@guildai/cli 0.5.13 → 0.6.1

package/dist/commands/{container → credentials}/list.js

@@ -5,13 +5,13 @@ import { GuildAPIClient } from '../../lib/api-client.js';
 import { getAuthToken } from '../../lib/auth.js';
 import { handleAxiosError } from '../../lib/errors.js';
 import { getOutputMode } from '../../lib/output-mode.js';
-import { createOutputWriter, formatContainerTable } from '../../lib/output.js';
-export function createContainerListCommand() {
+import { createOutputWriter, formatCredentialsTable } from '../../lib/output.js';
+export function createCredentialsListCommand() {
     const cmd = new Command('list');
     cmd
-        .description('List containers for an account')
-        .requiredOption('--account <id-or-name>', 'Account ID or name')
-        .option('--status <status>', 'Filter by status: STARTING, RUNNING, ERRORED, DESTROYED')
+        .description('List credentials for an account')
+        .requiredOption('--owner <account>', 'Account name or ID')
+        .option('--search <query>', 'Filter by integration name')
         .option('--limit <number>', 'Number of results to return', '20')
         .option('--offset <number>', 'Offset for pagination', '0')
         .action(async (options) => {
@@ -23,23 +23,24 @@ export function createContainerListCommand() {
                 process.exit(1);
             }
             const client = new GuildAPIClient();
+            const accountId = options.owner;
             const params = new URLSearchParams();
             params.append('limit', options.limit);
             params.append('offset', options.offset);
-            if (options.status) {
-                params.append('statuses', options.status.toUpperCase());
+            if (options.search) {
+                params.append('search', options.search);
             }
-            const response = await client.get(`/accounts/${options.account}/containers?${params.toString()}`);
+            const response = await client.get(`/accounts/${accountId}/credentials?${params.toString()}`);
             if (getOutputMode() === 'json') {
                 console.log(JSON.stringify(response, null, 2));
             }
             else {
-                formatContainerTable(response.items, response.pagination);
+                formatCredentialsTable(response.items, response.pagination);
             }
         }
         catch (error) {
             const formattedError = handleAxiosError(error);
-            output.error(`Failed to list containers: ${formattedError.details}`);
+            output.error(formattedError.details);
             process.exit(1);
         }
     });

package/dist/commands/credentials/policy-create.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function createCredentialsPolicyCreateCommand(): Command;
+//# sourceMappingURL=policy-create.d.ts.map

package/dist/commands/credentials/policy-create.js

@@ -0,0 +1,66 @@
+// Copyright 2026 Guild.ai
+// SPDX-License-Identifier: Apache-2.0
+import { Command } from 'commander';
+import { GuildAPIClient } from '../../lib/api-client.js';
+import { getAuthToken } from '../../lib/auth.js';
+import { handleAxiosError } from '../../lib/errors.js';
+import { createOutputWriter } from '../../lib/output.js';
+export function createCredentialsPolicyCreateCommand() {
+    const cmd = new Command('create');
+    cmd
+        .description('Create a policy for a credential')
+        .argument('<credential-id>', 'Credential ID')
+        .requiredOption('--decision <decision>', 'ALLOW or DENY')
+        .option('--operations <ops>', 'Comma-separated operation names')
+        .option('--workspaces <ids-or-names>', 'Comma-separated workspace IDs or names')
+        .option('--agents <ids-or-names>', 'Comma-separated agent IDs or names')
+        .option('--resources <json>', 'Resource restrictions as JSON')
+        .action(async (credentialId, options) => {
+        const output = createOutputWriter();
+        try {
+            const token = await getAuthToken();
+            if (!token) {
+                output.error('Not authenticated. Run: guild auth login');
+                process.exit(1);
+            }
+            const decision = options.decision.toUpperCase();
+            if (decision !== 'ALLOW' && decision !== 'DENY') {
+                output.error('--decision must be ALLOW or DENY');
+                process.exit(1);
+            }
+            const body = {
+                decision,
+            };
+            if (options.operations) {
+                body.operations = options.operations.split(',').map((s) => s.trim());
+            }
+            if (options.workspaces) {
+                body.workspace_ids_or_names = options.workspaces
+                    .split(',')
+                    .map((s) => s.trim());
+            }
+            if (options.agents) {
+                body.agent_ids_or_names = options.agents.split(',').map((s) => s.trim());
+            }
+            if (options.resources) {
+                try {
+                    body.resources = JSON.parse(options.resources);
+                }
+                catch {
+                    output.error('--resources must be valid JSON');
+                    process.exit(1);
+                }
+            }
+            const client = new GuildAPIClient();
+            const response = await client.post(`/credentials/${credentialId}/policies`, body);
+            output.data(response);
+        }
+        catch (error) {
+            const formattedError = handleAxiosError(error);
+            output.error(formattedError.details);
+            process.exit(1);
+        }
+    });
+    return cmd;
+}
+//# sourceMappingURL=policy-create.js.map

package/dist/commands/credentials/policy-delete.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function createCredentialsPolicyDeleteCommand(): Command;
+//# sourceMappingURL=policy-delete.d.ts.map

package/dist/commands/{container/get.js → credentials/policy-delete.js}

@@ -5,12 +5,12 @@ import { GuildAPIClient } from '../../lib/api-client.js';
 import { getAuthToken } from '../../lib/auth.js';
 import { handleAxiosError } from '../../lib/errors.js';
 import { createOutputWriter } from '../../lib/output.js';
-export function createContainerGetCommand() {
-    const cmd = new Command('get');
+export function createCredentialsPolicyDeleteCommand() {
+    const cmd = new Command('delete');
     cmd
-        .description('Get container details')
-        .argument('<container-id>', 'Container ID')
-        .action(async (containerId) => {
+        .description('Delete a credential policy')
+        .argument('<policy-id>', 'Policy ID')
+        .action(async (policyId) => {
         const output = createOutputWriter();
         try {
             const token = await getAuthToken();
@@ -19,15 +19,15 @@ export function createContainerGetCommand() {
                 process.exit(1);
             }
             const client = new GuildAPIClient();
-            const response = await client.get(`/containers/${containerId}`);
-            output.data(response);
+            await client.delete(`/credentials/policies/${policyId}`);
+            output.success(`Policy ${policyId} deleted`);
         }
         catch (error) {
             const formattedError = handleAxiosError(error);
-            output.error(`Failed to get container: ${formattedError.details}`);
+            output.error(formattedError.details);
             process.exit(1);
         }
     });
     return cmd;
 }
-//# sourceMappingURL=get.js.map
+//# sourceMappingURL=policy-delete.js.map

package/dist/commands/credentials/policy-list.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function createCredentialsPolicyListCommand(): Command;
+//# sourceMappingURL=policy-list.d.ts.map

package/dist/commands/{container-image/list.js → credentials/policy-list.js}

@@ -5,15 +5,15 @@ import { GuildAPIClient } from '../../lib/api-client.js';
 import { getAuthToken } from '../../lib/auth.js';
 import { handleAxiosError } from '../../lib/errors.js';
 import { getOutputMode } from '../../lib/output-mode.js';
-import { createOutputWriter, formatContainerImageTable } from '../../lib/output.js';
-export function createContainerImageListCommand() {
+import { createOutputWriter, formatPoliciesTable } from '../../lib/output.js';
+export function createCredentialsPolicyListCommand() {
     const cmd = new Command('list');
     cmd
-        .description('List container images for an account')
-        .requiredOption('--account <id-or-name>', 'Account ID or name')
+        .description('List policies for a credential')
+        .argument('<credential-id>', 'Credential ID')
         .option('--limit <number>', 'Number of results to return', '20')
         .option('--offset <number>', 'Offset for pagination', '0')
-        .action(async (options) => {
+        .action(async (credentialId, options) => {
         const output = createOutputWriter();
         try {
             const token = await getAuthToken();
@@ -25,20 +25,20 @@ export function createContainerImageListCommand() {
             const params = new URLSearchParams();
             params.append('limit', options.limit);
             params.append('offset', options.offset);
-            const response = await client.get(`/accounts/${options.account}/container-images?${params.toString()}`);
+            const response = await client.get(`/credentials/${credentialId}/policies?${params.toString()}`);
             if (getOutputMode() === 'json') {
                 console.log(JSON.stringify(response, null, 2));
             }
             else {
-                formatContainerImageTable(response.items, response.pagination);
+                formatPoliciesTable(response.items, response.pagination);
             }
         }
         catch (error) {
             const formattedError = handleAxiosError(error);
-            output.error(`Failed to list container images: ${formattedError.details}`);
+            output.error(formattedError.details);
             process.exit(1);
         }
     });
     return cmd;
 }
-//# sourceMappingURL=list.js.map
+//# sourceMappingURL=policy-list.js.map

package/dist/commands/credentials/policy-update.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function createCredentialsPolicyUpdateCommand(): Command;
+//# sourceMappingURL=policy-update.d.ts.map

package/dist/commands/credentials/policy-update.js

@@ -0,0 +1,66 @@
+// Copyright 2026 Guild.ai
+// SPDX-License-Identifier: Apache-2.0
+import { Command } from 'commander';
+import { GuildAPIClient } from '../../lib/api-client.js';
+import { getAuthToken } from '../../lib/auth.js';
+import { handleAxiosError } from '../../lib/errors.js';
+import { createOutputWriter } from '../../lib/output.js';
+export function createCredentialsPolicyUpdateCommand() {
+    const cmd = new Command('update');
+    cmd
+        .description('Update a credential policy')
+        .argument('<policy-id>', 'Policy ID')
+        .requiredOption('--decision <decision>', 'ALLOW or DENY')
+        .option('--operations <ops>', 'Comma-separated operation names')
+        .option('--workspaces <ids-or-names>', 'Comma-separated workspace IDs or names')
+        .option('--agents <ids-or-names>', 'Comma-separated agent IDs or names')
+        .option('--resources <json>', 'Resource restrictions as JSON')
+        .action(async (policyId, options) => {
+        const output = createOutputWriter();
+        try {
+            const token = await getAuthToken();
+            if (!token) {
+                output.error('Not authenticated. Run: guild auth login');
+                process.exit(1);
+            }
+            const decision = options.decision.toUpperCase();
+            if (decision !== 'ALLOW' && decision !== 'DENY') {
+                output.error('--decision must be ALLOW or DENY');
+                process.exit(1);
+            }
+            const body = {
+                decision,
+            };
+            if (options.operations) {
+                body.operations = options.operations.split(',').map((s) => s.trim());
+            }
+            if (options.workspaces) {
+                body.workspace_ids_or_names = options.workspaces
+                    .split(',')
+                    .map((s) => s.trim());
+            }
+            if (options.agents) {
+                body.agent_ids_or_names = options.agents.split(',').map((s) => s.trim());
+            }
+            if (options.resources) {
+                try {
+                    body.resources = JSON.parse(options.resources);
+                }
+                catch {
+                    output.error('--resources must be valid JSON');
+                    process.exit(1);
+                }
+            }
+            const client = new GuildAPIClient();
+            const response = await client.put(`/credentials/policies/${policyId}`, body);
+            output.data(response);
+        }
+        catch (error) {
+            const formattedError = handleAxiosError(error);
+            output.error(formattedError.details);
+            process.exit(1);
+        }
+    });
+    return cmd;
+}
+//# sourceMappingURL=policy-update.js.map

package/dist/commands/integration/connect.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function createIntegrationConnectCommand(): Command;
+//# sourceMappingURL=connect.d.ts.map

package/dist/commands/integration/connect.js

@@ -0,0 +1,76 @@
+// Copyright 2026 Guild.ai
+// SPDX-License-Identifier: Apache-2.0
+import { Command } from 'commander';
+import chalk from 'chalk';
+import inquirer from 'inquirer';
+import { GuildAPIClient } from '../../lib/api-client.js';
+import { getAuthToken } from '../../lib/auth.js';
+import { handleAxiosError } from '../../lib/errors.js';
+import { getOutputMode } from '../../lib/output-mode.js';
+import { createOutputWriter } from '../../lib/output.js';
+import { isInteractive } from '../../lib/stdin.js';
+export function createIntegrationConnectCommand() {
+    const cmd = new Command('connect');
+    cmd
+        .description('Connect credentials to an integration')
+        .argument('<id_or_name>', 'Integration ID (UUID) or name in owner~name format (e.g. myorg~my-integration)')
+        .option('--token <value>', 'API key value (required in non-interactive mode)')
+        .requiredOption('--owner <id_or_name>', 'Account to own the credential — username, org name, or account ID')
+        .action(async (identifier, options) => {
+        const output = createOutputWriter();
+        try {
+            const token = await getAuthToken();
+            if (!token) {
+                output.error('Not authenticated. Please log in first.', 'Run: guild auth login');
+                process.exit(1);
+            }
+            if (!options.token && !isInteractive()) {
+                output.error('--token is required in non-interactive mode');
+                process.exit(1);
+            }
+            const client = new GuildAPIClient();
+            const integration = await client.get(`/integrations/${identifier}`);
+            if (!integration.auth_config) {
+                output.error('This integration has no authentication configured.');
+                process.exit(1);
+            }
+            if (integration.auth_config.entity_type !== 'EntIntegrationAuthConfigApiKey') {
+                output.error('OAuth integrations must be connected via the dashboard.');
+                process.exit(1);
+            }
+            let apiKey = options.token;
+            if (!apiKey) {
+                const answer = await inquirer.prompt([
+                    {
+                        type: 'password',
+                        name: 'apiKey',
+                        message: 'API Key:',
+                        validate: (input) => input.length > 0 || 'API key cannot be empty',
+                    },
+                ]);
+                apiKey = answer.apiKey;
+            }
+            const params = new URLSearchParams();
+            params.append('auth_config_id', integration.auth_config.id);
+            params.append('owner_id', options.owner);
+            const credential = await client.post(`/credentials/api-key?${params.toString()}`, { tokens: { token: apiKey } });
+            if (getOutputMode() === 'json') {
+                output.data(credential);
+            }
+            else {
+                console.log(chalk.green('Connected to ') + chalk.bold(integration.name));
+                console.log();
+                console.log(`  ${'Credential ID'.padEnd(15)}${credential.id}`);
+                console.log(`  ${'Integration'.padEnd(15)}${integration.owner.name}~${integration.name}`);
+                console.log(`  ${'Owner'.padEnd(15)}${options.owner}`);
+            }
+        }
+        catch (error) {
+            const formattedError = handleAxiosError(error);
+            output.error(`Failed to connect: ${formattedError.details}`);
+            process.exit(1);
+        }
+    });
+    return cmd;
+}
+//# sourceMappingURL=connect.js.map

package/dist/commands/integration/create.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function createIntegrationCreateCommand(): Command;
+//# sourceMappingURL=create.d.ts.map