fixes/certbot.d.ts.map +1 -0
package/dist/scanfix/fixes/certbot.js +136 -0
package/dist/scanfix/fixes/certbot.js.map +1 -0
package/dist/scanfix/fixes/docker.d.ts +29 -0
package/dist/scanfix/fixes/docker.d.ts.map +1 -0
package/dist/scanfix/fixes/docker.js +149 -0
package/dist/scanfix/fixes/docker.js.map +1 -0
package/dist/scanfix/fixes/git.d.ts +20 -0
package/dist/scanfix/fixes/git.d.ts.map +1 -0
package/dist/scanfix/fixes/git.js +71 -0
package/dist/scanfix/fixes/git.js.map +1 -0
package/dist/scanfix/fixes/index.d.ts +11 -0
package/dist/scanfix/fixes/index.d.ts.map +1 -0
package/dist/scanfix/fixes/index.js +27 -0
package/dist/scanfix/fixes/index.js.map +1 -0
package/dist/scanfix/fixes/node.d.ts +20 -0
package/dist/scanfix/fixes/node.d.ts.map +1 -0
package/dist/scanfix/fixes/node.js +71 -0
package/dist/scanfix/fixes/node.js.map +1 -0
package/dist/scanfix/fixes/pnpm.d.ts +20 -0
package/dist/scanfix/fixes/pnpm.d.ts.map +1 -0
package/dist/scanfix/fixes/pnpm.js +122 -0
package/dist/scanfix/fixes/pnpm.js.map +1 -0
package/dist/scanfix/index.d.ts +23 -0
package/dist/scanfix/index.d.ts.map +1 -0
package/dist/scanfix/index.js +44 -0
package/dist/scanfix/index.js.map +1 -0
package/dist/scanfix/platform.d.ts +20 -0
package/dist/scanfix/platform.d.ts.map +1 -0
package/dist/scanfix/platform.js +48 -0
package/dist/scanfix/platform.js.map +1 -0
package/dist/scanfix/ssl-cert-helper.d.ts +27 -0
package/dist/scanfix/ssl-cert-helper.d.ts.map +1 -0
package/dist/scanfix/ssl-cert-helper.js +117 -0
package/dist/scanfix/ssl-cert-helper.js.map +1 -0
package/dist/scanfix/types.d.ts +27 -0
package/dist/scanfix/types.d.ts.map +1 -0
package/dist/scanfix/types.js +8 -0
package/dist/scanfix/types.js.map +1 -0
package/dist/scripts/check-existing-secrets.d.ts +6 -0
package/dist/scripts/check-existing-secrets.d.ts.map +1 -0
package/dist/scripts/check-existing-secrets.js +86 -0
package/dist/scripts/check-existing-secrets.js.map +1 -0
package/dist/scripts/generate-all.d.ts +40 -0
package/dist/scripts/generate-all.d.ts.map +1 -0
package/dist/scripts/generate-all.js +373 -0
package/dist/scripts/generate-all.js.map +1 -0
package/dist/scripts/get-repo-name.d.ts +6 -0
package/dist/scripts/get-repo-name.d.ts.map +1 -0
package/dist/scripts/get-repo-name.js +54 -0
package/dist/scripts/get-repo-name.js.map +1 -0
package/dist/scripts/index.d.ts +7 -0
package/dist/scripts/index.d.ts.map +1 -0
package/dist/scripts/index.js +14 -0
package/dist/scripts/index.js.map +1 -0
package/dist/scripts/validate-env-files.d.ts +6 -0
package/dist/scripts/validate-env-files.d.ts.map +1 -0
package/dist/scripts/validate-env-files.js +126 -0
package/dist/scripts/validate-env-files.js.map +1 -0
package/dist/scripts/validate-example-values.d.ts +8 -0
package/dist/scripts/validate-example-values.d.ts.map +1 -0
package/dist/scripts/validate-example-values.js +88 -0
package/dist/scripts/validate-example-values.js.map +1 -0
package/dist/scripts/validate-factiii-yml.d.ts +6 -0
package/dist/scripts/validate-factiii-yml.d.ts.map +1 -0
package/dist/scripts/validate-factiii-yml.js +71 -0
package/dist/scripts/validate-factiii-yml.js.map +1 -0
package/dist/types/cli.d.ts +138 -0
package/dist/types/cli.d.ts.map +1 -0
package/dist/types/cli.js +8 -0
package/dist/types/cli.js.map +1 -0
package/dist/types/config.d.ts +113 -0
package/dist/types/config.d.ts.map +1 -0
package/dist/types/config.js +8 -0
package/dist/types/config.js.map +1 -0
package/dist/types/index.d.ts +9 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +25 -0
package/dist/types/index.js.map +1 -0
package/dist/types/plugin.d.ts +352 -0
package/dist/types/plugin.d.ts.map +1 -0
package/dist/types/plugin.js +8 -0
package/dist/types/plugin.js.map +1 -0
package/dist/utils/ansible-vault-secrets.d.ts +95 -0
package/dist/utils/ansible-vault-secrets.d.ts.map +1 -0
package/dist/utils/ansible-vault-secrets.js +406 -0
package/dist/utils/ansible-vault-secrets.js.map +1 -0
package/dist/utils/config-helpers.d.ts +72 -0
package/dist/utils/config-helpers.d.ts.map +1 -0
package/dist/utils/config-helpers.js +171 -0
package/dist/utils/config-helpers.js.map +1 -0
package/dist/utils/config-schema.d.ts +17 -0
package/dist/utils/config-schema.d.ts.map +1 -0
package/dist/utils/config-schema.js +100 -0
package/dist/utils/config-schema.js.map +1 -0
package/dist/utils/config-validator.d.ts +29 -0
package/dist/utils/config-validator.d.ts.map +1 -0
package/dist/utils/config-validator.js +146 -0
package/dist/utils/config-validator.js.map +1 -0
package/dist/utils/deployment-report.d.ts +100 -0
package/dist/utils/deployment-report.d.ts.map +1 -0
package/dist/utils/deployment-report.js +225 -0
package/dist/utils/deployment-report.js.map +1 -0
package/dist/utils/dns-validator.d.ts +19 -0
package/dist/utils/dns-validator.d.ts.map +1 -0
package/dist/utils/dns-validator.js +94 -0
package/dist/utils/dns-validator.js.map +1 -0
package/dist/utils/env-validator.d.ts +108 -0
package/dist/utils/env-validator.d.ts.map +1 -0
package/dist/utils/env-validator.js +342 -0
package/dist/utils/env-validator.js.map +1 -0
package/dist/utils/github-workflow-monitor.d.ts +49 -0
package/dist/utils/github-workflow-monitor.d.ts.map +1 -0
package/dist/utils/github-workflow-monitor.js +145 -0
package/dist/utils/github-workflow-monitor.js.map +1 -0
package/dist/utils/index.d.ts +18 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +48 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/secret-prompts.d.ts +67 -0
package/dist/utils/secret-prompts.d.ts.map +1 -0
package/dist/utils/secret-prompts.js +369 -0
package/dist/utils/secret-prompts.js.map +1 -0
package/dist/utils/server-check.d.ts +43 -0
package/dist/utils/server-check.d.ts.map +1 -0
package/dist/utils/server-check.js +397 -0
package/dist/utils/server-check.js.map +1 -0
package/dist/utils/ssh-deploy.d.ts +70 -0
package/dist/utils/ssh-deploy.d.ts.map +1 -0
package/dist/utils/ssh-deploy.js +268 -0
package/dist/utils/ssh-deploy.js.map +1 -0
package/dist/utils/ssh-helper.d.ts +40 -0
package/dist/utils/ssh-helper.d.ts.map +1 -0
package/dist/utils/ssh-helper.js +221 -0
package/dist/utils/ssh-helper.js.map +1 -0
package/dist/utils/template-generator.d.ts +42 -0
package/dist/utils/template-generator.d.ts.map +1 -0
package/dist/utils/template-generator.js +223 -0
package/dist/utils/template-generator.js.map +1 -0
package/dist/utils/version-check.d.ts +69 -0
package/dist/utils/version-check.d.ts.map +1 -0
package/dist/utils/version-check.js +211 -0
package/dist/utils/version-check.js.map +1 -0
package/package.json +82 -0

package/dist/plugins/pipelines/factiii/workflows/factiii-dev-sync.yml ADDED Viewed

@@ -0,0 +1,179 @@
+name: Factiii Dev Sync
+# Generated by @factiii/stack v{VERSION}
+# DEV/TESTING ONLY - Deploys locally built infrastructure for testing beta features
+# This workflow receives infrastructure changes and deploys them to servers
+# Use: npx factiii dev-sync
+#
+# ⚠️ WARNING: This is for developing @factiii/stack itself, not for app deployments
+# Only use this when testing new infrastructure features before releasing them
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: 'Environment to sync'
+        required: true
+        type: choice
+        options:
+          - staging
+          - prod
+      release_id:
+        description: 'GitHub Release ID containing artifact'
+        required: true
+        type: string
+      asset_id:
+        description: 'Release Asset ID for infrastructure tarball'
+        required: true
+        type: string
+      deploy:
+        description: 'Deploy after syncing'
+        required: false
+        type: boolean
+        default: false
+jobs:
+  dev-sync:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install yq
+        run: |
+          sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+          sudo chmod +x /usr/local/bin/yq
+      - name: Read config
+        id: config
+        run: |
+          if [ ! -f "factiii.yml" ]; then
+            echo "❌ factiii.yml not found"
+            exit 1
+          fi
+          REPO_NAME=$(yq eval '.name' factiii.yml)
+          if [ "${{ inputs.environment }}" == "staging" ]; then
+            HOST=$(yq eval '.environments.staging.domain // ""' factiii.yml)
+            SSH_USER=$(yq eval '.environments.staging.ssh_user // "ubuntu"' factiii.yml)
+          else
+            HOST=$(yq eval '.environments.prod.domain // ""' factiii.yml)
+            SSH_USER=$(yq eval '.environments.prod.ssh_user // "ubuntu"' factiii.yml)
+          fi
+          echo "repo_name=$REPO_NAME" >> $GITHUB_OUTPUT
+          echo "host=$HOST" >> $GITHUB_OUTPUT
+          echo "ssh_user=$SSH_USER" >> $GITHUB_OUTPUT
+      - name: Check if environment configured
+        id: check_env
+        run: |
+          if [ "${{ inputs.environment }}" == "staging" ]; then
+            HAS_ENV=$(yq eval '.environments.staging != null' factiii.yml)
+          else
+            HAS_ENV=$(yq eval '.environments.prod != null' factiii.yml)
+          fi
+          echo "has_env=$HAS_ENV" >> $GITHUB_OUTPUT
+          if [ "$HAS_ENV" != "true" ]; then
+            echo "⏭️  ${{ inputs.environment }} environment not configured in factiii.yml"
+            exit 1
+          fi
+      - name: Setup SSH
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          SSH_KEY: ${{ inputs.environment == 'staging' && secrets.STAGING_SSH || secrets.PROD_SSH }}
+        run: |
+          if [ -z "$SSH_KEY" ]; then
+            echo "❌ Missing ${{ inputs.environment == 'staging' && 'STAGING_SSH' || 'PROD_SSH' }} secret"
+            exit 1
+          fi
+          mkdir -p ~/.ssh
+          echo "$SSH_KEY" > ~/.ssh/deploy_key
+          chmod 600 ~/.ssh/deploy_key
+      - name: Download infrastructure artifact from release
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          RELEASE_ID: ${{ inputs.release_id }}
+          ASSET_ID: ${{ inputs.asset_id }}
+        run: |
+          echo "⚠️  DEV SYNC MODE - Using infrastructure from local build"
+          echo "   This syncs uncommitted infrastructure changes for testing"
+          echo "   Release ID: $RELEASE_ID"
+          echo "   Asset ID: $ASSET_ID"
+          echo "📦 Downloading infrastructure artifact..."
+          # Download release asset using GitHub API
+          curl -L \
+            -H "Accept: application/octet-stream" \
+            -H "Authorization: Bearer $GITHUB_TOKEN" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "https://api.github.com/repos/${{ github.repository }}/releases/assets/$ASSET_ID" \
+            -o infrastructure.tar.gz
+          # Verify download
+          if [ ! -f infrastructure.tar.gz ]; then
+            echo "❌ Failed to download artifact"
+            exit 1
+          fi
+          SIZE=$(du -h infrastructure.tar.gz | cut -f1)
+          echo "✅ Downloaded artifact ($SIZE)"
+      - name: Deploy infrastructure to server
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          HOST: ${{ steps.config.outputs.host }}
+          USER: ${{ steps.config.outputs.ssh_user }}
+          DEPLOY: ${{ inputs.deploy }}
+          REPO_NAME: ${{ steps.config.outputs.repo_name }}
+          ENVIRONMENT: ${{ inputs.environment }}
+        run: |
+          if [ -z "$HOST" ]; then
+            echo "❌ Missing domain in factiii.yml: environments.$ENVIRONMENT.domain"
+            exit 1
+          fi
+          echo "🚀 Syncing infrastructure to $ENVIRONMENT ($HOST)..."
+          # Copy infrastructure to server
+          echo "📤 Uploading infrastructure package..."
+          scp -i ~/.ssh/deploy_key -o StrictHostKeyChecking=no infrastructure.tar.gz "$USER@$HOST:/tmp/"
+          # Extract and setup on server
+          echo "📦 Extracting infrastructure on server..."
+          ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=no "$USER@$HOST" \
+            "export PATH=\"/opt/homebrew/bin:/usr/local/bin:\$PATH\" && \
+             echo \"📦 Setting up infrastructure...\" && \
+             mkdir -p ~/.factiii/infrastructure && \
+             cd ~/.factiii/infrastructure && \
+             tar -xzf /tmp/infrastructure.tar.gz && \
+             rm /tmp/infrastructure.tar.gz && \
+             echo \"\" && \
+             echo \"📋 Verifying version...\" && \
+             VERSION=\$(cat package.json | grep '\"version\"' | head -1 | sed 's/.*: \"\(.*\)\".*/\1/') && \
+             echo \"   Version: \$VERSION\" && \
+             echo \"\" && \
+             echo \"✅ Infrastructure synced successfully\""
+          # Optionally deploy
+          if [ "$DEPLOY" == "true" ]; then
+            echo ""
+            echo "🚀 Deploying to $ENVIRONMENT..."
+            ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=no "$USER@$HOST" \
+              "export PATH=\"/opt/homebrew/bin:/usr/local/bin:\$PATH\" && \
+               cd ~/.factiii/$REPO_NAME && \
+               GITHUB_ACTIONS=true node ~/.factiii/infrastructure/bin/factiii deploy --$ENVIRONMENT"
+          fi
+          rm -f ~/.ssh/deploy_key
+          echo ""
+          echo "✅ Dev sync complete!"

package/dist/plugins/pipelines/factiii/workflows/factiii-fix.yml ADDED Viewed

@@ -0,0 +1,176 @@
+name: Factiii Fix
+# Generated by @factiii/stack v{VERSION}
+# INFRASTRUCTURE: Fix server issues via CLI
+# Run: npx factiii fix (triggers this workflow)
+# Runs on configured environments in parallel using matrix strategy
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: 'Environment to fix'
+        required: true
+        type: choice
+        options:
+          - all
+          - staging
+          - prod
+        default: all
+jobs:
+  setup:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install yq
+        run: |
+          sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+          sudo chmod +x /usr/local/bin/yq
+      - name: Determine environments
+        id: set-matrix
+        run: |
+          ENVS="[]"
+          if [ "${{ inputs.environment }}" == "all" ]; then
+            # Check which environments are configured
+            HAS_STAGING=$(yq eval '.staging != null' factiii.yml)
+            HAS_PROD=$(yq eval '.prod != null' factiii.yml)
+            if [ "$HAS_STAGING" == "true" ] && [ "$HAS_PROD" == "true" ]; then
+              ENVS='["staging", "prod"]'
+            elif [ "$HAS_STAGING" == "true" ]; then
+              ENVS='["staging"]'
+            elif [ "$HAS_PROD" == "true" ]; then
+              ENVS='["prod"]'
+            fi
+          else
+            ENVS='["${{ inputs.environment }}"]'
+          fi
+          echo "matrix={\"environment\":$ENVS}" >> $GITHUB_OUTPUT
+  fix:
+    needs: setup
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix: ${{ fromJson(needs.setup.outputs.matrix) }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install yq
+        run: |
+          sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+          sudo chmod +x /usr/local/bin/yq
+      - name: Read config
+        id: config
+        env:
+          ENVIRONMENT: ${{ matrix.environment }}
+        run: |
+          if [ ! -f "factiii.yml" ]; then
+            echo "❌ factiii.yml not found"
+            exit 1
+          fi
+          REPO_NAME=$(yq eval '.name' factiii.yml)
+          HOST=$(yq eval ".$ENVIRONMENT.domain // \"\"" factiii.yml)
+          SSH_USER=$(yq eval ".$ENVIRONMENT.ssh_user // \"ubuntu\"" factiii.yml)
+          echo "repo_name=$REPO_NAME" >> $GITHUB_OUTPUT
+          echo "host=$HOST" >> $GITHUB_OUTPUT
+          echo "ssh_user=$SSH_USER" >> $GITHUB_OUTPUT
+      - name: Check if environment configured
+        id: check_env
+        env:
+          ENVIRONMENT: ${{ matrix.environment }}
+        run: |
+          HAS_ENV=$(yq eval ".$ENVIRONMENT != null" factiii.yml)
+          echo "has_env=$HAS_ENV" >> $GITHUB_OUTPUT
+          if [ "$HAS_ENV" != "true" ]; then
+            echo "⏭️  $ENVIRONMENT environment not configured in factiii.yml"
+            exit 0
+          fi
+      - name: Check SSH secret
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          ENVIRONMENT: ${{ matrix.environment }}
+          SSH_KEY: ${{ matrix.environment == 'staging' && secrets.STAGING_SSH || secrets.PROD_SSH }}
+        run: |
+          if [ -z "$SSH_KEY" ]; then
+            SECRET_NAME="${ENVIRONMENT^^}_SSH"
+            echo "❌ ${SECRET_NAME} secret not found"
+            echo "Add it at: https://github.com/${{ github.repository }}/settings/secrets/actions"
+            exit 1
+          fi
+          echo "✅ SSH secret exists for $ENVIRONMENT"
+      - name: Setup SSH
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          SSH_KEY: ${{ matrix.environment == 'staging' && secrets.STAGING_SSH || secrets.PROD_SSH }}
+        run: |
+          mkdir -p ~/.ssh
+          echo "$SSH_KEY" > ~/.ssh/deploy_key
+          chmod 600 ~/.ssh/deploy_key
+      - name: Bootstrap Node.js (one-time)
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          HOST: ${{ steps.config.outputs.host }}
+          USER: ${{ steps.config.outputs.ssh_user }}
+        run: |
+          echo "🔍 Checking Node.js on server..."
+          ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=no "$USER@$HOST" \
+            'if ! command -v node &> /dev/null; then
+               echo "📦 Installing Node.js...";
+               if [ -f /opt/homebrew/bin/brew ] || [ -f /usr/local/bin/brew ]; then
+                 export PATH="/opt/homebrew/bin:/usr/local/bin:$PATH";
+                 brew install node;
+               else
+                 curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - && sudo apt-get install -y nodejs;
+               fi;
+             else
+               echo "✅ Node.js already installed";
+             fi'
+      - name: Fix via SSH
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          HOST: ${{ steps.config.outputs.host }}
+          USER: ${{ steps.config.outputs.ssh_user }}
+          REPO_NAME: ${{ steps.config.outputs.repo_name }}
+          ENVIRONMENT: ${{ matrix.environment }}
+        run: |
+          if [ -z "$HOST" ]; then
+            echo "❌ Missing domain in factiii.yml: $ENVIRONMENT.domain"
+            exit 1
+          fi
+          echo "🔧 Fixing $ENVIRONMENT ($HOST)..."
+          ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=no -o ConnectTimeout=10 -o ServerAliveInterval=60 -o ServerAliveCountMax=5 "$USER@$HOST" \
+            "export PATH=\"/opt/homebrew/bin:/usr/local/bin:\$PATH\" && \
+             REPO_DIR=\"\$HOME/.factiii/$REPO_NAME\" && \
+             if [ -d \"\$REPO_DIR\" ]; then \
+               cd \"\$REPO_DIR\" && \
+               export PATH="/opt/homebrew/bin:/usr/local/bin:$PATH" && \
+               GITHUB_ACTIONS=true npx factiii fix --$ENVIRONMENT; \
+             else \
+               echo \"❌ Repo directory not found at \$REPO_DIR\"; \
+               echo \"Run deployment first to clone the repository\"; \
+               exit 1; \
+             fi"
+          rm -f ~/.ssh/deploy_key
+          echo "✅ $ENVIRONMENT fix complete!"

package/dist/plugins/pipelines/factiii/workflows/factiii-scan.yml ADDED Viewed

@@ -0,0 +1,176 @@
+name: Factiii Scan
+# Generated by @factiii/stack v{VERSION}
+# INFRASTRUCTURE: Scan servers for issues via CLI
+# Run: npx factiii scan (triggers this workflow for remote environments)
+# Runs on configured environments in parallel using matrix strategy
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: 'Environment to scan'
+        required: true
+        type: choice
+        options:
+          - all
+          - staging
+          - prod
+        default: all
+jobs:
+  setup:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install yq
+        run: |
+          sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+          sudo chmod +x /usr/local/bin/yq
+      - name: Determine environments
+        id: set-matrix
+        run: |
+          ENVS="[]"
+          if [ "${{ inputs.environment }}" == "all" ]; then
+            # Check which environments are configured
+            HAS_STAGING=$(yq eval '.environments.staging != null' factiii.yml)
+            HAS_PROD=$(yq eval '.environments.prod != null' factiii.yml)
+            if [ "$HAS_STAGING" == "true" ] && [ "$HAS_PROD" == "true" ]; then
+              ENVS='["staging", "prod"]'
+            elif [ "$HAS_STAGING" == "true" ]; then
+              ENVS='["staging"]'
+            elif [ "$HAS_PROD" == "true" ]; then
+              ENVS='["prod"]'
+            fi
+          else
+            ENVS='["${{ inputs.environment }}"]'
+          fi
+          echo "matrix={\"environment\":$ENVS}" >> $GITHUB_OUTPUT
+  scan:
+    needs: setup
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix: ${{ fromJson(needs.setup.outputs.matrix) }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install yq
+        run: |
+          sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+          sudo chmod +x /usr/local/bin/yq
+      - name: Read config
+        id: config
+        env:
+          ENVIRONMENT: ${{ matrix.environment }}
+        run: |
+          if [ ! -f "factiii.yml" ]; then
+            echo "❌ factiii.yml not found"
+            exit 1
+          fi
+          REPO_NAME=$(yq eval '.name' factiii.yml)
+          HOST=$(yq eval ".environments.$ENVIRONMENT.domain // \"\"" factiii.yml)
+          SSH_USER=$(yq eval ".environments.$ENVIRONMENT.ssh_user // \"ubuntu\"" factiii.yml)
+          echo "repo_name=$REPO_NAME" >> $GITHUB_OUTPUT
+          echo "host=$HOST" >> $GITHUB_OUTPUT
+          echo "ssh_user=$SSH_USER" >> $GITHUB_OUTPUT
+      - name: Check if environment configured
+        id: check_env
+        env:
+          ENVIRONMENT: ${{ matrix.environment }}
+        run: |
+          HAS_ENV=$(yq eval ".environments.$ENVIRONMENT != null" factiii.yml)
+          echo "has_env=$HAS_ENV" >> $GITHUB_OUTPUT
+          if [ "$HAS_ENV" != "true" ]; then
+            echo "⏭️  $ENVIRONMENT environment not configured in factiii.yml"
+            exit 0
+          fi
+      - name: Check SSH secret
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          ENVIRONMENT: ${{ matrix.environment }}
+          SSH_KEY: ${{ matrix.environment == 'staging' && secrets.STAGING_SSH || secrets.PROD_SSH }}
+        run: |
+          if [ -z "$SSH_KEY" ]; then
+            SECRET_NAME="${ENVIRONMENT^^}_SSH"
+            echo "❌ ${SECRET_NAME} secret not found"
+            echo "Add it at: https://github.com/${{ github.repository }}/settings/secrets/actions"
+            exit 1
+          fi
+          echo "✅ SSH secret exists for $ENVIRONMENT"
+      - name: Setup SSH
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          SSH_KEY: ${{ matrix.environment == 'staging' && secrets.STAGING_SSH || secrets.PROD_SSH }}
+        run: |
+          mkdir -p ~/.ssh
+          echo "$SSH_KEY" > ~/.ssh/deploy_key
+          chmod 600 ~/.ssh/deploy_key
+      - name: Bootstrap Node.js (one-time)
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          HOST: ${{ steps.config.outputs.host }}
+          USER: ${{ steps.config.outputs.ssh_user }}
+        run: |
+          echo "🔍 Checking Node.js on server..."
+          ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=no "$USER@$HOST" \
+            'if ! command -v node &> /dev/null; then
+               echo "📦 Installing Node.js...";
+               if [ -f /opt/homebrew/bin/brew ] || [ -f /usr/local/bin/brew ]; then
+                 export PATH="/opt/homebrew/bin:/usr/local/bin:$PATH";
+                 brew install node;
+               else
+                 curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - && sudo apt-get install -y nodejs;
+               fi;
+             else
+               echo "✅ Node.js already installed";
+             fi'
+      - name: Scan via SSH
+        if: steps.check_env.outputs.has_env == 'true'
+        env:
+          HOST: ${{ steps.config.outputs.host }}
+          USER: ${{ steps.config.outputs.ssh_user }}
+          REPO_NAME: ${{ steps.config.outputs.repo_name }}
+          ENVIRONMENT: ${{ matrix.environment }}
+        run: |
+          if [ -z "$HOST" ]; then
+            echo "❌ Missing domain in factiii.yml: environments.$ENVIRONMENT.domain"
+            exit 1
+          fi
+          echo "🔍 Scanning $ENVIRONMENT ($HOST)..."
+          ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=no "$USER@$HOST" \
+            "export PATH=\"/opt/homebrew/bin:/usr/local/bin:\$PATH\" && \
+             REPO_DIR=\"\$HOME/.factiii/$REPO_NAME\" && \
+             if [ -d \"\$REPO_DIR\" ]; then \
+               cd \"\$REPO_DIR\" && \
+               export PATH="/opt/homebrew/bin:/usr/local/bin:$PATH" && \
+               GITHUB_ACTIONS=true npx factiii scan --$ENVIRONMENT; \
+             else \
+               echo \"❌ Repo directory not found at \$REPO_DIR\"; \
+               echo \"Run deployment first to clone the repository\"; \
+               exit 1; \
+             fi"
+          rm -f ~/.ssh/deploy_key
+          echo "✅ $ENVIRONMENT scan complete!"

package/dist/plugins/pipelines/factiii/workflows/factiii-undeploy.yml ADDED Viewed

@@ -0,0 +1,95 @@
+name: Factiii Undeploy
+# Generated by @factiii/stack v{VERSION}
+# Manual workflow to remove deployment from a server
+# Thin workflow - just SSH and call CLI
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: 'Environment to undeploy'
+        required: true
+        type: choice
+        options:
+          - staging
+          - prod
+jobs:
+  undeploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install yq
+        run: |
+          sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+          sudo chmod +x /usr/local/bin/yq
+      - name: Read config
+        id: config
+        run: |
+          if [ ! -f "factiii.yml" ]; then
+            echo "❌ factiii.yml not found"
+            exit 1
+          fi
+          REPO_NAME=$(yq eval '.name' factiii.yml)
+          if [ "${{ inputs.environment }}" == "staging" ]; then
+            HOST=$(yq eval '.environments.staging.domain // ""' factiii.yml)
+            SSH_USER=$(yq eval '.environments.staging.ssh_user // "ubuntu"' factiii.yml)
+          else
+            HOST=$(yq eval '.environments.prod.domain // ""' factiii.yml)
+            SSH_USER=$(yq eval '.environments.prod.ssh_user // "ubuntu"' factiii.yml)
+          fi
+          echo "repo_name=$REPO_NAME" >> $GITHUB_OUTPUT
+          echo "host=$HOST" >> $GITHUB_OUTPUT
+          echo "ssh_user=$SSH_USER" >> $GITHUB_OUTPUT
+      - name: Setup SSH
+        env:
+          SSH_KEY: ${{ inputs.environment == 'staging' && secrets.STAGING_SSH || secrets.PROD_SSH }}
+        run: |
+          if [ -z "$SSH_KEY" ]; then
+            echo "❌ Missing ${{ inputs.environment == 'staging' && 'STAGING_SSH' || 'PROD_SSH' }} secret"
+            exit 1
+          fi
+          mkdir -p ~/.ssh
+          echo "$SSH_KEY" > ~/.ssh/deploy_key
+          chmod 600 ~/.ssh/deploy_key
+      - name: Undeploy via CLI
+        env:
+          HOST: ${{ steps.config.outputs.host }}
+          USER: ${{ steps.config.outputs.ssh_user }}
+          REPO_NAME: ${{ steps.config.outputs.repo_name }}
+          ENVIRONMENT: ${{ inputs.environment }}
+        run: |
+          if [ -z "$HOST" ]; then
+            echo "❌ Missing domain in factiii.yml: environments.$ENVIRONMENT.domain"
+            exit 1
+          fi
+          echo "🗑️ Undeploying from $ENVIRONMENT ($HOST)..."
+          ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=no "$USER@$HOST" bash -s << EOF
+            set -e
+            REPO_DIR=~/.factiii/$REPO_NAME
+            if [ -d "\$REPO_DIR" ]; then
+              cd \$REPO_DIR
+              echo "🚀 Running undeploy..."
+              export PATH="/opt/homebrew/bin:/usr/local/bin:$PATH" && \
+              GITHUB_ACTIONS=true npx factiii undeploy --$ENVIRONMENT || true
+            else
+              echo "⚠️ Repo directory not found, nothing to undeploy"
+            fi
+          EOF
+          rm -f ~/.ssh/deploy_key
+          echo "✅ Undeploy complete!"