@griffin-app/griffin-cli 1.0.30 → 1.0.32

package/dist/cli.js

@@ -18,7 +18,7 @@ import { executeLogin } from "./commands/hub/login.js";
 import { executeLogout } from "./commands/hub/logout.js";
 import { executeIntegrationsConnect } from "./commands/hub/integrations.js";
 import { executeNotificationsList, executeNotificationsTest, } from "./commands/hub/notifications.js";
-import { executeSecretsList, executeSecretsSet, executeSecretsGet, executeSecretsDelete, } from "./commands/hub/secrets.js";
+import { executeSecretsList, executeSecretsSet, executeSecretsDelete, } from "./commands/hub/secrets.js";
 import { executeIntegrationsList, executeIntegrationsShow, executeIntegrationsUpdate, executeIntegrationsRemove, } from "./commands/hub/integrations.js";
 import packageInfo from "../package.json" with { type: "json" };
 const program = new Command();
@@ -128,8 +128,8 @@ program
     .option("--monitor <nameOrId>", "Specific monitor name or ID to destroy")
     .option("--auto-approve", "Skip confirmation prompt")
     .option("--dry-run", "Show what would be destroyed without making changes")
-    .action(async (env, options) => {
-    await executeDestroy({ ...options, env, json: program.opts().json });
+    .action(async (options) => {
+    await executeDestroy({ ...options, json: program.opts().json });
 });
 // Auth command group
 const auth = program.command("auth").description("Manage authentication");
@@ -246,18 +246,6 @@ secrets
         json: program.opts().json,
     });
 });
-secrets
-    .command("get <name>")
-    .description("Show secret metadata")
-    .option("--env <name>", "Environment name", "default")
-    .option("--json", "Output as JSON")
-    .action(async (name, options) => {
-    await executeSecretsGet({
-        name,
-        environment: options.env,
-        json: program.opts().json ?? options.json,
-    });
-});
 secrets
     .command("delete <name>")
     .description("Delete a secret")

package/dist/commands/hub/secrets.js

@@ -28,13 +28,9 @@ export const executeSecretsList = createCommandHandler("secrets list", async (op
     }
     output.info(`Secrets (environment: ${env})`);
     output.blank();
-    const table = output.table({
-        head: ["Name"],
-    });
-    for (const s of secrets) {
-        table.push([s.name]);
+    for (const { name } of secrets) {
+        output.log(name);
     }
-    output.log(table.toString());
 });
 function promptSecret(promptText) {
     return new Promise((resolve) => {

package/dist/core/secrets.d.ts

@@ -5,20 +5,9 @@
  * - `env`: reads secrets from environment variables (local dev, no hub needed)
  * - `hub`: resolves secrets via POST /secrets/resolve on the hub API
  */
-import { type SecretProvider } from "@griffin-app/griffin-executor";
-import type { GriffinHubSdk } from "@griffin-app/griffin-hub-sdk";
+import { HubSecretProvider, type SecretProvider } from "@griffin-app/griffin-executor";
+export { HubSecretProvider };
 /**
  * Create an env-based secret provider for fully-local CLI runs (no hub).
  */
 export declare function createEnvSecretsProvider(): SecretProvider;
-/**
- * SecretProvider that resolves secrets via the hub's POST /secrets/resolve endpoint.
- * The hub is the sole gateway for AWS Secrets Manager — no credentials leave the hub.
- */
-export declare class HubSecretProvider implements SecretProvider {
-    readonly name = "hub";
-    private readonly sdk;
-    private readonly environment;
-    constructor(sdk: GriffinHubSdk, environment: string);
-    resolve(ref: string): Promise<string>;
-}

package/dist/core/secrets.js

@@ -5,7 +5,9 @@
  * - `env`: reads secrets from environment variables (local dev, no hub needed)
  * - `hub`: resolves secrets via POST /secrets/resolve on the hub API
  */
-import { EnvSecretProvider, } from "@griffin-app/griffin-executor";
+import { EnvSecretProvider, HubSecretProvider, } from "@griffin-app/griffin-executor";
+// Re-export so existing imports from this module continue to work
+export { HubSecretProvider };
 /**
  * Environment variable name for selecting the local secrets provider.
  * Only "env" is supported for fully-local runs without a hub.
@@ -20,26 +22,3 @@ export function createEnvSecretsProvider() {
         env: process.env,
     });
 }
-/**
- * SecretProvider that resolves secrets via the hub's POST /secrets/resolve endpoint.
- * The hub is the sole gateway for AWS Secrets Manager — no credentials leave the hub.
- */
-export class HubSecretProvider {
-    name = "hub";
-    sdk;
-    environment;
-    constructor(sdk, environment) {
-        this.sdk = sdk;
-        this.environment = environment;
-    }
-    async resolve(ref) {
-        const response = await this.sdk.postSecretsResolve({
-            body: { name: ref, environment: this.environment },
-        });
-        const value = response.data?.data?.value;
-        if (value === undefined) {
-            throw new Error(`Secret "${ref}" not found for environment "${this.environment}"`);
-        }
-        return value;
-    }
-}

package/dist/core/variables.js

@@ -1,5 +1,18 @@
 import { getEnvironment } from "./state.js";
 import { isNodeRef } from "@griffin-app/griffin-core/schema";
+function isTemplateRef(value) {
+    if (typeof value !== "object" || value === null) {
+        return false;
+    }
+    const obj = value;
+    if (!("$template" in obj) ||
+        typeof obj.$template !== "object" ||
+        obj.$template === null) {
+        return false;
+    }
+    const tmpl = obj.$template;
+    return Array.isArray(tmpl.strings) && Array.isArray(tmpl.values);
+}
 /**
  * Load variables from state file for a specific environment.
  *
@@ -61,6 +74,38 @@ function resolveVariable(varRef, variables) {
     const placeholder = `\${${key}}`;
     return template.replace(placeholder, value);
 }
+/**
+ * Resolve variables in a template, using partial application.
+ * Resolves $variable values, merges them into adjacent strings.
+ * Returns a plain string if all values resolved, or a reduced $template.
+ */
+function resolveTemplateVariables(tmpl, variables) {
+    const { strings, values } = tmpl.$template;
+    const newStrings = [strings[0]];
+    const newValues = [];
+    for (let i = 0; i < values.length; i++) {
+        const val = values[i];
+        if (isVariableRef(val)) {
+            const resolved = resolveVariable(val, variables);
+            // Merge resolved value into the last string segment
+            newStrings[newStrings.length - 1] += resolved + strings[i + 1];
+        }
+        else if (isStringLiteral(val)) {
+            // Unwrap literals and merge
+            newStrings[newStrings.length - 1] += val.$literal + strings[i + 1];
+        }
+        else {
+            // Keep this value and its trailing string
+            newValues.push(val);
+            newStrings.push(strings[i + 1]);
+        }
+    }
+    // If all values resolved, collapse to a $literal
+    if (newValues.length === 0) {
+        return { $literal: newStrings[0] };
+    }
+    return { $template: { strings: newStrings, values: newValues } };
+}
 /**
  * Recursively walk a monitor object and resolve all variable references.
  *
@@ -74,10 +119,13 @@ function resolveVariable(varRef, variables) {
 export function resolveVariablesInMonitor(obj, variables) {
     // Check if this is a variable reference
     if (isVariableRef(obj)) {
-        return resolveVariable(obj, variables);
+        return { $literal: resolveVariable(obj, variables) };
+    }
+    if (isTemplateRef(obj)) {
+        return resolveTemplateVariables(obj, variables);
     }
     if (isStringLiteral(obj)) {
-        return obj.$literal;
+        return obj;
     }
     if (isNodeRef(obj)) {
         return obj;

package/dist/core/variables.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/core/variables.test.js

@@ -0,0 +1,127 @@
+import { describe, it, expect } from "vitest";
+import { resolveVariablesInMonitor } from "./variables.js";
+describe("resolveVariablesInMonitor", () => {
+    const variables = { env: "staging", version: "v2" };
+    it("should resolve a simple variable ref to $literal", () => {
+        const result = resolveVariablesInMonitor({ $variable: { key: "env" } }, variables);
+        expect(result).toEqual({ $literal: "staging" });
+    });
+    it("should resolve a variable with template to $literal", () => {
+        const result = resolveVariablesInMonitor({ $variable: { key: "env", template: "https://${env}.api.com" } }, variables);
+        expect(result).toEqual({ $literal: "https://staging.api.com" });
+    });
+    it("should pass through $literal unchanged", () => {
+        const literal = { $literal: "hello" };
+        const result = resolveVariablesInMonitor(literal, variables);
+        expect(result).toEqual(literal);
+    });
+    it("should pass through $nodeRef unchanged", () => {
+        const nodeRef = {
+            $nodeRef: { nodeId: "step1", subject: "body", path: ["id"] },
+        };
+        const result = resolveVariablesInMonitor(nodeRef, variables);
+        expect(result).toEqual(nodeRef);
+    });
+    describe("$template resolution", () => {
+        it("should fully collapse a template with only variables to $literal", () => {
+            const tmpl = {
+                $template: {
+                    strings: ["https://", ".api.com/", "/health"],
+                    values: [
+                        { $variable: { key: "env" } },
+                        { $variable: { key: "version" } },
+                    ],
+                },
+            };
+            const result = resolveVariablesInMonitor(tmpl, variables);
+            expect(result).toEqual({ $literal: "https://staging.api.com/v2/health" });
+        });
+        it("should partially resolve a template with mixed variable and secret", () => {
+            const tmpl = {
+                $template: {
+                    strings: ["https://", ".api.com?key=", ""],
+                    values: [
+                        { $variable: { key: "env" } },
+                        { $secret: { ref: "API_KEY" } },
+                    ],
+                },
+            };
+            const result = resolveVariablesInMonitor(tmpl, variables);
+            expect(result).toEqual({
+                $template: {
+                    strings: ["https://staging.api.com?key=", ""],
+                    values: [{ $secret: { ref: "API_KEY" } }],
+                },
+            });
+        });
+        it("should partially resolve a template with mixed variable and nodeRef", () => {
+            const tmpl = {
+                $template: {
+                    strings: ["/api/", "/resource/", ""],
+                    values: [
+                        { $variable: { key: "version" } },
+                        { $nodeRef: { nodeId: "step1", subject: "body", path: ["id"] } },
+                    ],
+                },
+            };
+            const result = resolveVariablesInMonitor(tmpl, variables);
+            expect(result).toEqual({
+                $template: {
+                    strings: ["/api/v2/resource/", ""],
+                    values: [
+                        { $nodeRef: { nodeId: "step1", subject: "body", path: ["id"] } },
+                    ],
+                },
+            });
+        });
+        it("should pass through a template with no variables unchanged", () => {
+            const tmpl = {
+                $template: {
+                    strings: ["Bearer ", ""],
+                    values: [{ $secret: { ref: "TOKEN" } }],
+                },
+            };
+            const result = resolveVariablesInMonitor(tmpl, variables);
+            expect(result).toEqual(tmpl);
+        });
+        it("should handle adjacent variable interpolations", () => {
+            const tmpl = {
+                $template: {
+                    strings: ["", "", "/path"],
+                    values: [
+                        { $variable: { key: "env" } },
+                        { $variable: { key: "version" } },
+                    ],
+                },
+            };
+            const result = resolveVariablesInMonitor(tmpl, variables);
+            expect(result).toEqual({ $literal: "stagingv2/path" });
+        });
+        it("should resolve templates nested in monitor structure", () => {
+            const monitor = {
+                nodes: [
+                    {
+                        type: "HTTP_REQUEST",
+                        path: {
+                            $template: {
+                                strings: ["/api/", "/health"],
+                                values: [{ $variable: { key: "version" } }],
+                            },
+                        },
+                        base: {
+                            $template: {
+                                strings: ["https://", ".api.com"],
+                                values: [{ $variable: { key: "env" } }],
+                            },
+                        },
+                    },
+                ],
+            };
+            const result = resolveVariablesInMonitor(monitor, variables);
+            expect(result.nodes[0].path).toEqual({ $literal: "/api/v2/health" });
+            expect(result.nodes[0].base).toEqual({
+                $literal: "https://staging.api.com",
+            });
+        });
+    });
+});

package/dist/monitor-runner.js

@@ -1,6 +1,6 @@
 import "tsx";
 import { Value } from "typebox/value";
-import { executeMonitorV1, AxiosAdapter, planHasSecrets, } from "@griffin-app/griffin-executor";
+import { executeMonitorV1, AxiosAdapter, } from "@griffin-app/griffin-executor";
 import { MonitorDSLSchema } from "@griffin-app/griffin-core/schema";
 import { randomUUID } from "crypto";
 import { loadVariables } from "./core/variables.js";
@@ -28,19 +28,13 @@ export async function runTestFile(filePath, envName) {
     const resolvedMonitor = resolveMonitor(rawMonitor, projectId, envName, variables);
     // Create secret provider: prefer hub (authenticated) for cloud secrets,
     // fall back to env provider for fully-local runs.
-    let secretProvider;
     const monitorV1 = { ...resolvedMonitor, id: randomUUID() };
-    if (planHasSecrets(monitorV1)) {
-        try {
-            const sdk = await createSdkFromState();
-            secretProvider = new HubSecretProvider(sdk, envName);
-        }
-        catch {
-            // Hub not available — fall back to env provider
-            secretProvider = createEnvSecretsProvider();
-        }
+    let secretProvider;
+    try {
+        const sdk = await createSdkFromState();
+        secretProvider = new HubSecretProvider(sdk, envName);
     }
-    else {
+    catch {
         secretProvider = createEnvSecretsProvider();
     }
     try {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@griffin-app/griffin-cli",
-  "version": "1.0.30",
+  "version": "1.0.32",
   "description": "CLI tool for running and managing griffin API tests",
   "type": "module",
   "main": "dist/index.js",
@@ -24,9 +24,9 @@
   "author": "",
   "license": "MIT",
   "dependencies": {
-    "@griffin-app/griffin-hub-sdk": "1.0.27",
-    "@griffin-app/griffin-executor": "0.1.2",
-    "@griffin-app/griffin-core": "0.2.2",
+    "@griffin-app/griffin-core": "0.2.4",
+    "@griffin-app/griffin-executor": "0.1.7",
+    "@griffin-app/griffin-hub-sdk": "1.0.29",
     "better-auth": "^1.4.17",
     "cli-table3": "^0.6.5",
     "commander": "^12.1.0",