@flui-cloud/cli 0.1.0 → 0.2.0

package/lib/cli/src/commands/env/create.js

@@ -22,6 +22,7 @@ const api_client_1 = require("../../lib/api-client");
 const config_storage_1 = require("../../lib/config-storage");
 const provider_credential_schemas_1 = require("../../lib/provider-credential-schemas");
 const context_banner_1 = require("../../lib/context-banner");
+const release_override_1 = require("../../config/release-override");
 const server_type_cache_service_1 = require("../../services/server-type-cache.service");
 const server_type_validator_service_1 = require("../../services/server-type-validator.service");
 const defaults_1 = require("../../config/defaults");
@@ -114,6 +115,10 @@ class EnvCreate extends core_1.Command {
             const acmeStaging = flags['acme-staging'];
             const useLatest = flags.latest;
             spinner.stop();
+            const overrideBanner = (0, release_override_1.formatReleaseOverrideBanner)((0, release_override_1.getEffectiveRelease)(useLatest));
+            if (overrideBanner) {
+                console.log(overrideBanner);
+            }
             if (acmeStaging) {
                 console.log(chalk_1.default.yellow(`\n⚠ ACME endpoint: Let's Encrypt STAGING — cert will not be browser-trusted (warning expected).\n`));
             }

package/lib/cli/src/commands/env/export-config.js

@@ -307,9 +307,11 @@ class EnvExportConfig extends core_1.Command {
             apiBaseUrl: 'http://localhost:3000',
             wsUrl: 'ws://localhost:3000',
             authMode: opts.authMode,
-            oidcIssuer: opts.oidcIssuer || current.oidcIssuer || '',
-            oidcClientId: opts.oidcClientId || current.oidcClientId || '',
-            oidcAudience: opts.oidcAudience || current.oidcAudience || '',
+            // Always reflect the resolved cluster — never keep a previous cluster's
+            // value. Empty oidcClientId is fine: the dashboard fetches it at runtime.
+            oidcIssuer: opts.oidcIssuer || '',
+            oidcClientId: opts.oidcClientId || '',
+            oidcAudience: opts.oidcAudience || '',
             certificateMode,
         };
         fs.writeFileSync(configPath, JSON.stringify(updated, null, 2) + '\n', 'utf-8');

package/lib/cli/src/commands/version.js

@@ -5,8 +5,17 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const core_1 = require("@oclif/core");
 const chalk_1 = __importDefault(require("chalk"));
-const release_config_1 = require("../../../src/config/release.config");
 const bootstrap_config_1 = require("../config/bootstrap.config");
+const release_override_1 = require("../config/release-override");
+function describePlatform(release) {
+    if (release.source === 'latest') {
+        return chalk_1.default.yellow('latest (mobile tags)');
+    }
+    if (release.source === 'override') {
+        return `${chalk_1.default.yellow(release.version ?? 'override')}${chalk_1.default.dim('  (release override)')}`;
+    }
+    return `${chalk_1.default.cyan(release.version ?? '')}${chalk_1.default.dim('  (pinned release)')}`;
+}
 /**
  * `flui version` — surfaces the CLI version AND the platform release it pins.
  *
@@ -19,8 +28,9 @@ class Version extends core_1.Command {
     async run() {
         const { flags } = await this.parse(Version);
         const useLatest = flags.latest;
-        const tags = (0, release_config_1.resolveImageTags)(useLatest);
-        const bootstrapRef = (0, release_config_1.resolveBootstrapRef)(useLatest);
+        const release = (0, release_override_1.getEffectiveRelease)(useLatest);
+        const tags = release.images;
+        const bootstrapRef = release.bootstrapRef;
         const scriptsBaseUrl = (0, bootstrap_config_1.getScriptsBaseUrl)(useLatest);
         const urlOverride = process.env.BOOTSTRAP_SCRIPTS_URL ?? null;
         const images = {
@@ -31,23 +41,24 @@ class Version extends core_1.Command {
         if (flags.json) {
             this.log(JSON.stringify({
                 cli: this.config.version,
-                mode: useLatest ? 'latest' : 'pinned',
-                platform: useLatest ? null : release_config_1.RELEASE.version,
+                mode: release.source,
+                platform: release.version,
                 bootstrapRef,
                 scriptsBaseUrl,
                 bootstrapUrlOverride: urlOverride,
+                releaseFile: release.filePath,
                 images: tags,
             }, null, 2));
             return;
         }
         const label = (s) => chalk_1.default.dim(s.padEnd(15));
+        const cliName = chalk_1.default.dim(`(${this.config.name})`);
+        const platformLabel = describePlatform(release);
         this.log('');
         this.log(chalk_1.default.bold('Flui CLI'));
         this.log('');
-        this.log(`  ${label('CLI')}${chalk_1.default.cyan(this.config.version)}  ${chalk_1.default.dim(`(${this.config.name})`)}`);
-        this.log(`  ${label('Platform')}${useLatest
-            ? chalk_1.default.yellow('latest (mobile tags)')
-            : `${chalk_1.default.cyan(release_config_1.RELEASE.version)}${chalk_1.default.dim('  (pinned release)')}`}`);
+        this.log(`  ${label('CLI')}${chalk_1.default.cyan(this.config.version)}  ${cliName}`);
+        this.log(`  ${label('Platform')}${platformLabel}`);
         this.log(`  ${label('Bootstrap ref')}${chalk_1.default.cyan(bootstrapRef)}`);
         this.log('');
         this.log(chalk_1.default.dim('  Component images:'));
@@ -59,7 +70,11 @@ class Version extends core_1.Command {
         if (urlOverride) {
             this.log(`  ${label('')}${chalk_1.default.yellow('↑ overridden via BOOTSTRAP_SCRIPTS_URL')}`);
         }
-        if (!useLatest) {
+        if (release.source === 'override' && release.filePath) {
+            const rel = (0, release_override_1.displayReleaseFilePath)(release.filePath);
+            this.log(`  ${label('Release file')}${chalk_1.default.yellow(rel)}`);
+        }
+        if (!useLatest && release.source !== 'override') {
             this.log('');
             this.log(chalk_1.default.dim('  Tip: `flui version --latest` shows what `env create --latest` would use.'));
         }

package/lib/cli/src/config/bootstrap.config.js

@@ -10,6 +10,7 @@ exports.BOOTSTRAP_CONFIG = void 0;
 exports.getScriptsBaseUrl = getScriptsBaseUrl;
 exports.getScriptUrl = getScriptUrl;
 const release_config_1 = require("../../../src/config/release.config");
+const release_override_1 = require("./release-override");
 const BOOTSTRAP_REPO_RAW_BASE = 'https://raw.githubusercontent.com/flui-cloud/bootstrap-scripts';
 /**
  * Base URL for the bootstrap scripts directory.
@@ -23,14 +24,16 @@ function getScriptsBaseUrl(useLatest = false) {
     if (process.env.BOOTSTRAP_SCRIPTS_URL) {
         return process.env.BOOTSTRAP_SCRIPTS_URL;
     }
-    return `${BOOTSTRAP_REPO_RAW_BASE}/${(0, release_config_1.resolveBootstrapRef)(useLatest)}/scripts`;
+    return `${BOOTSTRAP_REPO_RAW_BASE}/${(0, release_override_1.resolveEffectiveBootstrapRef)(useLatest)}/scripts`;
 }
 /**
  * Default bootstrap configuration
  */
 exports.BOOTSTRAP_CONFIG = {
-    // Pinned-release default; per-install resolution goes through getScriptsBaseUrl().
-    scriptsBaseUrl: getScriptsBaseUrl(false),
+    // Static pinned default; per-install (override-aware) resolution goes through
+    // getScriptsBaseUrl() at runtime — keep this off the override path so importing
+    // the module never reads flui.release.json.
+    scriptsBaseUrl: `${BOOTSTRAP_REPO_RAW_BASE}/${(0, release_config_1.resolveBootstrapRef)(false)}/scripts`,
     scripts: {
         fluiInit: 'flui-init.sh',
         k3sMaster: 'k3s-master-init.sh',

package/lib/cli/src/config/release-override.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Per-install override of the pinned release manifest.
+ *
+ * Default install pins every component to the built-in RELEASE (see
+ * src/config/release.config.ts). A local `flui.release.json` in the cwd (or the
+ * path in FLUI_RELEASE_FILE) overrides any subset of it — used to install a
+ * dev/staging build from a branch, tag or commit. Omitted fields stay pinned.
+ *
+ * Each value is `branch:<x>` / `tag:<x>` / `commit:<x>` (or a bare literal).
+ * Scripts and images resolve a ref differently: scripts take any git ref
+ * verbatim (raw.githubusercontent serves branch/tag/sha), while an image tag
+ * must match what CI publishes — a branch name sanitized to a tag, or a
+ * short commit sha.
+ */
+import { type ComponentImageTags } from '../../../src/config/release.config';
+declare const IMAGE_KEYS: readonly ["fluiApi", "fluiWeb", "fluiAuthz"];
+type ImageKey = (typeof IMAGE_KEYS)[number];
+export interface ReleaseOverrideFile {
+    version?: string;
+    bootstrapRef?: string;
+    images?: Partial<Record<ImageKey, string>>;
+}
+export interface OverrideEntry {
+    label: string;
+    spec: string;
+    resolved: string;
+}
+export interface EffectiveRelease {
+    version: string | null;
+    bootstrapRef: string;
+    images: ComponentImageTags;
+    source: 'pinned' | 'latest' | 'override';
+    overrides: OverrideEntry[];
+    filePath: string | null;
+}
+export declare function getEffectiveRelease(useLatest: boolean): EffectiveRelease;
+export declare function resolveEffectiveBootstrapRef(useLatest: boolean): string;
+export declare function resolveEffectiveImageTags(useLatest: boolean): ComponentImageTags;
+/** Display path: relative when inside cwd, absolute when it would escape it. */
+export declare function displayReleaseFilePath(filePath: string): string;
+/** Loud banner so a stale override is never installed unnoticed. */
+export declare function formatReleaseOverrideBanner(eff: EffectiveRelease): string | null;
+export {};

package/lib/cli/src/config/release-override.js

@@ -0,0 +1,203 @@
+"use strict";
+/**
+ * Per-install override of the pinned release manifest.
+ *
+ * Default install pins every component to the built-in RELEASE (see
+ * src/config/release.config.ts). A local `flui.release.json` in the cwd (or the
+ * path in FLUI_RELEASE_FILE) overrides any subset of it — used to install a
+ * dev/staging build from a branch, tag or commit. Omitted fields stay pinned.
+ *
+ * Each value is `branch:<x>` / `tag:<x>` / `commit:<x>` (or a bare literal).
+ * Scripts and images resolve a ref differently: scripts take any git ref
+ * verbatim (raw.githubusercontent serves branch/tag/sha), while an image tag
+ * must match what CI publishes — a branch name sanitized to a tag, or a
+ * short commit sha.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getEffectiveRelease = getEffectiveRelease;
+exports.resolveEffectiveBootstrapRef = resolveEffectiveBootstrapRef;
+exports.resolveEffectiveImageTags = resolveEffectiveImageTags;
+exports.displayReleaseFilePath = displayReleaseFilePath;
+exports.formatReleaseOverrideBanner = formatReleaseOverrideBanner;
+const fs = __importStar(require("node:fs"));
+const path = __importStar(require("node:path"));
+const chalk_1 = __importDefault(require("chalk"));
+const release_config_1 = require("../../../src/config/release.config");
+const OVERRIDE_FILE = 'flui.release.json';
+const IMAGE_KEYS = ['fluiApi', 'fluiWeb', 'fluiAuthz'];
+const COMPONENT_LABELS = {
+    fluiApi: 'flui-api (core)',
+    fluiWeb: 'flui-web (dashboard)',
+    fluiAuthz: 'flui-authz',
+};
+function parseRef(raw) {
+    const idx = raw.indexOf(':');
+    if (idx === -1)
+        return { kind: 'literal', value: raw };
+    const prefix = raw.slice(0, idx);
+    const value = raw.slice(idx + 1);
+    switch (prefix) {
+        case 'branch':
+            return { kind: 'branch', value };
+        case 'tag':
+            return { kind: 'tag', value };
+        case 'commit':
+        case 'sha':
+            return { kind: 'commit', value };
+        default:
+            throw new Error(`Invalid ref "${raw}" in ${OVERRIDE_FILE}: unknown prefix "${prefix}:" — use branch:/tag:/commit:, or a bare tag.`);
+    }
+}
+/** Mirror docker/metadata-action `type=ref,event=branch`: invalid tag chars → "-". */
+function branchToImageTag(branch) {
+    return branch.replace(/[^a-zA-Z0-9._-]+/g, '-');
+}
+function resolveScriptsRef(spec) {
+    return parseRef(spec).value;
+}
+function resolveImageTag(spec) {
+    const ref = parseRef(spec);
+    switch (ref.kind) {
+        case 'branch':
+            return branchToImageTag(ref.value);
+        case 'commit':
+            return ref.value.slice(0, 7); // CI publishes type=sha,format=short
+        default:
+            return ref.value;
+    }
+}
+function loadOverrideFile() {
+    const explicit = process.env.FLUI_RELEASE_FILE;
+    const filePath = explicit
+        ? path.resolve(explicit)
+        : path.join(process.cwd(), OVERRIDE_FILE);
+    if (!fs.existsSync(filePath))
+        return null;
+    let data;
+    try {
+        data = JSON.parse(fs.readFileSync(filePath, 'utf8'));
+    }
+    catch (err) {
+        throw new Error(`Failed to parse ${filePath}: ${err.message}`);
+    }
+    if (typeof data !== 'object' || data === null || Array.isArray(data)) {
+        throw new Error(`${filePath} must contain a JSON object.`);
+    }
+    return { data, filePath };
+}
+let cache;
+let cacheKey;
+function applyOverride(base, data) {
+    const images = { ...base.images };
+    const overrides = [];
+    let bootstrapRef = base.bootstrapRef;
+    if (data.bootstrapRef !== undefined) {
+        bootstrapRef = resolveScriptsRef(data.bootstrapRef);
+        overrides.push({
+            label: 'bootstrap scripts',
+            spec: data.bootstrapRef,
+            resolved: bootstrapRef,
+        });
+    }
+    for (const k of IMAGE_KEYS) {
+        const spec = data.images?.[k];
+        if (spec === undefined)
+            continue;
+        const resolved = resolveImageTag(spec);
+        images[k] = resolved;
+        overrides.push({ label: COMPONENT_LABELS[k], spec, resolved });
+    }
+    return {
+        version: data.version ?? base.version,
+        bootstrapRef,
+        images,
+        overrides,
+    };
+}
+function getEffectiveRelease(useLatest) {
+    const key = `${useLatest}|${process.env.FLUI_RELEASE_FILE ?? ''}|${process.cwd()}`;
+    if (cache && cacheKey === key)
+        return cache;
+    const base = {
+        version: useLatest ? null : release_config_1.RELEASE.version,
+        bootstrapRef: (0, release_config_1.resolveBootstrapRef)(useLatest),
+        images: { ...(0, release_config_1.resolveImageTags)(useLatest) },
+        overrides: [],
+    };
+    const loaded = loadOverrideFile();
+    const resolved = loaded ? applyOverride(base, loaded.data) : base;
+    const isOverride = resolved.overrides.length > 0;
+    const pinnedSource = useLatest ? 'latest' : 'pinned';
+    const eff = {
+        version: resolved.version,
+        bootstrapRef: resolved.bootstrapRef,
+        images: resolved.images,
+        source: isOverride ? 'override' : pinnedSource,
+        overrides: resolved.overrides,
+        filePath: isOverride && loaded ? loaded.filePath : null,
+    };
+    cache = eff;
+    cacheKey = key;
+    return eff;
+}
+function resolveEffectiveBootstrapRef(useLatest) {
+    return getEffectiveRelease(useLatest).bootstrapRef;
+}
+function resolveEffectiveImageTags(useLatest) {
+    return getEffectiveRelease(useLatest).images;
+}
+/** Display path: relative when inside cwd, absolute when it would escape it. */
+function displayReleaseFilePath(filePath) {
+    const rel = path.relative(process.cwd(), filePath);
+    return !rel || rel.startsWith('..') ? filePath : rel;
+}
+/** Loud banner so a stale override is never installed unnoticed. */
+function formatReleaseOverrideBanner(eff) {
+    if (eff.source !== 'override' || !eff.filePath)
+        return null;
+    const rel = displayReleaseFilePath(eff.filePath);
+    const lines = eff.overrides.map((o) => {
+        const spec = chalk_1.default.dim(`(${o.spec})`);
+        return `   • ${o.label}: ${chalk_1.default.cyan(o.resolved)} ${spec}`;
+    });
+    return (chalk_1.default.yellow.bold('\n⚠ Release override active') +
+        chalk_1.default.dim(` — ${rel}\n`) +
+        chalk_1.default.dim('  Installing non-default component versions:\n') +
+        `${lines.join('\n')}\n`);
+}

package/lib/cli/src/services/cli-control-cluster.service.js

@@ -47,7 +47,7 @@ exports.CliControlClusterService = void 0;
 const common_1 = require("@nestjs/common");
 const cluster_entity_1 = require("../../../src/modules/infrastructure/clusters/entities/cluster.entity");
 const cli_cluster_repository_1 = require("../lib/repositories/cli-cluster.repository");
-const release_config_1 = require("../../../src/config/release.config");
+const release_override_1 = require("../config/release-override");
 const nip_base_domain_util_1 = require("../lib/nip-base-domain.util");
 const cli_node_repository_1 = require("../lib/repositories/cli-node.repository");
 const cli_clusters_service_1 = require("./cli-clusters.service");
@@ -127,6 +127,7 @@ let CliControlClusterService = CliControlClusterService_1 = class CliControlClus
         // --latest opted into mobile dev tags. Recorded on the cluster so the
         // installed version stays queryable after creation.
         const useLatest = options?.useLatest ?? false;
+        const release = (0, release_override_1.getEffectiveRelease)(useLatest);
         const createDto = {
             name: 'control-cluster',
             provider: provider,
@@ -146,9 +147,9 @@ let CliControlClusterService = CliControlClusterService_1 = class CliControlClus
                 adminEmail,
                 acmeStaging,
                 useLatest,
-                platformVersion: useLatest ? null : release_config_1.RELEASE.version,
-                componentVersions: (0, release_config_1.resolveImageTags)(useLatest),
-                bootstrapRef: (0, release_config_1.resolveBootstrapRef)(useLatest),
+                platformVersion: release.version,
+                componentVersions: release.images,
+                bootstrapRef: release.bootstrapRef,
             },
         };
         const { cluster } = await this.clustersService.create(createDto);

package/lib/cli/src/services/cli-endpoint-resolver.service.js

@@ -61,28 +61,33 @@ let CliEndpointResolverService = CliEndpointResolverService_1 = class CliEndpoin
         const snapshot = await this.fetchSnapshot(masterIp);
         const configMapData = snapshot.configmap?.data ?? {};
         const secretData = snapshot.secret?.data ?? {};
-        const authMode = configMapData['AUTH_MODE'] ?? 'unknown';
-        const oidcIssuer = configMapData['OIDC_ISSUER'] ?? '';
-        const oidcJwksUri = configMapData['OIDC_JWKS_URI'] ?? '';
-        const oidcCliClientId = configMapData['OIDC_CLI_CLIENT_ID'] ?? '';
-        const oidcAudience = secretData['OIDC_AUDIENCE']
+        const live = snapshot.authConfig ?? {};
+        const pick = (...vals) => vals.find((v) => typeof v === 'string' && v.trim() !== '')?.trim() ?? '';
+        const frozenAudience = secretData['OIDC_AUDIENCE']
             ? Buffer.from(secretData['OIDC_AUDIENCE'], 'base64').toString('utf-8')
             : '';
-        // Dashboard public client_id lives inside the flui-web-config ConfigMap's
-        // `config.json` data key — written by OidcBootstrapService.patchWebConfigMap.
-        let oidcClientId = '';
+        let frozenClientId = '';
         const webConfigJson = snapshot.webConfigMap?.data?.['config.json'];
         if (webConfigJson) {
             try {
                 const parsed = JSON.parse(webConfigJson);
                 if (typeof parsed.oidcClientId === 'string') {
-                    oidcClientId = parsed.oidcClientId;
+                    frozenClientId = parsed.oidcClientId;
                 }
             }
             catch (err) {
                 this.logger.warn(`flui-web-config/config.json is not valid JSON: ${err.message}`);
             }
         }
+        // Prefer the live values; fall back to the frozen ConfigMap/Secret only if
+        // the API was unreachable (k3s auto-deploy resets the frozen ones).
+        const authMode = pick(live.authMode, configMapData['AUTH_MODE'], 'unknown');
+        const oidcIssuer = pick(live.issuer, configMapData['OIDC_ISSUER']);
+        const oidcJwksUri = configMapData['OIDC_JWKS_URI'] ?? '';
+        const oidcCliClientId = pick(live.cliClientId, configMapData['OIDC_CLI_CLIENT_ID']);
+        const oidcClientId = pick(live.clientId, frozenClientId);
+        // audience = web client id
+        const oidcAudience = pick(live.clientId, frozenAudience);
         const endpoints = {};
         for (const key of Object.keys(SYSTEM_APPS)) {
             endpoints[key] = this.resolveApp(key, SYSTEM_APPS[key], snapshot.ingresses.items ?? [], snapshot.ingressRoutes.items ?? [], masterIp, nipHostnameToken);
@@ -104,7 +109,10 @@ let CliEndpointResolverService = CliEndpointResolverService_1 = class CliEndpoin
             `CM=$(kubectl get configmap flui-api-config -n flui-system -o json 2>/dev/null || echo '{}')`,
             `SEC=$(kubectl get secret flui-secrets -n flui-system -o json 2>/dev/null || echo '{}')`,
             `WCM=$(kubectl get configmap flui-web-config -n flui-system -o json 2>/dev/null || echo '{}')`,
-            `printf '{"ingresses":%s,"ingressRoutes":%s,"configmap":%s,"secret":%s,"webConfigMap":%s}' "$ING" "$IR" "$CM" "$SEC" "$WCM"`,
+            `AIP=$(kubectl get svc flui-api -n flui-system -o jsonpath='{.spec.clusterIP}' 2>/dev/null)`,
+            `APT=$(kubectl get svc flui-api -n flui-system -o jsonpath='{.spec.ports[0].port}' 2>/dev/null)`,
+            `AC=$(curl -s --max-time 5 "http://$AIP:$APT/api/v1/auth/config" 2>/dev/null || echo '{}')`,
+            `printf '{"ingresses":%s,"ingressRoutes":%s,"configmap":%s,"secret":%s,"webConfigMap":%s,"authConfig":%s}' "$ING" "$IR" "$CM" "$SEC" "$WCM" "$AC"`,
         ].join('; ');
         const output = await this.sshService.sshExec(masterIp, command);
         try {

package/lib/cli/src/services/cli-k3s-script.service.js

@@ -50,7 +50,7 @@ const path = __importStar(require("node:path"));
 const os = __importStar(require("node:os"));
 const cli_logger_service_1 = require("./cli-logger.service");
 const bootstrap_config_1 = require("../config/bootstrap.config");
-const release_config_1 = require("../../../src/config/release.config");
+const release_override_1 = require("../config/release-override");
 /**
  * CLI K3s Script Service
  *
@@ -95,7 +95,7 @@ let CliK3sScriptService = CliK3sScriptService_1 = class CliK3sScriptService {
             this.log(`━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━`, opId);
             this.log(`[BOOTSTRAP MASTER SCRIPT] Cluster: ${config.clusterName}`, opId);
             const scriptsBaseUrl = (0, bootstrap_config_1.getScriptsBaseUrl)(config.useLatest ?? false);
-            const imageTags = (0, release_config_1.resolveImageTags)(config.useLatest ?? false);
+            const imageTags = (0, release_override_1.resolveEffectiveImageTags)(config.useLatest ?? false);
             this.log(`Scripts URL: ${scriptsBaseUrl}`, opId);
             // Generate bootstrap script that downloads and executes k3s-master-init.sh from GitHub
             const script = this.generateBootstrapScript('master', {

package/lib/src/config/release.config.js

@@ -11,10 +11,10 @@ exports.RELEASE = void 0;
 exports.resolveBootstrapRef = resolveBootstrapRef;
 exports.resolveImageTags = resolveImageTags;
 exports.RELEASE = {
-    version: '0.5.0',
-    bootstrapRef: 'v0.5.0',
+    version: '0.5.1',
+    bootstrapRef: 'v0.5.1',
     images: {
-        fluiApi: '0.5.0',
+        fluiApi: '0.5.1',
         fluiWeb: '0.5.0',
         fluiAuthz: '0.5.0',
     },