@factiii/stack 0.1.92 → 0.1.96
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/generators/generate-stack-yml.d.ts.map +1 -1
- package/dist/generators/generate-stack-yml.js +37 -5
- package/dist/generators/generate-stack-yml.js.map +1 -1
- package/dist/plugins/addons/auth/index.d.ts +56 -0
- package/dist/plugins/addons/auth/index.d.ts.map +1 -0
- package/dist/plugins/addons/auth/index.js +178 -0
- package/dist/plugins/addons/auth/index.js.map +1 -0
- package/dist/plugins/addons/auth/scanfix/secrets.d.ts +10 -0
- package/dist/plugins/addons/auth/scanfix/secrets.d.ts.map +1 -0
- package/dist/plugins/addons/auth/scanfix/secrets.js +205 -0
- package/dist/plugins/addons/auth/scanfix/secrets.js.map +1 -0
- package/dist/plugins/addons/auth/scanfix/setup.d.ts +12 -0
- package/dist/plugins/addons/auth/scanfix/setup.d.ts.map +1 -0
- package/dist/plugins/addons/auth/scanfix/setup.js +235 -0
- package/dist/plugins/addons/auth/scanfix/setup.js.map +1 -0
- package/dist/plugins/addons/auth/scanfix/validate.d.ts +9 -0
- package/dist/plugins/addons/auth/scanfix/validate.d.ts.map +1 -0
- package/dist/plugins/addons/auth/scanfix/validate.js +153 -0
- package/dist/plugins/addons/auth/scanfix/validate.js.map +1 -0
- package/dist/plugins/index.d.ts.map +1 -1
- package/dist/plugins/index.js +9 -0
- package/dist/plugins/index.js.map +1 -1
- package/dist/plugins/pipelines/aws/scanfix/credentials.d.ts.map +1 -1
- package/dist/plugins/pipelines/aws/scanfix/credentials.js +15 -44
- package/dist/plugins/pipelines/aws/scanfix/credentials.js.map +1 -1
- package/dist/plugins/pipelines/aws/utils/aws-helpers.d.ts +9 -1
- package/dist/plugins/pipelines/aws/utils/aws-helpers.d.ts.map +1 -1
- package/dist/plugins/pipelines/aws/utils/aws-helpers.js +74 -0
- package/dist/plugins/pipelines/aws/utils/aws-helpers.js.map +1 -1
- package/dist/plugins/pipelines/factiii/index.d.ts.map +1 -1
- package/dist/plugins/pipelines/factiii/index.js +22 -37
- package/dist/plugins/pipelines/factiii/index.js.map +1 -1
- package/dist/plugins/pipelines/factiii/scanfix/bootstrap.d.ts.map +1 -1
- package/dist/plugins/pipelines/factiii/scanfix/bootstrap.js +5 -1
- package/dist/plugins/pipelines/factiii/scanfix/bootstrap.js.map +1 -1
- package/dist/plugins/pipelines/factiii/scanfix/secrets.d.ts.map +1 -1
- package/dist/plugins/pipelines/factiii/scanfix/secrets.js +36 -20
- package/dist/plugins/pipelines/factiii/scanfix/secrets.js.map +1 -1
- package/dist/utils/ansible-vault-secrets.d.ts +6 -2
- package/dist/utils/ansible-vault-secrets.d.ts.map +1 -1
- package/dist/utils/ansible-vault-secrets.js +25 -69
- package/dist/utils/ansible-vault-secrets.js.map +1 -1
- package/dist/utils/ssh-helper.d.ts.map +1 -1
- package/dist/utils/ssh-helper.js +12 -7
- package/dist/utils/ssh-helper.js.map +1 -1
- package/package.json +2 -1
- package/dist/plugins/pipelines/factiii/scanfix/ansible.d.ts +0 -12
- package/dist/plugins/pipelines/factiii/scanfix/ansible.d.ts.map +0 -1
- package/dist/plugins/pipelines/factiii/scanfix/ansible.js +0 -109
- package/dist/plugins/pipelines/factiii/scanfix/ansible.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-stack-yml.d.ts","sourceRoot":"","sources":["../../src/generators/generate-stack-yml.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAkDH;;;;;;;GAOG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,GAAE;IAAE,KAAK,CAAC,EAAE,OAAO,CAAA;CAAO,GAAG,OAAO,
|
|
1
|
+
{"version":3,"file":"generate-stack-yml.d.ts","sourceRoot":"","sources":["../../src/generators/generate-stack-yml.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAkDH;;;;;;;GAOG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,GAAE;IAAE,KAAK,CAAC,EAAE,OAAO,CAAA;CAAO,GAAG,OAAO,CAsLjG"}
|
|
@@ -118,14 +118,12 @@ function generateSmartStackYml(rootDir, options = {}) {
|
|
|
118
118
|
const name = (pkgName ?? dirName).replace(/[^a-z0-9-]/gi, '-').toLowerCase();
|
|
119
119
|
// Detect github repo
|
|
120
120
|
const githubRepo = detectGithubRepo(rootDir) ?? 'EXAMPLE_username/' + name;
|
|
121
|
-
//
|
|
122
|
-
const
|
|
123
|
-
const stagingServer = devOS === 'windows' ? 'ubuntu' : devOS;
|
|
121
|
+
// Staging always uses mac (Mac Mini server)
|
|
122
|
+
const stagingServer = 'mac';
|
|
124
123
|
// Build config
|
|
125
124
|
const config = {
|
|
126
125
|
name,
|
|
127
126
|
config_version: '0.1.0',
|
|
128
|
-
dev_only: true,
|
|
129
127
|
github_repo: githubRepo,
|
|
130
128
|
ssl_email: 'EXAMPLE_admin@yourdomain.com',
|
|
131
129
|
pipeline: 'factiii',
|
|
@@ -155,6 +153,8 @@ function generateSmartStackYml(rootDir, options = {}) {
|
|
|
155
153
|
detectedPlugins.push('trpc');
|
|
156
154
|
if (deps['expo'])
|
|
157
155
|
detectedPlugins.push('expo');
|
|
156
|
+
if (deps['@factiii/auth'])
|
|
157
|
+
detectedPlugins.push('auth');
|
|
158
158
|
// Build YAML content with comments
|
|
159
159
|
const sections = [];
|
|
160
160
|
sections.push('# Generated by @factiii/stack');
|
|
@@ -168,6 +168,38 @@ function generateSmartStackYml(rootDir, options = {}) {
|
|
|
168
168
|
sections.push('# Detected frameworks: ' + detectedPlugins.join(', '));
|
|
169
169
|
sections.push('');
|
|
170
170
|
}
|
|
171
|
+
// Auth (@factiii/auth) - auto-detected or commented out
|
|
172
|
+
if (deps['@factiii/auth']) {
|
|
173
|
+
sections.push('# ============================================================');
|
|
174
|
+
sections.push('# AUTH (@factiii/auth)');
|
|
175
|
+
sections.push('# ============================================================');
|
|
176
|
+
sections.push('# Detected @factiii/auth in dependencies.');
|
|
177
|
+
sections.push('# JWT_SECRET is auto-generated and stored in Ansible Vault.');
|
|
178
|
+
sections.push('# Customize features below as needed.');
|
|
179
|
+
sections.push('auth:');
|
|
180
|
+
sections.push(' features:');
|
|
181
|
+
sections.push(' oauth: false');
|
|
182
|
+
sections.push(' twoFa: false');
|
|
183
|
+
sections.push(' emailVerification: false');
|
|
184
|
+
sections.push(' oauth_provider: EXAMPLE_google');
|
|
185
|
+
sections.push('');
|
|
186
|
+
}
|
|
187
|
+
else {
|
|
188
|
+
sections.push('# ============================================================');
|
|
189
|
+
sections.push('# AUTH (@factiii/auth)');
|
|
190
|
+
sections.push('# ============================================================');
|
|
191
|
+
sections.push('# Drop-in tRPC auth: JWT sessions, OAuth, 2FA, email verification.');
|
|
192
|
+
sections.push('# Install: npm install @factiii/auth');
|
|
193
|
+
sections.push('# Then re-run: npx stack fix --dev');
|
|
194
|
+
sections.push('#');
|
|
195
|
+
sections.push('# auth:');
|
|
196
|
+
sections.push('# features:');
|
|
197
|
+
sections.push('# oauth: false');
|
|
198
|
+
sections.push('# twoFa: false');
|
|
199
|
+
sections.push('# emailVerification: false');
|
|
200
|
+
sections.push('# oauth_provider: EXAMPLE_google');
|
|
201
|
+
sections.push('');
|
|
202
|
+
}
|
|
171
203
|
// OpenClaw / Moltbot - commented out by default
|
|
172
204
|
sections.push('# ============================================================');
|
|
173
205
|
sections.push('# OPENCLAW (MOLTBOT)');
|
|
@@ -216,7 +248,7 @@ function generateSmartStackYml(rootDir, options = {}) {
|
|
|
216
248
|
sections.push('# npx stack deploy --secrets set -> store SSH keys & credentials in Ansible Vault');
|
|
217
249
|
sections.push('#');
|
|
218
250
|
sections.push('# 5. UNLOCK STAGING/PROD');
|
|
219
|
-
sections.push('#
|
|
251
|
+
sections.push('# Edit stack.local.yml and set: dev_only: false');
|
|
220
252
|
sections.push('# (stack.local.yml is gitignored - only affects YOUR machine)');
|
|
221
253
|
sections.push('#');
|
|
222
254
|
sections.push('# 6. DEPLOY');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-stack-yml.js","sourceRoot":"","sources":["../../src/generators/generate-stack-yml.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0DH,
|
|
1
|
+
{"version":3,"file":"generate-stack-yml.js","sourceRoot":"","sources":["../../src/generators/generate-stack-yml.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0DH,sDAsLC;AA9OD,uCAAyB;AACzB,2CAA6B;AAC7B,sDAA2B;AAC3B,iDAAyC;AAEzC,kEAAqE;AAErE;;GAEG;AACH,SAAS,eAAe,CAAC,OAAe;IACtC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IACzC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAA4B,CAAC;IACjF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,OAAe;IACvC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,2BAA2B,EAAE;YACnD,GAAG,EAAE,OAAO;YACZ,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC,IAAI,EAAE,CAAC;QACV,6DAA6D;QAC7D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;QAC9D,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,8BAA8B;IAChC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,cAAc;IACrB,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO;QAAE,OAAO,SAAS,CAAC;IACnD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,qBAAqB,CAAC,OAAe,EAAE,UAA+B,EAAE;IACtF,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,uCAAqB,CAAC,CAAC;IAE7D,+BAA+B;IAC/B,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,uCAAqB,GAAG,4CAA4C,CAAC,CAAC;QAC5F,OAAO,KAAK,CAAC;IACf,CAAC;IAED,qDAAqD;IACrD,MAAM,GAAG,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,IAAI,GAA2B;QACnC,GAAG,CAAC,GAAG,EAAE,YAAsC,IAAI,EAAE,CAAC;QACtD,GAAG,CAAC,GAAG,EAAE,eAAyC,IAAI,EAAE,CAAC;KAC1D,CAAC;IAEF,sBAAsB;IACtB,MAAM,OAAO,GAAG,GAAG,EAAE,IAA0B,CAAC;IAChD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;IAE7E,qBAAqB;IACrB,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,IAAI,mBAAmB,GAAG,IAAI,CAAC;IAE3E,4CAA4C;IAC5C,MAAM,aAAa,GAAG,KAAK,CAAC;IAE5B,eAAe;IACf,MAAM,MAAM,GAA4B;QACtC,IAAI;QACJ,cAAc,EAAE,OAAO;QACvB,WAAW,EAAE,UAAU;QACvB,SAAS,EAAE,8BAA8B;QACzC,QAAQ,EAAE,SAAS;QAEnB,OAAO,EAAE;YACP,MAAM,EAAE,aAAa;YACrB,MAAM,EAAE,gCAAgC;YACxC,QAAQ,EAAE,SAAS;YACnB,QAAQ,EAAE,cAAc;SACzB;QAED,IAAI,EAAE;YACJ,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,wBAAwB;YAChC,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,WAAW;YACrB,MAAM,EAAE,WAAW;YACnB,aAAa,EAAE,sBAAsB;YACrC,MAAM,EAAE,WAAW;SACpB;KAEF,CAAC;IAEF,4CAA4C;IAC5C,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,IAAI,IAAI,CAAC,MAAM,CAAC;QAAE,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACjD,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,gBAAgB,CAAC;QAAE,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC7E,IAAI,IAAI,CAAC,cAAc,CAAC;QAAE,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvD,IAAI,IAAI,CAAC,MAAM,CAAC;QAAE,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/C,IAAI,IAAI,CAAC,eAAe,CAAC;QAAE,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAExD,mCAAmC;IACnC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,QAAQ,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;IAC/C,QAAQ,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC;IAC9E,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAElB,mBAAmB;IACnB,QAAQ,CAAC,IAAI,CAAC,iBAAI,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IACzE,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAElB,oCAAoC;IACpC,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC,yBAAyB,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACtE,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC;IAED,wDAAwD;IACxD,IAAI,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;QAC3D,QAAQ,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;QAC7E,QAAQ,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;QACvD,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAClC,QAAQ,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAClC,QAAQ,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QAClD,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC;SAAM,CAAC;QACN,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;QACpF,QAAQ,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;QACtD,QAAQ,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;QACpD,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QAChD,QAAQ,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;QACpD,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC;IAED,gDAAgD;IAChD,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;IAChF,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACtC,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;IAChF,QAAQ,CAAC,IAAI,CAAC,iEAAiE,CAAC,CAAC;IACjF,QAAQ,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;IACtF,QAAQ,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;IACtD,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;IACpF,QAAQ,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAClC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAElB,2CAA2C;IAC3C,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;IAChF,QAAQ,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IAC7C,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;IAChF,QAAQ,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;IAC1D,QAAQ,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;IACpF,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,qEAAqE,CAAC,CAAC;IACrF,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC3B,QAAQ,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;IACtD,QAAQ,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;IAC5E,QAAQ,CAAC,IAAI,CAAC,+DAA+D,CAAC,CAAC;IAC/E,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;IAC7D,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAElB,uBAAuB;IACvB,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;IAChF,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC9B,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;IAChF,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IACvC,QAAQ,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;IAClF,QAAQ,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;IACxE,QAAQ,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;IAC5D,QAAQ,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;IAC5D,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACtC,QAAQ,CAAC,IAAI,CAAC,+FAA+F,CAAC,CAAC;IAC/G,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACtC,QAAQ,CAAC,IAAI,CAAC,0FAA0F,CAAC,CAAC;IAC1G,QAAQ,CAAC,IAAI,CAAC,8FAA8F,CAAC,CAAC;IAC9G,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;IACrC,QAAQ,CAAC,IAAI,CAAC,uFAAuF,CAAC,CAAC;IACvG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC1C,QAAQ,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;IACpE,QAAQ,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;IAClF,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC7B,QAAQ,CAAC,IAAI,CAAC,yEAAyE,CAAC,CAAC;IACzF,QAAQ,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;IAClF,QAAQ,CAAC,IAAI,CAAC,qEAAqE,CAAC,CAAC;IACrF,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnB,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;IAChF,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAElB,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzC,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;IAE3C,OAAO,CAAC,GAAG,CAAC,eAAe,GAAG,uCAAqB,GAAG,mBAAmB,GAAG,IAAI,GAAG,GAAG,CAAC,CAAC;IAExF,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth Addon Plugin
|
|
3
|
+
*
|
|
4
|
+
* Integrates @factiii/auth into the stack pipeline.
|
|
5
|
+
* Auto-detects @factiii/auth in package.json dependencies.
|
|
6
|
+
*
|
|
7
|
+
* Handles:
|
|
8
|
+
* - Dev: Initialize auth schema, run doctor, migrate
|
|
9
|
+
* - Secrets: Auto-generate JWT_SECRET, prompt for OAuth keys
|
|
10
|
+
* - Staging/Prod: Validate auth env vars are set
|
|
11
|
+
*
|
|
12
|
+
* ============================================================
|
|
13
|
+
* PLUGIN STRUCTURE
|
|
14
|
+
* ============================================================
|
|
15
|
+
*
|
|
16
|
+
* **scanfix/** - Scan/fix operations organized by concern
|
|
17
|
+
* - setup.ts - Dev stage: init, doctor, migrate
|
|
18
|
+
* - secrets.ts - Secrets stage: JWT_SECRET, OAuth keys
|
|
19
|
+
* - validate.ts - Staging/Prod: env var validation
|
|
20
|
+
*
|
|
21
|
+
* **index.ts** - This file
|
|
22
|
+
* - Static metadata (id, name, category, version)
|
|
23
|
+
* - shouldLoad() - auto-detects @factiii/auth
|
|
24
|
+
* - Imports and combines all scanfix arrays
|
|
25
|
+
* ============================================================
|
|
26
|
+
*/
|
|
27
|
+
import type { FactiiiConfig, Fix, ServerOS } from '../../../types/index.js';
|
|
28
|
+
declare class AuthAddon {
|
|
29
|
+
static readonly id = "auth";
|
|
30
|
+
static readonly name = "Auth (@factiii/auth)";
|
|
31
|
+
static readonly category: 'addon';
|
|
32
|
+
static readonly version = "1.0.0";
|
|
33
|
+
/**
|
|
34
|
+
* Compatible with all server types (auth is app-level, not OS-specific)
|
|
35
|
+
*/
|
|
36
|
+
static readonly compatibleServers: ServerOS[];
|
|
37
|
+
static readonly defaultServer: ServerOS;
|
|
38
|
+
static readonly requiredEnvVars: string[];
|
|
39
|
+
static readonly configSchema: Record<string, unknown>;
|
|
40
|
+
static readonly autoConfigSchema: Record<string, string>;
|
|
41
|
+
/**
|
|
42
|
+
* Auto-detect @factiii/auth in package.json dependencies.
|
|
43
|
+
* No manual config needed — plugin loads automatically.
|
|
44
|
+
*/
|
|
45
|
+
static shouldLoad(rootDir: string, _config: FactiiiConfig): Promise<boolean>;
|
|
46
|
+
static helpText: Record<string, string>;
|
|
47
|
+
static readonly fixes: Fix[];
|
|
48
|
+
/**
|
|
49
|
+
* Auto-detect auth configuration
|
|
50
|
+
*/
|
|
51
|
+
static detectConfig(rootDir: string): Promise<Record<string, unknown>>;
|
|
52
|
+
private _config;
|
|
53
|
+
constructor(config: FactiiiConfig);
|
|
54
|
+
}
|
|
55
|
+
export default AuthAddon;
|
|
56
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/plugins/addons/auth/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAIH,OAAO,KAAK,EAAE,aAAa,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAO5E,cAAM,SAAS;IAKb,MAAM,CAAC,QAAQ,CAAC,EAAE,UAAU;IAC5B,MAAM,CAAC,QAAQ,CAAC,IAAI,0BAA0B;IAC9C,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAW;IAC5C,MAAM,CAAC,QAAQ,CAAC,OAAO,WAAW;IAElC;;OAEG;IACH,MAAM,CAAC,QAAQ,CAAC,iBAAiB,EAAE,QAAQ,EAAE,CAAgC;IAE7E,MAAM,CAAC,QAAQ,CAAC,aAAa,EAAE,QAAQ,CAAY;IAGnD,MAAM,CAAC,QAAQ,CAAC,eAAe,EAAE,MAAM,EAAE,CAAkB;IAG3D,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CASnD;IAGF,MAAM,CAAC,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAGtD;IAEF;;;OAGG;WACU,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAalF,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CASrC;IAMF,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,GAAG,EAAE,CAI1B;IAMF;;OAEG;WACU,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAkC5E,OAAO,CAAC,OAAO,CAAgB;gBAEnB,MAAM,EAAE,aAAa;CAGlC;AAED,eAAe,SAAS,CAAC"}
|
|
@@ -0,0 +1,178 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Auth Addon Plugin
|
|
4
|
+
*
|
|
5
|
+
* Integrates @factiii/auth into the stack pipeline.
|
|
6
|
+
* Auto-detects @factiii/auth in package.json dependencies.
|
|
7
|
+
*
|
|
8
|
+
* Handles:
|
|
9
|
+
* - Dev: Initialize auth schema, run doctor, migrate
|
|
10
|
+
* - Secrets: Auto-generate JWT_SECRET, prompt for OAuth keys
|
|
11
|
+
* - Staging/Prod: Validate auth env vars are set
|
|
12
|
+
*
|
|
13
|
+
* ============================================================
|
|
14
|
+
* PLUGIN STRUCTURE
|
|
15
|
+
* ============================================================
|
|
16
|
+
*
|
|
17
|
+
* **scanfix/** - Scan/fix operations organized by concern
|
|
18
|
+
* - setup.ts - Dev stage: init, doctor, migrate
|
|
19
|
+
* - secrets.ts - Secrets stage: JWT_SECRET, OAuth keys
|
|
20
|
+
* - validate.ts - Staging/Prod: env var validation
|
|
21
|
+
*
|
|
22
|
+
* **index.ts** - This file
|
|
23
|
+
* - Static metadata (id, name, category, version)
|
|
24
|
+
* - shouldLoad() - auto-detects @factiii/auth
|
|
25
|
+
* - Imports and combines all scanfix arrays
|
|
26
|
+
* ============================================================
|
|
27
|
+
*/
|
|
28
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
29
|
+
if (k2 === undefined) k2 = k;
|
|
30
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
31
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
32
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
33
|
+
}
|
|
34
|
+
Object.defineProperty(o, k2, desc);
|
|
35
|
+
}) : (function(o, m, k, k2) {
|
|
36
|
+
if (k2 === undefined) k2 = k;
|
|
37
|
+
o[k2] = m[k];
|
|
38
|
+
}));
|
|
39
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
40
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
41
|
+
}) : function(o, v) {
|
|
42
|
+
o["default"] = v;
|
|
43
|
+
});
|
|
44
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
45
|
+
var ownKeys = function(o) {
|
|
46
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
47
|
+
var ar = [];
|
|
48
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
49
|
+
return ar;
|
|
50
|
+
};
|
|
51
|
+
return ownKeys(o);
|
|
52
|
+
};
|
|
53
|
+
return function (mod) {
|
|
54
|
+
if (mod && mod.__esModule) return mod;
|
|
55
|
+
var result = {};
|
|
56
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
57
|
+
__setModuleDefault(result, mod);
|
|
58
|
+
return result;
|
|
59
|
+
};
|
|
60
|
+
})();
|
|
61
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
62
|
+
const fs = __importStar(require("fs"));
|
|
63
|
+
const path = __importStar(require("path"));
|
|
64
|
+
// Import scanfixes
|
|
65
|
+
const setup_js_1 = require("./scanfix/setup.js");
|
|
66
|
+
const secrets_js_1 = require("./scanfix/secrets.js");
|
|
67
|
+
const validate_js_1 = require("./scanfix/validate.js");
|
|
68
|
+
class AuthAddon {
|
|
69
|
+
// ============================================================
|
|
70
|
+
// STATIC METADATA
|
|
71
|
+
// ============================================================
|
|
72
|
+
static id = 'auth';
|
|
73
|
+
static name = 'Auth (@factiii/auth)';
|
|
74
|
+
static category = 'addon';
|
|
75
|
+
static version = '1.0.0';
|
|
76
|
+
/**
|
|
77
|
+
* Compatible with all server types (auth is app-level, not OS-specific)
|
|
78
|
+
*/
|
|
79
|
+
static compatibleServers = ['mac', 'ubuntu', 'windows'];
|
|
80
|
+
static defaultServer = 'ubuntu';
|
|
81
|
+
// Env vars this plugin requires (auto-generates .env.example checks)
|
|
82
|
+
static requiredEnvVars = ['JWT_SECRET'];
|
|
83
|
+
// Schema for stack.yml (user-editable, optional)
|
|
84
|
+
static configSchema = {
|
|
85
|
+
auth: {
|
|
86
|
+
features: {
|
|
87
|
+
oauth: false,
|
|
88
|
+
twoFa: false,
|
|
89
|
+
emailVerification: false,
|
|
90
|
+
},
|
|
91
|
+
oauth_provider: 'EXAMPLE_google',
|
|
92
|
+
},
|
|
93
|
+
};
|
|
94
|
+
// Schema for stackAuto.yml (auto-detected)
|
|
95
|
+
static autoConfigSchema = {
|
|
96
|
+
auth_installed: 'boolean',
|
|
97
|
+
auth_initialized: 'boolean',
|
|
98
|
+
};
|
|
99
|
+
/**
|
|
100
|
+
* Auto-detect @factiii/auth in package.json dependencies.
|
|
101
|
+
* No manual config needed — plugin loads automatically.
|
|
102
|
+
*/
|
|
103
|
+
static async shouldLoad(rootDir, _config) {
|
|
104
|
+
try {
|
|
105
|
+
const pkgPath = path.join(rootDir, 'package.json');
|
|
106
|
+
if (!fs.existsSync(pkgPath))
|
|
107
|
+
return false;
|
|
108
|
+
const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
|
|
109
|
+
const deps = { ...(pkg.dependencies ?? {}), ...(pkg.devDependencies ?? {}) };
|
|
110
|
+
return !!deps['@factiii/auth'];
|
|
111
|
+
}
|
|
112
|
+
catch {
|
|
113
|
+
return false;
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
static helpText = {
|
|
117
|
+
JWT_SECRET: `
|
|
118
|
+
JWT signing secret for @factiii/auth.
|
|
119
|
+
|
|
120
|
+
This is auto-generated (256-bit random) when you run:
|
|
121
|
+
npx stack fix --secrets
|
|
122
|
+
|
|
123
|
+
The secret is stored in Ansible Vault and used to sign
|
|
124
|
+
authentication tokens (JWT) for your application.`,
|
|
125
|
+
};
|
|
126
|
+
// ============================================================
|
|
127
|
+
// FIXES - All issues this plugin can detect and resolve
|
|
128
|
+
// ============================================================
|
|
129
|
+
static fixes = [
|
|
130
|
+
...setup_js_1.setupFixes,
|
|
131
|
+
...secrets_js_1.secretsFixes,
|
|
132
|
+
...validate_js_1.validateFixes,
|
|
133
|
+
];
|
|
134
|
+
// ============================================================
|
|
135
|
+
// STATIC HELPER METHODS
|
|
136
|
+
// ============================================================
|
|
137
|
+
/**
|
|
138
|
+
* Auto-detect auth configuration
|
|
139
|
+
*/
|
|
140
|
+
static async detectConfig(rootDir) {
|
|
141
|
+
const detected = {};
|
|
142
|
+
try {
|
|
143
|
+
const pkgPath = path.join(rootDir, 'package.json');
|
|
144
|
+
if (fs.existsSync(pkgPath)) {
|
|
145
|
+
const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
|
|
146
|
+
const deps = { ...(pkg.dependencies ?? {}), ...(pkg.devDependencies ?? {}) };
|
|
147
|
+
detected.auth_installed = !!deps['@factiii/auth'];
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
catch {
|
|
151
|
+
detected.auth_installed = false;
|
|
152
|
+
}
|
|
153
|
+
// Check if auth models exist in Prisma schema
|
|
154
|
+
try {
|
|
155
|
+
const schemaPath = path.join(rootDir, 'prisma', 'schema.prisma');
|
|
156
|
+
if (fs.existsSync(schemaPath)) {
|
|
157
|
+
const content = fs.readFileSync(schemaPath, 'utf8');
|
|
158
|
+
detected.auth_initialized = content.includes('model User') && content.includes('model Session');
|
|
159
|
+
}
|
|
160
|
+
else {
|
|
161
|
+
detected.auth_initialized = false;
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
catch {
|
|
165
|
+
detected.auth_initialized = false;
|
|
166
|
+
}
|
|
167
|
+
return detected;
|
|
168
|
+
}
|
|
169
|
+
// ============================================================
|
|
170
|
+
// INSTANCE
|
|
171
|
+
// ============================================================
|
|
172
|
+
_config;
|
|
173
|
+
constructor(config) {
|
|
174
|
+
this._config = config;
|
|
175
|
+
}
|
|
176
|
+
}
|
|
177
|
+
exports.default = AuthAddon;
|
|
178
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/plugins/addons/auth/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAG7B,mBAAmB;AACnB,iDAAgD;AAChD,qDAAoD;AACpD,uDAAsD;AAEtD,MAAM,SAAS;IACb,+DAA+D;IAC/D,kBAAkB;IAClB,+DAA+D;IAE/D,MAAM,CAAU,EAAE,GAAG,MAAM,CAAC;IAC5B,MAAM,CAAU,IAAI,GAAG,sBAAsB,CAAC;IAC9C,MAAM,CAAU,QAAQ,GAAY,OAAO,CAAC;IAC5C,MAAM,CAAU,OAAO,GAAG,OAAO,CAAC;IAElC;;OAEG;IACH,MAAM,CAAU,iBAAiB,GAAe,CAAC,KAAK,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IAE7E,MAAM,CAAU,aAAa,GAAa,QAAQ,CAAC;IAEnD,qEAAqE;IACrE,MAAM,CAAU,eAAe,GAAa,CAAC,YAAY,CAAC,CAAC;IAE3D,iDAAiD;IACjD,MAAM,CAAU,YAAY,GAA4B;QACtD,IAAI,EAAE;YACJ,QAAQ,EAAE;gBACR,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,KAAK;gBACZ,iBAAiB,EAAE,KAAK;aACzB;YACD,cAAc,EAAE,gBAAgB;SACjC;KACF,CAAC;IAEF,2CAA2C;IAC3C,MAAM,CAAU,gBAAgB,GAA2B;QACzD,cAAc,EAAE,SAAS;QACzB,gBAAgB,EAAE,SAAS;KAC5B,CAAC;IAEF;;;OAGG;IACH,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,OAAe,EAAE,OAAsB;QAC7D,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;YACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;YAE1C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC,EAAE,CAAC;YAC7E,OAAO,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,MAAM,CAAC,QAAQ,GAA2B;QACxC,UAAU,EAAE;;;;;;;qDAOqC;KAClD,CAAC;IAEF,+DAA+D;IAC/D,wDAAwD;IACxD,+DAA+D;IAE/D,MAAM,CAAU,KAAK,GAAU;QAC7B,GAAG,qBAAU;QACb,GAAG,yBAAY;QACf,GAAG,2BAAa;KACjB,CAAC;IAEF,+DAA+D;IAC/D,wBAAwB;IACxB,+DAA+D;IAE/D;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,OAAe;QACvC,MAAM,QAAQ,GAA4B,EAAE,CAAC;QAE7C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;YACnD,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;gBACzD,MAAM,IAAI,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC,EAAE,CAAC;gBAC7E,QAAQ,CAAC,cAAc,GAAG,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,QAAQ,CAAC,cAAc,GAAG,KAAK,CAAC;QAClC,CAAC;QAED,8CAA8C;QAC9C,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;YACjE,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC9B,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACpD,QAAQ,CAAC,gBAAgB,GAAG,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;YAClG,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,gBAAgB,GAAG,KAAK,CAAC;YACpC,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,QAAQ,CAAC,gBAAgB,GAAG,KAAK,CAAC;QACpC,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,+DAA+D;IAC/D,WAAW;IACX,+DAA+D;IAEvD,OAAO,CAAgB;IAE/B,YAAY,MAAqB;QAC/B,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;IACxB,CAAC;;AAGH,kBAAe,SAAS,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth Secrets Scanfixes
|
|
3
|
+
*
|
|
4
|
+
* Manages authentication secrets in Ansible Vault:
|
|
5
|
+
* - JWT_SECRET: auto-generated 256-bit random key
|
|
6
|
+
* - OAuth keys: prompted from user (Google, Apple)
|
|
7
|
+
*/
|
|
8
|
+
import type { Fix } from '../../../../types/index.js';
|
|
9
|
+
export declare const secretsFixes: Fix[];
|
|
10
|
+
//# sourceMappingURL=secrets.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../../../../src/plugins/addons/auth/scanfix/secrets.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,KAAK,EAAiB,GAAG,EAAE,MAAM,4BAA4B,CAAC;AAyCrE,eAAO,MAAM,YAAY,EAAE,GAAG,EA+H7B,CAAC"}
|
|
@@ -0,0 +1,205 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Auth Secrets Scanfixes
|
|
4
|
+
*
|
|
5
|
+
* Manages authentication secrets in Ansible Vault:
|
|
6
|
+
* - JWT_SECRET: auto-generated 256-bit random key
|
|
7
|
+
* - OAuth keys: prompted from user (Google, Apple)
|
|
8
|
+
*/
|
|
9
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
12
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
13
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
14
|
+
}
|
|
15
|
+
Object.defineProperty(o, k2, desc);
|
|
16
|
+
}) : (function(o, m, k, k2) {
|
|
17
|
+
if (k2 === undefined) k2 = k;
|
|
18
|
+
o[k2] = m[k];
|
|
19
|
+
}));
|
|
20
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
21
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
22
|
+
}) : function(o, v) {
|
|
23
|
+
o["default"] = v;
|
|
24
|
+
});
|
|
25
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
26
|
+
var ownKeys = function(o) {
|
|
27
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
28
|
+
var ar = [];
|
|
29
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
30
|
+
return ar;
|
|
31
|
+
};
|
|
32
|
+
return ownKeys(o);
|
|
33
|
+
};
|
|
34
|
+
return function (mod) {
|
|
35
|
+
if (mod && mod.__esModule) return mod;
|
|
36
|
+
var result = {};
|
|
37
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
38
|
+
__setModuleDefault(result, mod);
|
|
39
|
+
return result;
|
|
40
|
+
};
|
|
41
|
+
})();
|
|
42
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
43
|
+
exports.secretsFixes = void 0;
|
|
44
|
+
const crypto = __importStar(require("crypto"));
|
|
45
|
+
const config_helpers_js_1 = require("../../../../utils/config-helpers.js");
|
|
46
|
+
/**
|
|
47
|
+
* Get auth config from FactiiiConfig (handles undefined/null)
|
|
48
|
+
*/
|
|
49
|
+
function getAuthConfig(config) {
|
|
50
|
+
const auth = config.auth;
|
|
51
|
+
if (!auth || typeof auth !== 'object')
|
|
52
|
+
return null;
|
|
53
|
+
return auth;
|
|
54
|
+
}
|
|
55
|
+
/**
|
|
56
|
+
* Check if OAuth is enabled for a specific provider
|
|
57
|
+
*/
|
|
58
|
+
function isOAuthEnabled(config, provider) {
|
|
59
|
+
const auth = getAuthConfig(config);
|
|
60
|
+
if (!auth)
|
|
61
|
+
return false;
|
|
62
|
+
// Check auth.features.oauth
|
|
63
|
+
const features = auth.features;
|
|
64
|
+
if (features?.oauth)
|
|
65
|
+
return true;
|
|
66
|
+
// Check auth.oauth_provider
|
|
67
|
+
if (auth.oauth_provider === provider)
|
|
68
|
+
return true;
|
|
69
|
+
return false;
|
|
70
|
+
}
|
|
71
|
+
/**
|
|
72
|
+
* Get Ansible Vault store
|
|
73
|
+
*/
|
|
74
|
+
async function getVault(config, rootDir) {
|
|
75
|
+
const { AnsibleVaultSecrets } = await Promise.resolve().then(() => __importStar(require('../../../../utils/ansible-vault-secrets.js')));
|
|
76
|
+
return new AnsibleVaultSecrets({
|
|
77
|
+
vault_path: config.ansible?.vault_path ?? (0, config_helpers_js_1.getDefaultVaultPath)(config),
|
|
78
|
+
vault_password_file: config.ansible?.vault_password_file,
|
|
79
|
+
rootDir,
|
|
80
|
+
});
|
|
81
|
+
}
|
|
82
|
+
exports.secretsFixes = [
|
|
83
|
+
{
|
|
84
|
+
id: 'auth-jwt-secret-missing',
|
|
85
|
+
stage: 'secrets',
|
|
86
|
+
severity: 'critical',
|
|
87
|
+
description: 'JWT_SECRET not found in Ansible Vault (required for auth)',
|
|
88
|
+
scan: async (config, rootDir) => {
|
|
89
|
+
try {
|
|
90
|
+
const vault = await getVault(config, rootDir);
|
|
91
|
+
const secret = await vault.getSecret('JWT_SECRET');
|
|
92
|
+
return !secret;
|
|
93
|
+
}
|
|
94
|
+
catch {
|
|
95
|
+
return false; // Vault not available, skip
|
|
96
|
+
}
|
|
97
|
+
},
|
|
98
|
+
fix: async (config, rootDir) => {
|
|
99
|
+
try {
|
|
100
|
+
const vault = await getVault(config, rootDir);
|
|
101
|
+
// Auto-generate a cryptographically secure 256-bit secret
|
|
102
|
+
const jwtSecret = crypto.randomBytes(32).toString('hex');
|
|
103
|
+
const result = await vault.setSecret('JWT_SECRET', jwtSecret);
|
|
104
|
+
if (result.success) {
|
|
105
|
+
console.log(' [OK] Generated and stored JWT_SECRET in Ansible Vault');
|
|
106
|
+
console.log(' (256-bit random key, no manual input needed)');
|
|
107
|
+
return true;
|
|
108
|
+
}
|
|
109
|
+
console.log(' Failed to store JWT_SECRET in vault');
|
|
110
|
+
return false;
|
|
111
|
+
}
|
|
112
|
+
catch (e) {
|
|
113
|
+
console.log(' Error: ' + (e instanceof Error ? e.message : String(e)));
|
|
114
|
+
return false;
|
|
115
|
+
}
|
|
116
|
+
},
|
|
117
|
+
manualFix: 'Generate and store JWT secret: npx stack deploy --secrets set JWT_SECRET',
|
|
118
|
+
},
|
|
119
|
+
{
|
|
120
|
+
id: 'auth-oauth-google-missing',
|
|
121
|
+
stage: 'secrets',
|
|
122
|
+
severity: 'warning',
|
|
123
|
+
description: 'Google OAuth credentials not in vault (GOOGLE_CLIENT_ID)',
|
|
124
|
+
scan: async (config, rootDir) => {
|
|
125
|
+
if (!isOAuthEnabled(config, 'google'))
|
|
126
|
+
return false;
|
|
127
|
+
try {
|
|
128
|
+
const vault = await getVault(config, rootDir);
|
|
129
|
+
const clientId = await vault.getSecret('GOOGLE_CLIENT_ID');
|
|
130
|
+
return !clientId;
|
|
131
|
+
}
|
|
132
|
+
catch {
|
|
133
|
+
return false;
|
|
134
|
+
}
|
|
135
|
+
},
|
|
136
|
+
fix: async (config, rootDir) => {
|
|
137
|
+
try {
|
|
138
|
+
const { promptForSecret } = await Promise.resolve().then(() => __importStar(require('../../../../utils/secret-prompts.js')));
|
|
139
|
+
const vault = await getVault(config, rootDir);
|
|
140
|
+
console.log('');
|
|
141
|
+
console.log(' Google OAuth Setup');
|
|
142
|
+
console.log(' Get credentials from: https://console.cloud.google.com/apis/credentials');
|
|
143
|
+
console.log('');
|
|
144
|
+
const clientId = await promptForSecret('GOOGLE_CLIENT_ID', config);
|
|
145
|
+
const r1 = await vault.setSecret('GOOGLE_CLIENT_ID', clientId);
|
|
146
|
+
if (!r1.success)
|
|
147
|
+
return false;
|
|
148
|
+
const clientSecret = await promptForSecret('GOOGLE_CLIENT_SECRET', config);
|
|
149
|
+
const r2 = await vault.setSecret('GOOGLE_CLIENT_SECRET', clientSecret);
|
|
150
|
+
if (!r2.success)
|
|
151
|
+
return false;
|
|
152
|
+
console.log(' [OK] Stored Google OAuth credentials in vault');
|
|
153
|
+
return true;
|
|
154
|
+
}
|
|
155
|
+
catch {
|
|
156
|
+
return false;
|
|
157
|
+
}
|
|
158
|
+
},
|
|
159
|
+
manualFix: 'Store Google OAuth credentials:\n' +
|
|
160
|
+
' npx stack deploy --secrets set GOOGLE_CLIENT_ID\n' +
|
|
161
|
+
' npx stack deploy --secrets set GOOGLE_CLIENT_SECRET\n' +
|
|
162
|
+
' Get from: https://console.cloud.google.com/apis/credentials',
|
|
163
|
+
},
|
|
164
|
+
{
|
|
165
|
+
id: 'auth-oauth-apple-missing',
|
|
166
|
+
stage: 'secrets',
|
|
167
|
+
severity: 'warning',
|
|
168
|
+
description: 'Apple OAuth credentials not in vault (APPLE_CLIENT_ID)',
|
|
169
|
+
scan: async (config, rootDir) => {
|
|
170
|
+
if (!isOAuthEnabled(config, 'apple'))
|
|
171
|
+
return false;
|
|
172
|
+
try {
|
|
173
|
+
const vault = await getVault(config, rootDir);
|
|
174
|
+
const clientId = await vault.getSecret('APPLE_CLIENT_ID');
|
|
175
|
+
return !clientId;
|
|
176
|
+
}
|
|
177
|
+
catch {
|
|
178
|
+
return false;
|
|
179
|
+
}
|
|
180
|
+
},
|
|
181
|
+
fix: async (config, rootDir) => {
|
|
182
|
+
try {
|
|
183
|
+
const { promptForSecret } = await Promise.resolve().then(() => __importStar(require('../../../../utils/secret-prompts.js')));
|
|
184
|
+
const vault = await getVault(config, rootDir);
|
|
185
|
+
console.log('');
|
|
186
|
+
console.log(' Apple OAuth Setup');
|
|
187
|
+
console.log(' Get credentials from: https://developer.apple.com/account/resources/identifiers');
|
|
188
|
+
console.log('');
|
|
189
|
+
const clientId = await promptForSecret('APPLE_CLIENT_ID', config);
|
|
190
|
+
const r1 = await vault.setSecret('APPLE_CLIENT_ID', clientId);
|
|
191
|
+
if (!r1.success)
|
|
192
|
+
return false;
|
|
193
|
+
console.log(' [OK] Stored Apple OAuth credentials in vault');
|
|
194
|
+
return true;
|
|
195
|
+
}
|
|
196
|
+
catch {
|
|
197
|
+
return false;
|
|
198
|
+
}
|
|
199
|
+
},
|
|
200
|
+
manualFix: 'Store Apple OAuth credentials:\n' +
|
|
201
|
+
' npx stack deploy --secrets set APPLE_CLIENT_ID\n' +
|
|
202
|
+
' Get from: https://developer.apple.com/account/resources/identifiers',
|
|
203
|
+
},
|
|
204
|
+
];
|
|
205
|
+
//# sourceMappingURL=secrets.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../../../../src/plugins/addons/auth/scanfix/secrets.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,+CAAiC;AAEjC,2EAA0E;AAE1E;;GAEG;AACH,SAAS,aAAa,CAAC,MAAqB;IAC1C,MAAM,IAAI,GAAI,MAAkC,CAAC,IAAI,CAAC;IACtD,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACnD,OAAO,IAA+B,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,MAAqB,EAAE,QAA4B;IACzE,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IAExB,4BAA4B;IAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,QAA+C,CAAC;IACtE,IAAI,QAAQ,EAAE,KAAK;QAAE,OAAO,IAAI,CAAC;IAEjC,4BAA4B;IAC5B,IAAI,IAAI,CAAC,cAAc,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAElD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,QAAQ,CAAC,MAAqB,EAAE,OAAe;IAC5D,MAAM,EAAE,mBAAmB,EAAE,GAAG,wDAAa,4CAA4C,GAAC,CAAC;IAC3F,OAAO,IAAI,mBAAmB,CAAC;QAC7B,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE,UAAU,IAAI,IAAA,uCAAmB,EAAC,MAAM,CAAC;QACrE,mBAAmB,EAAE,MAAM,CAAC,OAAO,EAAE,mBAAmB;QACxD,OAAO;KACR,CAAC,CAAC;AACL,CAAC;AAEY,QAAA,YAAY,GAAU;IACjC;QACE,EAAE,EAAE,yBAAyB;QAC7B,KAAK,EAAE,SAAS;QAChB,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,2DAA2D;QACxE,IAAI,EAAE,KAAK,EAAE,MAAqB,EAAE,OAAe,EAAoB,EAAE;YACvE,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAC9C,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;gBACnD,OAAO,CAAC,MAAM,CAAC;YACjB,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC,CAAC,4BAA4B;YAC5C,CAAC;QACH,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,MAAqB,EAAE,OAAe,EAAoB,EAAE;YACtE,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAE9C,0DAA0D;gBAC1D,MAAM,SAAS,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;gBACzD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;gBAE9D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;oBACnB,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;oBACxE,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;oBAC/D,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;gBACtD,OAAO,KAAK,CAAC;YACf,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACzE,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,SAAS,EAAE,0EAA0E;KACtF;IAED;QACE,EAAE,EAAE,2BAA2B;QAC/B,KAAK,EAAE,SAAS;QAChB,QAAQ,EAAE,SAAS;QACnB,WAAW,EAAE,0DAA0D;QACvE,IAAI,EAAE,KAAK,EAAE,MAAqB,EAAE,OAAe,EAAoB,EAAE;YACvE,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,QAAQ,CAAC;gBAAE,OAAO,KAAK,CAAC;YAEpD,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAC9C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;gBAC3D,OAAO,CAAC,QAAQ,CAAC;YACnB,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,MAAqB,EAAE,OAAe,EAAoB,EAAE;YACtE,IAAI,CAAC;gBACH,MAAM,EAAE,eAAe,EAAE,GAAG,wDAAa,qCAAqC,GAAC,CAAC;gBAChF,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAE9C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAChB,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;gBACrC,OAAO,CAAC,GAAG,CAAC,4EAA4E,CAAC,CAAC;gBAC1F,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAEhB,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;gBACnE,MAAM,EAAE,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,kBAAkB,EAAE,QAAQ,CAAC,CAAC;gBAC/D,IAAI,CAAC,EAAE,CAAC,OAAO;oBAAE,OAAO,KAAK,CAAC;gBAE9B,MAAM,YAAY,GAAG,MAAM,eAAe,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC;gBAC3E,MAAM,EAAE,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,sBAAsB,EAAE,YAAY,CAAC,CAAC;gBACvE,IAAI,CAAC,EAAE,CAAC,OAAO;oBAAE,OAAO,KAAK,CAAC;gBAE9B,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;gBAChE,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,SAAS,EACP,mCAAmC;YACnC,yDAAyD;YACzD,6DAA6D;YAC7D,mEAAmE;KACtE;IAED;QACE,EAAE,EAAE,0BAA0B;QAC9B,KAAK,EAAE,SAAS;QAChB,QAAQ,EAAE,SAAS;QACnB,WAAW,EAAE,wDAAwD;QACrE,IAAI,EAAE,KAAK,EAAE,MAAqB,EAAE,OAAe,EAAoB,EAAE;YACvE,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;YAEnD,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAC9C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;gBAC1D,OAAO,CAAC,QAAQ,CAAC;YACnB,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,MAAqB,EAAE,OAAe,EAAoB,EAAE;YACtE,IAAI,CAAC;gBACH,MAAM,EAAE,eAAe,EAAE,GAAG,wDAAa,qCAAqC,GAAC,CAAC;gBAChF,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAE9C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAChB,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,oFAAoF,CAAC,CAAC;gBAClG,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAEhB,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;gBAClE,MAAM,EAAE,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC;gBAC9D,IAAI,CAAC,EAAE,CAAC,OAAO;oBAAE,OAAO,KAAK,CAAC;gBAE9B,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;gBAC/D,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,SAAS,EACP,kCAAkC;YAClC,wDAAwD;YACxD,2EAA2E;KAC9E;CACF,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth Setup Scanfixes (Dev Stage)
|
|
3
|
+
*
|
|
4
|
+
* Detects @factiii/auth in dependencies and ensures:
|
|
5
|
+
* - Auth config exists in stack.yml
|
|
6
|
+
* - Auth Prisma schema is initialized (npx @factiii/auth init)
|
|
7
|
+
* - Auth doctor passes (validates setup)
|
|
8
|
+
* - Prisma migrations are applied for auth tables
|
|
9
|
+
*/
|
|
10
|
+
import type { Fix } from '../../../../types/index.js';
|
|
11
|
+
export declare const setupFixes: Fix[];
|
|
12
|
+
//# sourceMappingURL=setup.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../../../../src/plugins/addons/auth/scanfix/setup.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAMH,OAAO,KAAK,EAAiB,GAAG,EAAE,MAAM,4BAA4B,CAAC;AA+BrE,eAAO,MAAM,UAAU,EAAE,GAAG,EAmK3B,CAAC"}
|