@geekmidas/cli 1.10.2 → 1.10.4

package/dist/index.mjs

@@ -8,7 +8,7 @@ import { getKeyPath, maskPassword, readStageSecrets, secretsExist, setCustomSecr
 import { DokployApi } from "./dokploy-api-2ldYoN3i.mjs";
 import { encryptSecrets } from "./encryption-BOH5M-f-.mjs";
 import { CachedStateProvider } from "./CachedStateProvider-BDq5WqSy.mjs";
-import { createStageSecrets, generateDbPassword, generateDbUrl, generateFullstackCustomSecrets, rotateServicePassword, writeDockerEnvFromSecrets } from "./fullstack-secrets-UZAFWuH4.mjs";
+import { createStageSecrets, generateDbPassword, generateDbUrl, generateFullstackCustomSecrets, rotateServicePassword, writeDockerEnvFromSecrets } from "./fullstack-secrets-odm79Uo1.mjs";
 import { generateReactQueryCommand } from "./openapi-react-query-C4UdILaI.mjs";
 import { isSSMConfigured, pullSecrets, pushSecrets } from "./sync-CbeKrnQV.mjs";
 import { createRequire } from "node:module";
@@ -35,7 +35,7 @@ import prompts from "prompts";
 
 //#region package.json
 var name = "@geekmidas/cli";
-var version = "1.10.1";
+var version = "1.10.3";
 var description = "CLI tools for building Lambda handlers, server applications, and generating OpenAPI specs";
 var private$1 = false;
 var type = "module";
@@ -1345,7 +1345,8 @@ async function workspaceDevCommand(workspace, options) {
 	], {
 		cwd: workspace.root,
 		stdio: "inherit",
-		env: turboEnv
+		env: turboEnv,
+		detached: true
 	});
 	let openApiWatcher = null;
 	if (frontendApps.length > 0 && backendApps.length > 0) {
@@ -1391,14 +1392,24 @@ async function workspaceDevCommand(workspace, options) {
 		isShuttingDown = true;
 		logger$11.log("\n🛑 Shutting down workspace...");
 		if (openApiWatcher) openApiWatcher.close().catch(() => {});
-		if (turboProcess.pid) try {
-			process.kill(-turboProcess.pid, "SIGTERM");
+		const pid = turboProcess.pid;
+		if (pid) try {
+			process.kill(-pid, "SIGTERM");
 		} catch {
-			turboProcess.kill("SIGTERM");
+			try {
+				process.kill(pid, "SIGTERM");
+			} catch {}
 		}
 		setTimeout(() => {
+			if (pid) try {
+				process.kill(-pid, "SIGKILL");
+			} catch {
+				try {
+					process.kill(pid, "SIGKILL");
+				} catch {}
+			}
 			process.exit(0);
-		}, 2e3);
+		}, 3e3);
 	};
 	process.on("SIGINT", shutdown);
 	process.on("SIGTERM", shutdown);
@@ -7596,6 +7607,7 @@ export default defineWorkspace({
       path: 'apps/auth',
       port: 3002,
       entry: './src/index.ts',
+      framework: 'better-auth',
       envParser: './src/config/env#envParser',
       logger: './src/config/logger#logger',
     },
@@ -7638,6 +7650,10 @@ export default defineWorkspace({
     default: 'dokploy',
   },`;
 	config$1 += `
+  secrets: {
+    enabled: true,
+  },`;
+	config$1 += `
 });
 `;
 	return config$1;
@@ -11216,7 +11232,11 @@ async function resolveSecrets(stage, workspace, options) {
 	if (secretsExist(stage, workspace.root)) {
 		logger$1.log("🔐 Using existing local secrets");
 		const secrets = await readStageSecrets(stage, workspace.root);
-		if (secrets) return secrets;
+		if (secrets) {
+			const reconciled = reconcileSecrets(secrets, workspace);
+			if (reconciled) await writeStageSecrets(reconciled, workspace.root);
+			return reconciled ?? secrets;
+		}
 	}
 	if (isSSMConfigured(workspace)) {
 		logger$1.log("☁️  Checking for remote secrets in SSM...");
@@ -11236,6 +11256,29 @@ async function resolveSecrets(stage, workspace, options) {
 	return generateFreshSecrets(stage, workspace, options);
 }
 /**
+* Reconcile existing secrets with expected workspace-derived keys.
+* Adds missing keys (e.g. BETTER_AUTH_*) without overwriting existing values.
+* Returns the updated secrets if changes were made, or null if no changes needed.
+* @internal Exported for testing
+*/
+function reconcileSecrets(secrets, workspace) {
+	const isMultiApp = Object.keys(workspace.apps).length > 1;
+	if (!isMultiApp) return null;
+	const expected = generateFullstackCustomSecrets(workspace);
+	const missing = {};
+	for (const [key, value] of Object.entries(expected)) if (!(key in secrets.custom)) missing[key] = value;
+	if (Object.keys(missing).length === 0) return null;
+	logger$1.log(`   🔄 Adding missing secrets: ${Object.keys(missing).join(", ")}`);
+	return {
+		...secrets,
+		updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+		custom: {
+			...secrets.custom,
+			...missing
+		}
+	};
+}
+/**
 * Generate fresh secrets for the workspace.
 */
 async function generateFreshSecrets(stage, workspace, options) {
@@ -11346,6 +11389,24 @@ async function testCommand(options = {}) {
 		}
 	} catch {}
 	console.log("");
+	const allSecrets = {
+		...secretsEnv,
+		...dependencyEnv
+	};
+	const gkmDir = join(cwd, ".gkm");
+	await mkdir(gkmDir, { recursive: true });
+	const secretsJsonPath = join(gkmDir, "test-secrets.json");
+	await writeFile(secretsJsonPath, JSON.stringify(allSecrets, null, 2));
+	const preloadPath = join(gkmDir, "test-credentials-preload.ts");
+	await createCredentialsPreload(preloadPath, secretsJsonPath);
+	const existingNodeOptions = process.env.NODE_OPTIONS ?? "";
+	const tsxImport = "--import=tsx";
+	const preloadImport = `--import=${preloadPath}`;
+	const nodeOptions = [
+		existingNodeOptions,
+		tsxImport,
+		preloadImport
+	].filter(Boolean).join(" ");
 	const args = [];
 	if (options.run) args.push("run");
 	else if (options.watch) args.push("--watch");
@@ -11357,9 +11418,9 @@ async function testCommand(options = {}) {
 		stdio: "inherit",
 		env: {
 			...process.env,
-			...secretsEnv,
-			...dependencyEnv,
-			NODE_ENV: "test"
+			...allSecrets,
+			NODE_ENV: "test",
+			NODE_OPTIONS: nodeOptions
 		}
 	});
 	return new Promise((resolve$1, reject) => {
@@ -11790,7 +11851,7 @@ program.command("secrets:push").description("Push secrets to remote provider (SS
 		if (globalOptions.cwd) process.chdir(globalOptions.cwd);
 		const { loadWorkspaceConfig: loadWorkspaceConfig$1 } = await import("./config.mjs");
 		const { pushSecrets: pushSecrets$1 } = await import("./sync-6FoT41G3.mjs");
-		const { reconcileMissingSecrets } = await import("./reconcile-D2WCDQue.mjs");
+		const { reconcileMissingSecrets } = await import("./reconcile-WzC1oAUV.mjs");
 		const { readStageSecrets: readStageSecrets$1, writeStageSecrets: writeStageSecrets$1 } = await import("./storage-Dx_jZbq6.mjs");
 		const { workspace } = await loadWorkspaceConfig$1();
 		const secrets = await readStageSecrets$1(options.stage, workspace.root);
@@ -11816,7 +11877,7 @@ program.command("secrets:pull").description("Pull secrets from remote provider (
 		const { loadWorkspaceConfig: loadWorkspaceConfig$1 } = await import("./config.mjs");
 		const { pullSecrets: pullSecrets$1 } = await import("./sync-6FoT41G3.mjs");
 		const { writeStageSecrets: writeStageSecrets$1 } = await import("./storage-Dx_jZbq6.mjs");
-		const { reconcileMissingSecrets } = await import("./reconcile-D2WCDQue.mjs");
+		const { reconcileMissingSecrets } = await import("./reconcile-WzC1oAUV.mjs");
 		const { workspace } = await loadWorkspaceConfig$1();
 		let secrets = await pullSecrets$1(options.stage, workspace);
 		if (!secrets) {
@@ -11841,7 +11902,7 @@ program.command("secrets:reconcile").description("Backfill missing custom secret
 		const globalOptions = program.opts();
 		if (globalOptions.cwd) process.chdir(globalOptions.cwd);
 		const { loadWorkspaceConfig: loadWorkspaceConfig$1 } = await import("./config.mjs");
-		const { reconcileMissingSecrets } = await import("./reconcile-D2WCDQue.mjs");
+		const { reconcileMissingSecrets } = await import("./reconcile-WzC1oAUV.mjs");
 		const { readStageSecrets: readStageSecrets$1, writeStageSecrets: writeStageSecrets$1 } = await import("./storage-Dx_jZbq6.mjs");
 		const { workspace } = await loadWorkspaceConfig$1();
 		const secrets = await readStageSecrets$1(options.stage, workspace.root);