@firestartr/cli 2.4.0-snapshot-2 → 2.4.0-snapshot-4

package/build/index.js

@@ -284813,6 +284813,27 @@ async function addCommitStatus(state, sha, repo, owner = 'prefapp', target_url =
         context,
     });
 }
+async function tryCreateRef(ref, sha, repo, owner = 'prefapp') {
+    github_src_logger.info(`Creating ref ${ref} at ${sha} in ${owner}/${repo}`);
+    const octokit = await getOctokitForOrg(owner);
+    const normalizedRef = ref.startsWith('refs/') ? ref : `refs/${ref}`;
+    try {
+        await octokit.rest.git.createRef({
+            owner,
+            repo,
+            ref: normalizedRef,
+            sha,
+        });
+        return true;
+    }
+    catch (e) {
+        const message = e?.message || '';
+        if (e?.status === 422 && message.includes('Reference already exists')) {
+            return false;
+        }
+        throw e;
+    }
+}
 async function getRepoIssuesLabels(owner, repo) {
     github_src_logger.info(`Getting issues labels for ${owner}/${repo}`);
     const octokit = await getOctokitForOrg(owner);
@@ -284843,6 +284864,7 @@ async function getRepoIssuesLabels(owner, repo) {
     getOIDCRepo,
     addStatusCheck,
     addCommitStatus,
+    tryCreateRef,
     getRepoIssuesLabels,
 });
 
@@ -284861,8 +284883,22 @@ async function getTeamMembers(team, org) {
 async function getTeamInfo(team, org) {
     github_src_logger.info(`Getting info for ${org}/${team}`);
     const octokit = await getOctokitForOrg(org);
-    const res = await octokit.rest.teams.getByName({ org: org, team_slug: team });
-    return res['data'];
+    try {
+        const res = await octokit.rest.teams.getByName({
+            org: org,
+            team_slug: team,
+        });
+        return res['data'];
+    }
+    catch (err) {
+        const status = err?.status || err?.response?.status;
+        const message = err instanceof Error ? err.message : String(err);
+        const error = new Error(`Error getting GitHub team "${team}" in org "${org}": ${message}`);
+        if (status) {
+            error.status = status;
+        }
+        throw error;
+    }
 }
 async function getTeamRoleUser(org, team, username) {
     github_src_logger.info(`Getting role for ${username} in ${org}/${team}`);
@@ -285007,6 +285043,36 @@ async function readMultiPartStickyIdsFromPrBody(octokit, owner, repo, pr, baseKi
     }
     return ids;
 }
+async function readMultiPartStickyIdsFromComments(octokit, owner, repo, pr, baseKind) {
+    const ids = new Map();
+    let page = 1;
+    while (true) {
+        const resp = await octokit.rest.issues.listComments({
+            owner,
+            repo,
+            issue_number: pr,
+            per_page: 100,
+            page,
+        });
+        for (const comment of resp.data) {
+            const body = comment.body ?? '';
+            for (let i = 0; i < MAX_MULTIPART_COMMENTS; i++) {
+                if (body.includes(multiPartBodyMarker(baseKind, i))) {
+                    ids.set(i, comment.id);
+                }
+            }
+        }
+        if (resp.data.length < 100)
+            return ids;
+        page++;
+    }
+}
+async function readMultiPartStickyIds(octokit, owner, repo, pr, baseKind) {
+    const ids = await readMultiPartStickyIdsFromPrBody(octokit, owner, repo, pr, baseKind);
+    if (ids.size > 0)
+        return ids;
+    return readMultiPartStickyIdsFromComments(octokit, owner, repo, pr, baseKind);
+}
 async function writeMultiPartStickyIdsToPrBody(octokit, owner, repo, pr, baseKind, ids) {
     const oldBody = await getPrBody(octokit, owner, repo, pr);
     let body = oldBody;
@@ -285049,7 +285115,7 @@ async function upsertMultiPartStickyComments(octokit, params) {
     const totalParts = bodies.length;
     await withLock(lockKey, async () => {
         // Read existing comment IDs for this base kind
-        const existingIds = await readMultiPartStickyIdsFromPrBody(octokit, owner, repo, pullNumber, baseKind);
+        const existingIds = await readMultiPartStickyIds(octokit, owner, repo, pullNumber, baseKind);
         const newIds = new Map();
         // Process each part of the new content
         for (let partIndex = 0; partIndex < totalParts; partIndex++) {
@@ -285138,6 +285204,11 @@ async function getPrMergeCommitSHA(pull_number, repo, owner = 'prefapp') {
     }
     throw new Error(`No merge_commit_sha value in prData.data: ${prData.data}`);
 }
+async function getPrBaseSHA(pull_number, repo, owner = 'prefapp') {
+    github_src_logger.info(`Getting base SHA for PR ${pull_number} of ${owner}/${repo}`);
+    const prData = await getPrData(pull_number, repo, owner);
+    return prData.data.base.sha;
+}
 /*
  * Receives a comment, splits it into commentMaxSize sized chunks and returns
  * the resulting list
@@ -285171,11 +285242,22 @@ function divideCommentIntoChunks(comment, sizeReduction = 0) {
 async function getPrFiles(pr_number, repo, owner = 'prefapp') {
     github_src_logger.info(`Getting PR details of PR ${pr_number} of ${owner}/${repo}`);
     const octokit = await getOctokitForOrg(owner);
-    return await octokit.rest.pulls.listFiles({
-        owner,
-        repo,
-        pull_number: pr_number,
-    });
+    const data = [];
+    let page = 1;
+    while (true) {
+        const resp = await octokit.rest.pulls.listFiles({
+            owner,
+            repo,
+            pull_number: pr_number,
+            per_page: 100,
+            page,
+        });
+        data.push(...resp.data);
+        if (resp.data.length < 100) {
+            return { ...resp, data };
+        }
+        page++;
+    }
 }
 async function filterPrBy(filter, opts) {
     let foundPr = null;
@@ -285203,6 +285285,7 @@ async function filterPrBy(filter, opts) {
     commentInPR,
     getPrLastCommitSHA,
     getPrMergeCommitSHA,
+    getPrBaseSHA,
     divideCommentIntoChunks,
     getPrFiles,
     filterPrBy,
@@ -286585,7 +286668,11 @@ class GlobalDefault extends DefaultSection {
 // Thus it performs a nullify of the designed patches
 
 
-const ONE_WAY_DEFINITIONS = ['/spec/vars', '/spec/actions/oidc', '/spec/repo/labels'];
+const ONE_WAY_DEFINITIONS = [
+    '/spec/vars',
+    '/spec/actions/oidc',
+    '/spec/repo/labels',
+];
 function applyOneWayDefs(crSpecs) {
     const crSpecsClone = JSON.parse(JSON.stringify(crSpecs));
     for (const defPath of ONE_WAY_DEFINITIONS) {
@@ -293687,7 +293774,6 @@ function toJson_FirestartrGithubRepositorySpecRepo(obj) {
         'allowUpdateBranch': obj.allowUpdateBranch,
         'hasIssues': obj.hasIssues,
         'hasWiki': obj.hasWiki,
-        'pages': obj.pages,
         'topics': obj.topics?.map(y => y),
         'labels': obj.labels?.map(y => toJson_FirestartrGithubRepositorySpecRepoLabels(y)),
         'visibility': obj.visibility,
@@ -297088,6 +297174,32 @@ function searchSecretKey(secretClaim, key) {
     return found;
 }
 
+;// CONCATENATED MODULE: ../cdk8s_renderer/src/validations/componentPagesPath.ts
+/**
+ * Throws if any ComponentClaim's providers.github.pages.path is set to any value other than '/' or '/docs'.
+ * Should be called as a final render-time validation (never mutates input).
+ */
+function validateComponentPagesPath(renderClaims) {
+    for (const ref of Object.keys(renderClaims)) {
+        const claimEntry = renderClaims[ref];
+        // Heuristic: claim.kind === 'ComponentClaim' (may need to adjust based on naming)
+        if (claimEntry.claim &&
+            claimEntry.claim.kind === 'ComponentClaim' &&
+            claimEntry.claim.providers &&
+            claimEntry.claim.providers.github &&
+            claimEntry.claim.providers.github.pages &&
+            typeof claimEntry.claim.providers.github.pages === 'object') {
+            const pages = claimEntry.claim.providers.github.pages;
+            if (Object.prototype.hasOwnProperty.call(pages.source, 'path') &&
+                typeof pages.source.path === 'string' &&
+                pages.source.path !== '/' &&
+                pages.source.path !== '/docs') {
+                throw new Error(`ComponentClaim/${claimEntry.claim.name}: providers.github.pages.source.path must be '/' or '/docs' if set. Found: '${pages.source.path}'`);
+            }
+        }
+    }
+}
+
 ;// CONCATENATED MODULE: ../cdk8s_renderer/src/renderer/renderer.ts
 
 
@@ -297096,6 +297208,7 @@ function searchSecretKey(secretClaim, key) {
 
 
 
+
 /*
  * Function called when rendering but not importing
  *
@@ -297112,6 +297225,7 @@ async function renderer_render(catalogScope, firestartrScope, claimList) {
     const result = await renderClaims(catalogScope, firestartrScope, data);
     try {
         validateSubReferences(data.renderClaims);
+        validateComponentPagesPath(data.renderClaims);
         validateTfStateKeyUniqueness(result);
         validateCrSizes(result);
         validatePermissionsUniqueness(result);
@@ -298206,15 +298320,20 @@ class RepoGithubDecanter extends GithubDecanter {
         });
     }
     __decantPages() {
-        if (this.data.repoDetails.has_pages) {
-            this.__patchClaim({
-                op: 'add',
-                value: {
-                    cname: this.data.pages.cname,
-                    source: this.data.pages.source,
-                },
-                path: '/providers/github/pages',
-            });
+        if (this.data.pages) {
+            if (this.data.pages.build_type === 'workflow') {
+                importer_src_logger.info(`Repository ${this.data.repoDetails.name} is using GitHub Actions for Pages deployment, skipping Pages configuration in claim as it's managed via workflow.`);
+            }
+            else if (this.data.pages.build_type === 'legacy') {
+                this.__patchClaim({
+                    op: 'add',
+                    path: '/providers/github/pages',
+                    value: {
+                        cname: this.data.pages.cname || '',
+                        source: this.data.pages.source,
+                    },
+                });
+            }
         }
     }
     __decantOIDC() {
@@ -300614,8 +300733,9 @@ async function resolveDep(namespace, resolve, deps, references, getItemByItemPat
     for (const nestedRef of resolver_walk(ref)) {
         references.push(nestedRef);
     }
-    const secret = resolve.apiGroup === catalog_common.types.controller.FirestartrApiGroup ||
-        resolve.apiGroup === catalog_common.types.controller.ExternalSecretsApiGroup
+    const secret = resolve.needsSecret !== false &&
+        (resolve.apiGroup === catalog_common.types.controller.FirestartrApiGroup ||
+            resolve.apiGroup === catalog_common.types.controller.ExternalSecretsApiGroup)
         ? await resolveSecretRef(namespace, ref, getSecret)
         : undefined;
     deps[kr] = {
@@ -303757,18 +303877,24 @@ ${message}
 `;
     await github.pulls.commentInPR(comment, prNumber, repo, org, 'logs');
 }
-async function publishPlan(item, planOutput, prNumber, repo, org, isSuccess = true) {
+async function publishPlan(item, planOutput, prNumber, repo, org, isSuccess = true, operation = 'plan', source = '') {
     try {
+        const kind = item.kind || 'UnknownKind';
+        const name = item.metadata?.name || item.metadata?.generateName || 'unknown';
         const dividedOutput = github.pulls.divideCommentIntoChunks(planOutput, 250);
         const statusEmoji = isSuccess ? '✅' : '❌';
         const statusText = isSuccess ? 'Succeeded' : 'Failed';
+        const operationTitle = operation
+            .split('-')
+            .map((part) => part.charAt(0).toUpperCase() + part.slice(1))
+            .join('-');
         const commentBodies = dividedOutput.map((commentContent, index) => {
             const isMultiPart = dividedOutput.length > 1;
             const partIndicator = isMultiPart ? ` (Part ${index + 1})` : '';
             return `<h1>
-<img  width="25"  src="https://raw.githubusercontent.com/firestartr-pro/docs/refs/heads/main/logos/square-nobg.png"> Plan ${statusText} ${statusEmoji}
+<img  width="25"  src="https://raw.githubusercontent.com/firestartr-pro/docs/refs/heads/main/logos/square-nobg.png"> ${operationTitle} ${statusText} ${statusEmoji}
 </h1>
-<p><b>TFWorkspace: </b>${item.metadata.name}</p>
+<p><b>${kind}: </b>${name}</p>
 
 <details id=github>
 <summary>PLAN LOGS${partIndicator}</summary>
@@ -303784,7 +303910,9 @@ ${commentContent}
             owner: org,
             repo,
             pullNumber: prNumber,
-            baseKind: 'tfworkspace:plan',
+            baseKind: [kind.toLowerCase(), name, operation, source]
+                .filter(Boolean)
+                .join(':'),
             bodies: commentBodies,
         });
     }
@@ -305636,91 +305764,6 @@ function waitForFile(filePath) {
     });
 }
 
-;// CONCATENATED MODULE: ../operator/src/tfworkspaceplans/index.ts
-
-
-
-
-
-
-
-
-var FileStatus;
-(function (FileStatus) {
-    FileStatus["DELETED"] = "removed";
-    FileStatus["ADDED"] = "added";
-    FileStatus["MODIFIED"] = "modified";
-})(FileStatus || (FileStatus = {}));
-function fDebug(message, level = 'info') {
-    console.log(JSON.stringify({ message, level }));
-}
-async function tfWorkspacePlan(opts) {
-    const { repo, owner, prNumber, namespace, ref } = opts;
-    const pull = `${owner}/${repo}#${prNumber}`;
-    let cr = null;
-    try {
-        fDebug(`Starting plan for ${pull}`, 'info');
-        await addPlanStatusCheck(pull, 'Terraform plan in progress...');
-        fDebug(`Getting PR ${prNumber} in ${repo}`, 'info');
-        const resp = await github.pulls.getPrFiles(prNumber, repo, owner);
-        const { data } = resp;
-        if (data.length !== 1) {
-            throw new Error(`One file expected in PR ${opts.prNumber} in ${opts.repo}, but found ${data.length}`);
-        }
-        const [file] = data;
-        if (!file) {
-            throw new Error(`No data found for PR ${opts.prNumber} in ${opts.repo}`);
-        }
-        const { filename, status } = file;
-        let content = '';
-        fDebug(`Getting content for ${filename} in ${repo}`);
-        if (status === FileStatus.DELETED) {
-            content = await github.repo.getContent(filename, repo, owner);
-        }
-        else if (status === FileStatus.ADDED || status === FileStatus.MODIFIED) {
-            content = await github.repo.getContent(filename, repo, owner, ref);
-        }
-        else {
-            throw new Error(`Unknown status ${status} for file ${filename} in PR ${opts.prNumber} in ${opts.repo}`);
-        }
-        cr = catalog_common.io.fromYaml(content);
-        if (cr.kind !== 'FirestartrTerraformWorkspace') {
-            throw new Error(`No FirestartrTerraformWorkspace found in PR ${opts.prNumber} in ${opts.repo}`);
-        }
-        fDebug('Resolving references');
-        const deps = await resolve(cr, getItemByItemPath, getSecret, namespace);
-        fDebug('Building context');
-        const ctx = await buildProvisionerContext(cr, deps);
-        fDebug('Context built');
-        const command = getCommandByStatus(status);
-        fDebug('Running terraform provisioner');
-        const tfOutput = await runTerraformProvisioner(ctx, command, undefined);
-        fDebug('Terraform provisioner finished');
-        fDebug('Publishing plan');
-        await publishPlan(cr, tfOutput, prNumber, repo, owner);
-        await addPlanStatusCheck(pull, tfOutput, 'completed');
-    }
-    catch (e) {
-        console.error(e);
-        const { output: message } = extractErrorDetails(e);
-        fDebug(`Error: ${message}`, 'error');
-        await addPlanStatusCheck(pull, message, 'completed', true);
-        fDebug('Publishing plan');
-        await publishPlan(cr, message, prNumber, repo, owner);
-    }
-}
-function getCommandByStatus(status) {
-    switch (status) {
-        case FileStatus.MODIFIED:
-        case FileStatus.ADDED:
-            return 'plan';
-        case FileStatus.DELETED:
-            return 'plan-destroy';
-        default:
-            throw new Error(`Unknown status: ${status}`);
-    }
-}
-
 ;// CONCATENATED MODULE: ../gh_provisioner/src/logger.ts
 
 /* harmony default export */ const gh_provisioner_src_logger = (catalog_common.logger);
@@ -305809,7 +305852,7 @@ const MODULES = {
     },
     FirestartrGithubRepository: {
         module: 'git::https://github.com/prefapp/tfm.git//modules/github-repo',
-        ref: 'github-repo-v0.2.0',
+        ref: 'feat/1195-github-repo-problem-on-github-pages',
     },
     FirestartrGithubRepositoryFeature: {
         module: 'git::https://github.com/prefapp/tfm.git//modules/github-files-set',
@@ -306558,6 +306601,42 @@ class EntityGHRepo extends base_Entity {
             },
         });
     }
+    /**
+     * Validation logic for GitHub Pages branch settings:
+     * - On create: If pages branch is set, it must equal the default branch.
+     * - On update: If pages branch is set and is not the default, it must exist in remote.
+     */
+    async validatePagesBranch(tfOp, repoAlreadyExists) {
+        const pages = this.cr.spec.pages;
+        if (!pages || !pages.source || !pages.source.branch)
+            return;
+        const branch = pages.source.branch;
+        const defaultBranch = this.cr.spec.repo.defaultBranch;
+        const repo = this.cr.name;
+        const org = this.cr.spec.org;
+        gh_provisioner_src_logger.error(`[gh-provisioner] ${this.k8sId} validating pages branch '${branch}' against default branch '${defaultBranch}' for operation '${tfOp}'`);
+        if (!repoAlreadyExists) {
+            if (branch !== defaultBranch) {
+                throw new Error(`Pages branch must equal default branch on creation. Provided: '${branch}', expected: '${defaultBranch}'`);
+            }
+            return;
+        }
+        else if (branch !== defaultBranch) {
+            gh_provisioner_src_logger.error(`[gh-provisioner] ${this.k8sId} validating pages branch '${branch}' against default branch '${defaultBranch}' for operation '${tfOp}' - branch is different from default, checking existence in remote`);
+            try {
+                await this.runWithGithubProvider(async () => {
+                    await github.branches.getBranch(repo, branch, org);
+                });
+            }
+            catch (err) {
+                if (err && err.status === 404) {
+                    throw new Error(`Pages branch '${branch}' does not exist in the repository '${org}/${repo}'.`);
+                }
+                // Other errors propagate
+                throw err;
+            }
+        }
+    }
     async loadResources(tfOp) {
         let repoAlreadyExists = false;
         try {
@@ -306565,7 +306644,9 @@ class EntityGHRepo extends base_Entity {
             repoAlreadyExists = (await this.runWithGithubProvider(async () => {
                 return await github.repo.repoExists(this.cr.spec.org, this.cr.name);
             }));
+            await this.validatePagesBranch(tfOp, repoAlreadyExists);
             await this.provisionRepository();
+            await this.provisionPages();
             await provisionDefaultBranch(this);
             await provisionCodeowners(this);
             await provisionVariables(this);
@@ -306673,10 +306754,21 @@ class EntityGHRepo extends base_Entity {
                 ignoreVulnerabilityAlertsDuringRead: this.cr.spec.repo.ignoreVulnerabilityAlertsDuringRead,
                 mergeCommitTitle: this.cr.spec.repo.mergeCommitTitle,
                 squashMergeCommitMessage: this.cr.spec.repo.squashMergeCommitMessage,
-                pages: this.cr.spec.pages,
             },
         });
     }
+    provisionPages() {
+        if (this.cr.spec.pages) {
+            this.patchData({
+                path: '/config/pages',
+                op: PatchOperations.add,
+                value: {
+                    source: this.cr.spec.pages.source,
+                    cname: this.cr.spec.pages.cname,
+                },
+            });
+        }
+    }
 }
 
 ;// CONCATENATED MODULE: ../gh_provisioner/src/entities/ghfeature/helpers/managed_files.ts
@@ -307022,8 +307114,9 @@ class EntityGHMembership extends base_Entity {
             gh_provisioner_src_logger.debug(`[gh-provisioner] ${this.k8sId} loaded its data`);
         }
         catch (err) {
-            gh_provisioner_src_logger.error(`[gh-provisioner] ${this.k8sId} error loading resources: ${err}`);
-            throw `[gh-provisioner] ${this.k8sId} error loading resources: ${err}`;
+            const message = err instanceof Error ? err.message : String(err);
+            gh_provisioner_src_logger.error(`[gh-provisioner] ${this.k8sId} error loading resources: ${message}`);
+            throw new Error(`[gh-provisioner] ${this.k8sId} error loading resources: ${message}`);
         }
     }
     async postProvision(tfOp) { }
@@ -307048,11 +307141,29 @@ class EntityGHMembership extends base_Entity {
         }
     }
     async provisionAllGroupMembershipRelation() {
+        // Every org member must belong to the <org>-all team so they receive base
+        // access.  If that team is missing the provider likely points at the wrong
+        // org, so we surface a clear error guiding the user toward the correct field.
         gh_provisioner_src_logger.debug('[gh-provisioner] provisioning all group membership relation');
         // we need to get the <org>-all group teamId
-        const teamInfo = await this.runWithGithubProvider(async () => {
-            return (await github.team.getTeamInfo(`${this.cr.spec.org}-all`, this.cr.spec.org));
-        });
+        const allTeamName = `${this.cr.spec.org}-all`;
+        let teamInfo;
+        try {
+            teamInfo = await this.runWithGithubProvider(async () => {
+                return (await github.team.getTeamInfo(allTeamName, this.cr.spec.org));
+            });
+        }
+        catch (err) {
+            const status = err?.status || err?.response?.status;
+            const message = err instanceof Error ? err.message : String(err);
+            const isNotFound = status === 404 || message.includes('Not Found');
+            if (isNotFound) {
+                const claimRef = this.cr.metadata?.annotations?.['firestartr.dev/claim-ref'] ||
+                    'unknown claim';
+                throw new Error(`Could not find required GitHub team "${allTeamName}" in org "${this.cr.spec.org}" while loading membership for user "${this.cr.name}" (${claimRef}). Check UserClaim.providers.github.org / FirestartrGithubMembership.spec.org; it must point to the organization where the "<org>-all" team exists. Original error: ${message}`);
+            }
+            throw err;
+        }
         gh_provisioner_src_logger.debug(`[gh-provisioner] got team info for org-all team: ${teamInfo.id}`);
         this.patchData({
             path: '/config/relationships/-',
@@ -307405,8 +307516,8 @@ async function runGhProvisioner(data, opts) {
         // ---------------------------------------
         // preparing the outputs
         // ---------------------------------------
-        if (tfOp === 'debug' || tfOp === 'nothing') {
-            gh_provisioner_src_logger.info(`[gh-provisioner] ${entity.k8sId} on debug or nothing: nothing is done`);
+        if (tfOp === 'debug' || tfOp === 'nothing' || isPlanOperation(tfOp)) {
+            gh_provisioner_src_logger.info(`[gh-provisioner] ${entity.k8sId} on ${tfOp}: post provision is skipped`);
         }
         else {
             gh_provisioner_src_logger.info(`[gh-provisioner] running post provision for ${entity.k8sId}`);
@@ -307422,13 +307533,14 @@ async function runGhProvisioner(data, opts) {
         return operationOutputs;
     }
     catch (err) {
-        gh_provisioner_src_logger.error(`[gh-provisioner] Error running runGhProvisioner: ${err}`);
-        if (!synthFinished)
-            entity.synthEnd(`${err}`);
-        if (entity && entity.inDebugMode) {
+        const message = err instanceof Error ? err.message : String(err);
+        gh_provisioner_src_logger.error(`[gh-provisioner] Error running runGhProvisioner: ${message}`);
+        if (!synthFinished && entity)
+            entity.synthEnd(message);
+        if (entity && entity.inDebugMode && synthFinished) {
             await debugTerraformOutput(entity, err.toString());
         }
-        throw new Error(`[gh-provisioner] Error running runGhProvisioner: ${err}`);
+        throw new Error(`[gh-provisioner] Error running runGhProvisioner: ${message}`);
     }
     finally {
         if (entity && entity.inDebugMode) {
@@ -307445,23 +307557,30 @@ function inferTFOperation(cr, opts) {
         ? true
         : false;
     gh_provisioner_src_logger.debug('[gh-provisioner] inferTFOperation options keys:', Object.keys(opts || {}));
-    const operation = isImport && needsReimport
-        ? 'import-with-reimport'
-        : isImport
-            ? 'import'
-            : opts.create
-                ? 'apply'
-                : opts.update
-                    ? 'apply'
-                    : opts.delete
-                        ? 'destroy'
-                        : opts.debug
-                            ? 'debug'
-                            : 'nothing';
+    const operation = opts.plan
+        ? 'plan'
+        : opts.planDestroy
+            ? 'plan-destroy'
+            : isImport && needsReimport
+                ? 'import-with-reimport'
+                : isImport
+                    ? 'import'
+                    : opts.create
+                        ? 'apply'
+                        : opts.update
+                            ? 'apply'
+                            : opts.delete
+                                ? 'destroy'
+                                : opts.debug
+                                    ? 'debug'
+                                    : 'nothing';
     //opts.import && opts.skipPlan && isImport
     //  ? 'IMPORT_SKIP_PLAN'
     return operation;
 }
+function isPlanOperation(tfOp) {
+    return tfOp === 'plan' || tfOp === 'plan-destroy';
+}
 function sendWarnings() {
     if (process.env['AVOID_PROVIDER_SECRET_ENCRYPTION']) {
         console.warn(`
@@ -307488,6 +307607,446 @@ function sendWarnings() {
     runGhProvisioner,
 });
 
+;// CONCATENATED MODULE: ../operator/src/pull-request-plan/index.ts
+
+
+
+
+
+
+
+
+
+
+
+var FileStatus;
+(function (FileStatus) {
+    FileStatus["DELETED"] = "removed";
+    FileStatus["ADDED"] = "added";
+    FileStatus["MODIFIED"] = "modified";
+    FileStatus["RENAMED"] = "renamed";
+    FileStatus["COPIED"] = "copied";
+    FileStatus["CHANGED"] = "changed";
+    FileStatus["UNCHANGED"] = "unchanged";
+})(FileStatus || (FileStatus = {}));
+const TERRAFORM_WORKSPACE_KIND = 'FirestartrTerraformWorkspace';
+const GITHUB_RESOURCE_KINDS = [
+    'FirestartrGithubGroup',
+    'FirestartrGithubMembership',
+    'FirestartrGithubRepository',
+    'FirestartrGithubRepositoryFeature',
+    'FirestartrGithubRepositorySecretsSection',
+    'FirestartrGithubOrgWebhook',
+];
+const GITHUB_REPOSITORY_DEPENDENT_KINDS = [
+    'FirestartrGithubRepositoryFeature',
+    'FirestartrGithubRepositorySecretsSection',
+];
+const SUPPORTED_RESOURCE_KINDS = [
+    TERRAFORM_WORKSPACE_KIND,
+    ...GITHUB_RESOURCE_KINDS,
+];
+const SUMMARY_FAILURE_MAX_LENGTH = 160;
+const SUMMARY_DETAIL_MAX_ITEMS = 20;
+function fDebug(message, level = 'info') {
+    console.log(JSON.stringify({ message, level }));
+}
+async function pullRequestPlan(opts) {
+    const { repo, owner, prNumber } = opts;
+    const pull = `${owner}/${repo}#${prNumber}`;
+    try {
+        fDebug(`Starting plan for ${pull}`, 'info');
+        const headSha = await github.pulls.getPrLastCommitSHA(prNumber, repo, owner);
+        if (!(await tryAcquirePlanLock(opts, headSha))) {
+            fDebug(`Skipping duplicate plan for ${pull} at ${headSha}`, 'info');
+            return;
+        }
+        await addPlanStatusCheck(pull, 'Plan in progress...');
+        fDebug(`Getting PR ${prNumber} in ${repo}`, 'info');
+        const resp = await github.pulls.getPrFiles(prNumber, repo, owner);
+        const { data } = resp;
+        if (data.length === 0) {
+            throw new Error(`No data found for PR ${opts.prNumber} in ${opts.repo}`);
+        }
+        const planContext = {
+            ...opts,
+            baseResourceByItemPath: new Map(),
+            fileContentByFilename: new Map(),
+            prFileStatusByItemPath: new Map(),
+            prResourceByItemPath: new Map(),
+        };
+        await indexPrResources(data, planContext);
+        const results = [];
+        for (const file of data) {
+            results.push(await planFile(file, planContext));
+        }
+        const plannedResults = results.filter((result) => !result.skipped);
+        if (plannedResults.length === 0) {
+            throw new Error(`No supported Firestartr resources found in PR ${opts.prNumber} in ${opts.repo}`);
+        }
+        const failedResults = plannedResults.filter((result) => !result.success);
+        const summary = buildSummary(results);
+        await addPlanStatusCheck(pull, summary, 'completed', failedResults.length > 0);
+    }
+    catch (e) {
+        console.error(e);
+        const { output: message } = extractErrorDetails(e);
+        fDebug(`Error: ${message}`, 'error');
+        await addPlanStatusCheck(pull, message, 'completed', true);
+    }
+}
+async function tryAcquirePlanLock(opts, headSha) {
+    const { owner, repo, prNumber } = opts;
+    const lockKey = `${owner}/${repo}#${prNumber}@${headSha}`;
+    const lockHash = (0,external_crypto_.createHash)('sha256').update(lockKey).digest('hex');
+    const lockRef = `refs/firestartr/plan-locks/${lockHash}`;
+    try {
+        return await github.repo.tryCreateRef(lockRef, headSha, repo, owner);
+    }
+    catch (e) {
+        fDebug(`Could not create plan lock '${lockRef}' for '${lockKey}'; running without dedupe. Error: ${e?.message || e}`, 'warn');
+        return true;
+    }
+}
+async function planFile(file, opts) {
+    const { repo, owner, prNumber } = opts;
+    const { filename, status } = file;
+    let cr;
+    try {
+        if (!pull_request_plan_isYamlFile(filename)) {
+            return skippedResult(filename, 'Not a YAML file');
+        }
+        if (!isTrackedFileStatus(status)) {
+            return skippedResult(filename, `Unsupported file status ${status}`);
+        }
+        fDebug(`Getting content for ${filename} in ${repo}`);
+        const content = await getFileContent(filename, status, opts);
+        cr = catalog_common.io.fromYaml(content);
+        if (!cr || !cr.kind) {
+            const message = `Missing Kubernetes kind in ${filename}`;
+            await publishPlan(fallbackPlanResource(filename), message, prNumber, repo, owner, false, getCommandByStatus(status), filename);
+            return {
+                filename,
+                kind: 'UnknownKind',
+                name: filename,
+                success: false,
+                message,
+            };
+        }
+        if (!SUPPORTED_RESOURCE_KINDS.includes(cr.kind)) {
+            return skippedResult(filename, `Unsupported kind ${cr.kind}`);
+        }
+        const resourceName = getResourceName(cr);
+        if (!resourceName) {
+            const message = `Missing metadata.name or metadata.generateName in ${filename}`;
+            await publishPlan(withFallbackResourceName(cr, filename), message, prNumber, repo, owner, false, getCommandByStatus(status), filename);
+            return {
+                filename,
+                kind: cr.kind,
+                name: filename,
+                success: false,
+                message,
+            };
+        }
+        const skipReason = await getPlanSkipReason(cr, status, opts);
+        if (skipReason) {
+            await publishPlan(cr, skipReason, prNumber, repo, owner, true, `${getCommandByStatus(status)}-skipped`, filename);
+            return {
+                filename,
+                kind: cr.kind,
+                name: resourceName,
+                skipped: true,
+                success: true,
+                message: skipReason,
+            };
+        }
+        const output = isGithubResourceKind(cr.kind)
+            ? await planGithubResource(cr, status, opts)
+            : await planTerraformWorkspace(cr, status, opts);
+        await publishPlan(cr, output, prNumber, repo, owner, true, getCommandByStatus(status), filename);
+        return {
+            filename,
+            kind: cr.kind,
+            name: resourceName,
+            success: true,
+            message: output,
+        };
+    }
+    catch (e) {
+        console.error(e);
+        const { output: message } = extractErrorDetails(e);
+        await publishPlan(cr && cr.kind ? cr : fallbackPlanResource(filename), message, prNumber, repo, owner, false, getSafeCommandByStatus(status), filename);
+        return {
+            filename,
+            kind: cr?.kind,
+            name: cr ? getResourceName(cr, filename) : undefined,
+            success: false,
+            message,
+        };
+    }
+}
+async function getFileContent(filename, status, opts) {
+    const { repo, owner, prNumber, ref } = opts;
+    const cachedContent = opts.fileContentByFilename.get(filename);
+    if (cachedContent !== undefined)
+        return cachedContent;
+    let content;
+    if (status === FileStatus.DELETED) {
+        if (!opts.baseSha) {
+            opts.baseSha = await github.pulls.getPrBaseSHA(prNumber, repo, owner);
+        }
+        content = await github.repo.getContent(filename, repo, owner, opts.baseSha);
+        opts.fileContentByFilename.set(filename, content);
+        return content;
+    }
+    if (status === FileStatus.ADDED ||
+        status === FileStatus.MODIFIED ||
+        status === FileStatus.RENAMED ||
+        status === FileStatus.COPIED ||
+        status === FileStatus.CHANGED) {
+        content = await github.repo.getContent(filename, repo, owner, ref);
+        opts.fileContentByFilename.set(filename, content);
+        return content;
+    }
+    throw new Error(`Unknown status ${status} for file ${filename} in PR ${prNumber} in ${repo}`);
+}
+async function planTerraformWorkspace(cr, status, opts) {
+    fDebug('Resolving references');
+    const deps = await resolve(cr, getPrAwareItemByItemPath(opts), getSecret, opts.namespace);
+    fDebug('Building context');
+    const ctx = await buildProvisionerContext(cr, deps);
+    fDebug('Context built');
+    const command = getCommandByStatus(status);
+    fDebug('Running terraform provisioner');
+    const tfOutput = await runTerraformProvisioner(ctx, command, undefined);
+    fDebug('Terraform provisioner finished');
+    return tfOutput;
+}
+async function planGithubResource(cr, status, opts) {
+    fDebug('Resolving references');
+    const deps = await resolve(cr, getPrAwareItemByItemPath(opts), getSecret, opts.namespace);
+    fDebug('Running GitHub provisioner plan');
+    return await gh_provisioner.runGhProvisioner({
+        mainCr: cr,
+        deps,
+    }, getGithubPlanOptionsByStatus(status));
+}
+async function indexPrResources(files, opts) {
+    for (const file of files) {
+        if (!pull_request_plan_isYamlFile(file.filename))
+            continue;
+        if (!isTrackedFileStatus(file.status))
+            continue;
+        try {
+            const content = await getFileContent(file.filename, file.status, opts);
+            const cr = catalog_common.io.fromYaml(content);
+            const itemPath = getCrItemPath(cr, opts.namespace);
+            if (itemPath) {
+                opts.prFileStatusByItemPath.set(itemPath, file.status);
+                if (file.status !== FileStatus.DELETED) {
+                    opts.prResourceByItemPath.set(itemPath, cr);
+                }
+            }
+        }
+        catch {
+            // Invalid YAML or unsupported resources are reported by planFile.
+        }
+    }
+}
+async function getPlanSkipReason(cr, status, opts) {
+    if (!isPrRefStatus(status))
+        return undefined;
+    if (!GITHUB_REPOSITORY_DEPENDENT_KINDS.includes(cr.kind))
+        return undefined;
+    const repositoryRef = cr.spec?.repositoryTarget?.ref;
+    if (repositoryRef?.kind !== 'FirestartrGithubRepository' ||
+        !repositoryRef.name) {
+        return undefined;
+    }
+    const namespace = cr.metadata?.namespace || opts.namespace;
+    const repositoryItemPath = `${namespace}/${definitions_getPluralFromKind(repositoryRef.kind)}/${repositoryRef.name}`;
+    if (opts.prFileStatusByItemPath.get(repositoryItemPath) !== FileStatus.ADDED) {
+        return undefined;
+    }
+    const baseRepository = await getBaseGithubResource(repositoryItemPath, opts);
+    if (baseRepository)
+        return undefined;
+    return (`Skipped plan: ${cr.kind}/${getResourceName(cr)} targets ` +
+        `${repositoryRef.kind}/${repositoryRef.name}, which is created in this PR. ` +
+        'The repository feature and secrets section can only be planned after the repository exists.');
+}
+function getPrAwareItemByItemPath(opts) {
+    return async (itemPath, apiGroup, apiVersion) => {
+        if (opts.prFileStatusByItemPath.get(itemPath) === FileStatus.DELETED) {
+            return undefined;
+        }
+        const prResource = opts.prResourceByItemPath.get(itemPath);
+        if (prResource)
+            return prResource;
+        const baseResource = await getBaseGithubResource(itemPath, opts);
+        if (baseResource)
+            return baseResource;
+        return getItemByItemPath(itemPath, apiGroup, apiVersion);
+    };
+}
+async function getBaseGithubResource(itemPath, opts) {
+    if (opts.baseResourceByItemPath.has(itemPath)) {
+        return opts.baseResourceByItemPath.get(itemPath) ?? undefined;
+    }
+    const resourceFile = getGithubResourceFilename(itemPath);
+    if (!resourceFile)
+        return undefined;
+    if (!opts.baseSha) {
+        opts.baseSha = await github.pulls.getPrBaseSHA(opts.prNumber, opts.repo, opts.owner);
+    }
+    try {
+        const content = await github.repo.getContent(resourceFile, opts.repo, opts.owner, opts.baseSha);
+        const cr = catalog_common.io.fromYaml(content);
+        opts.baseResourceByItemPath.set(itemPath, cr);
+        return cr;
+    }
+    catch (e) {
+        if (e.status === 404 || e.message?.includes('Not Found')) {
+            opts.baseResourceByItemPath.set(itemPath, null);
+            return undefined;
+        }
+        throw e;
+    }
+}
+function getGithubResourceFilename(itemPath) {
+    const [, plural, name] = itemPath.match(/[^/]+\/([^/]+)\/([^/]+)$/) || [];
+    const kind = getKindFromPlural(plural);
+    if (!kind || !GITHUB_RESOURCE_KINDS.includes(kind))
+        return undefined;
+    return `${kind}.${name}.yaml`;
+}
+function getCrItemPath(cr, namespace) {
+    const plural = cr?.kind ? definitions_getPluralFromKind(cr.kind) : undefined;
+    const name = getResourceName(cr);
+    if (!plural || !name)
+        return undefined;
+    return `${cr.metadata?.namespace || namespace}/${plural}/${name}`;
+}
+function isPrRefStatus(status) {
+    return (status === FileStatus.ADDED ||
+        status === FileStatus.MODIFIED ||
+        status === FileStatus.RENAMED ||
+        status === FileStatus.COPIED ||
+        status === FileStatus.CHANGED);
+}
+function isTrackedFileStatus(status) {
+    return isPrRefStatus(status) || status === FileStatus.DELETED;
+}
+function getGithubPlanOptionsByStatus(status) {
+    switch (status) {
+        case FileStatus.MODIFIED:
+        case FileStatus.ADDED:
+        case FileStatus.RENAMED:
+        case FileStatus.COPIED:
+        case FileStatus.CHANGED:
+            return { plan: true };
+        case FileStatus.DELETED:
+            return { planDestroy: true };
+        default:
+            throw new Error(`Unknown status: ${status}`);
+    }
+}
+function skippedResult(filename, message) {
+    return {
+        filename,
+        skipped: true,
+        success: true,
+        message,
+    };
+}
+function isGithubResourceKind(kind) {
+    return GITHUB_RESOURCE_KINDS.includes(kind);
+}
+function pull_request_plan_isYamlFile(filename) {
+    return filename.endsWith('.yaml') || filename.endsWith('.yml');
+}
+function getResourceName(cr, fallbackName) {
+    return cr.metadata?.name || cr.metadata?.generateName || fallbackName;
+}
+function withFallbackResourceName(cr, filename) {
+    return {
+        ...cr,
+        metadata: {
+            ...cr.metadata,
+            generateName: cr.metadata?.generateName || filename,
+        },
+    };
+}
+function fallbackPlanResource(filename) {
+    return {
+        kind: 'UnknownKind',
+        metadata: {
+            name: filename,
+        },
+    };
+}
+function buildSummary(results) {
+    const planned = results.filter((result) => !result.skipped);
+    const failed = planned.filter((result) => !result.success);
+    const skipped = results.filter((result) => result.skipped);
+    const summaryLines = [
+        failed.length > 0 ? 'Plan failed' : 'Plan completed',
+        `Planned resources: ${planned.length}`,
+        `Failed resources: ${failed.length}`,
+        `Skipped files: ${skipped.length}`,
+    ];
+    const detailLines = [];
+    for (const result of planned) {
+        const resource = [result.kind, result.name].filter(Boolean).join('/');
+        const status = result.success ? 'success' : 'failed';
+        const details = result.success
+            ? ''
+            : ` (${summarizeFailure(result.message)})`;
+        detailLines.push(`- ${status}: ${resource || result.filename}${details}`);
+    }
+    for (const result of skipped) {
+        const resource = [result.kind, result.name].filter(Boolean).join('/');
+        detailLines.push(`- skipped: ${resource || result.filename} (${result.message})`);
+    }
+    const lines = [...summaryLines, ''];
+    lines.push(...detailLines.slice(0, SUMMARY_DETAIL_MAX_ITEMS));
+    const omittedDetails = detailLines.length - SUMMARY_DETAIL_MAX_ITEMS;
+    if (omittedDetails > 0) {
+        lines.push(`- omitted detail lines: ${omittedDetails}`);
+    }
+    lines.push('', ...summaryLines);
+    return lines.join('\n');
+}
+function summarizeFailure(message) {
+    const [firstLine = ''] = message.split('\n');
+    if (firstLine.length <= SUMMARY_FAILURE_MAX_LENGTH) {
+        return firstLine;
+    }
+    return `${firstLine.slice(0, SUMMARY_FAILURE_MAX_LENGTH - 3)}...`;
+}
+function getCommandByStatus(status) {
+    switch (status) {
+        case FileStatus.MODIFIED:
+        case FileStatus.ADDED:
+        case FileStatus.RENAMED:
+        case FileStatus.COPIED:
+        case FileStatus.CHANGED:
+            return 'plan';
+        case FileStatus.DELETED:
+            return 'plan-destroy';
+        default:
+            throw new Error(`Unknown status: ${status}`);
+    }
+}
+function getSafeCommandByStatus(status) {
+    try {
+        return getCommandByStatus(status);
+    }
+    catch {
+        return 'plan';
+    }
+}
+
 ;// CONCATENATED MODULE: ../operator/src/ctl_collections.ts
 
 
@@ -308413,7 +308972,7 @@ const operatorSubcommands = {
             });
         }
         if (options['pull-request-plan']) {
-            await tfWorkspacePlan({
+            await pullRequestPlan({
                 prNumber: parseInt(options['prNumber']),
                 repo: options['repo'],
                 owner: options['owner'],
@@ -308770,7 +309329,7 @@ const crs_analyzerSubcommand = {
 };
 
 ;// CONCATENATED MODULE: ./package.json
-const package_namespaceObject = JSON.parse('{"i8":"2.4.0-snapshot-2"}');
+const package_namespaceObject = JSON.parse('{"i8":"2.4.0-snapshot-4"}');
 ;// CONCATENATED MODULE: ../../package.json
 const package_namespaceObject_1 = {"i8":"2.3.0"};
 ;// CONCATENATED MODULE: ./src/subcommands/index.ts

package/build/packages/cdk8s_renderer/imports/firestartr.dev.d.ts

@@ -1010,10 +1010,6 @@ export interface FirestartrGithubRepositorySpecRepo {
      * @schema FirestartrGithubRepositorySpecRepo#hasWiki
      */
     readonly hasWiki?: boolean;
-    /**
-     * @schema FirestartrGithubRepositorySpecRepo#pages
-     */
-    readonly pages?: any;
     /**
      * @schema FirestartrGithubRepositorySpecRepo#topics
      */

package/build/packages/cdk8s_renderer/src/validations/componentPagesPath.d.ts

@@ -0,0 +1,6 @@
+import { RenderClaims } from '../renderer/types';
+/**
+ * Throws if any ComponentClaim's providers.github.pages.path is set to any value other than '/' or '/docs'.
+ * Should be called as a final render-time validation (never mutates input).
+ */
+export declare function validateComponentPagesPath(renderClaims: RenderClaims): void;

package/build/packages/gh_provisioner/src/entities/ghrepo/index.d.ts

@@ -1,8 +1,15 @@
 import { Entity } from '../base';
 export declare class EntityGHRepo extends Entity {
     constructor(artifact: any);
+    /**
+     * Validation logic for GitHub Pages branch settings:
+     * - On create: If pages branch is set, it must equal the default branch.
+     * - On update: If pages branch is set and is not the default, it must exist in remote.
+     */
+    private validatePagesBranch;
     loadResources(tfOp: string): Promise<void>;
     postProvision(tfOp: string): Promise<void>;
     loadAddressesToImport(): Promise<void>;
     provisionRepository(): Promise<void>;
+    provisionPages(): void;
 }

package/build/packages/github/index.d.ts

@@ -32,6 +32,7 @@ declare const _default: {
         getOIDCRepo: typeof import("./src/repository").getOIDCRepo;
         addStatusCheck: typeof import("./src/repository").addStatusCheck;
         addCommitStatus: typeof import("./src/repository").addCommitStatus;
+        tryCreateRef: typeof import("./src/repository").tryCreateRef;
         getRepoIssuesLabels: typeof import("./src/repository").getRepoIssuesLabels;
     };
     team: {
@@ -56,6 +57,7 @@ declare const _default: {
         commentInPR: typeof import("./src/pull_request").commentInPR;
         getPrLastCommitSHA: typeof import("./src/pull_request").getPrLastCommitSHA;
         getPrMergeCommitSHA: typeof import("./src/pull_request").getPrMergeCommitSHA;
+        getPrBaseSHA: typeof import("./src/pull_request").getPrBaseSHA;
         divideCommentIntoChunks: typeof import("./src/pull_request").divideCommentIntoChunks;
         getPrFiles: typeof import("./src/pull_request").getPrFiles;
         filterPrBy: (filter: {

package/build/packages/github/src/pull_request.d.ts

@@ -1,6 +1,7 @@
 export declare function commentInPR(comment: string, pr_number: number, repo: string, owner?: string, stickyKind?: string): Promise<void>;
 export declare function getPrLastCommitSHA(pull_number: number, repo: string, owner?: string): Promise<string>;
 export declare function getPrMergeCommitSHA(pull_number: number, repo: string, owner?: string): Promise<string>;
+export declare function getPrBaseSHA(pull_number: number, repo: string, owner?: string): Promise<string>;
 export declare function divideCommentIntoChunks(comment: string, sizeReduction?: number): string[];
 export declare function getPrFiles(pr_number: number, repo: string, owner?: string): Promise<any>;
 declare function filterPrBy(filter: {
@@ -16,6 +17,7 @@ declare const _default: {
     commentInPR: typeof commentInPR;
     getPrLastCommitSHA: typeof getPrLastCommitSHA;
     getPrMergeCommitSHA: typeof getPrMergeCommitSHA;
+    getPrBaseSHA: typeof getPrBaseSHA;
     divideCommentIntoChunks: typeof divideCommentIntoChunks;
     getPrFiles: typeof getPrFiles;
     filterPrBy: typeof filterPrBy;

package/build/packages/github/src/repository.d.ts

@@ -1322,6 +1322,7 @@ export declare function uploadFile(destinationPath: string, filePath: string, re
 export declare function deleteFile(path: string, repo: string, owner?: string, branch?: string, message?: string): Promise<void>;
 export declare function addStatusCheck(output: any, is_failure: boolean, head_sha: string, name: string, status: string, repo: string, owner?: string): Promise<void>;
 export declare function addCommitStatus(state: commitStatusState, sha: string, repo: string, owner?: string, target_url?: string, description?: string, context?: string): Promise<void>;
+export declare function tryCreateRef(ref: string, sha: string, repo: string, owner?: string): Promise<boolean>;
 export declare function getRepoIssuesLabels(owner: string, repo: string): Promise<{
     name: string;
     description: string;
@@ -1343,6 +1344,7 @@ declare const _default: {
     getOIDCRepo: typeof getOIDCRepo;
     addStatusCheck: typeof addStatusCheck;
     addCommitStatus: typeof addCommitStatus;
+    tryCreateRef: typeof tryCreateRef;
     getRepoIssuesLabels: typeof getRepoIssuesLabels;
 };
 export default _default;

package/build/packages/operator/index.d.ts

@@ -1,5 +1,5 @@
 export { execTfCommand } from './src/execTfCmd';
-export { tfWorkspacePlan } from './src/tfworkspaceplans';
+export { pullRequestPlan } from './src/pull-request-plan';
 export * as cmd from './src/cmd';
 export declare function isImportMode(): boolean;
 export declare function isImportModeSkipPlan(): boolean;

package/build/packages/operator/src/{tfworkspaceplans → pull-request-plan}/index.d.ts

@@ -5,5 +5,5 @@ interface PlanOptions {
     namespace: string;
     ref: string;
 }
-export declare function tfWorkspacePlan(opts: PlanOptions): Promise<void>;
+export declare function pullRequestPlan(opts: PlanOptions): Promise<void>;
 export {};

package/build/packages/operator/src/user-feedback-ops/user-feedback-ops.d.ts

@@ -9,4 +9,4 @@ export declare function extractPrInfo(item: any, annotation?: 'firestartr.dev/la
 };
 export declare function tryPublishError(item: any, reason: string, message: string): Promise<void>;
 export declare function publishError(item: any, reason: string, message: string): Promise<void>;
-export declare function publishPlan(item: any, planOutput: string, prNumber: number, repo: string, org: string, isSuccess?: boolean): Promise<void>;
+export declare function publishPlan(item: any, planOutput: string, prNumber: number, repo: string, org: string, isSuccess?: boolean, operation?: string, source?: string): Promise<void>;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@firestartr/cli",
-  "version": "2.4.0-snapshot-2",
+  "version": "2.4.0-snapshot-4",
   "private": false,
   "description": "Commandline tool",
   "main": "build/main.js",