@hyperdrive.bot/cli 1.0.2

package/dist/commands/init.js

@@ -0,0 +1,817 @@
+import { Command } from '@oclif/core';
+import chalk from 'chalk';
+import inquirer from 'inquirer';
+import ora from 'ora';
+import { TenantService } from '../services/tenant-service.js';
+import { executeAccountAdd as executeAccountAddOriginal, openCloudFormationUrl, promptAccountDetails, registerAccount, waitForRoleVerification, } from '../utils/account-flow.js';
+import { executeAuthFlow as executeAuthFlowOriginal } from '../utils/auth-flow.js';
+import { executeGitConnect as executeGitConnectOriginal, promptGitProvider, } from '../utils/git-flow.js';
+import { executeJiraConnect as executeJiraConnectOriginal, promptJiraConnect, promptJiraDomain, registerJiraDomain, } from '../utils/jira-flow.js';
+import { displaySetupSummary } from '../utils/summary-display.js';
+import { validateTenantDomain } from '../utils/validation.js';
+// Module-level auth flow function - can be replaced for testing
+let authFlowImpl = executeAuthFlowOriginal;
+// Module-level account add flow function - can be replaced for testing
+let accountAddImpl = executeAccountAddOriginal;
+// Module-level git connect flow function - can be replaced for testing
+let gitConnectImpl = executeGitConnectOriginal;
+// Module-level jira connect flow function - can be replaced for testing
+let jiraConnectImpl = executeJiraConnectOriginal;
+/**
+ * Set a custom auth flow implementation (for testing)
+ */
+export function setAuthFlowImpl(impl) {
+    authFlowImpl = impl;
+}
+/**
+ * Reset auth flow to original implementation
+ */
+export function resetAuthFlowImpl() {
+    authFlowImpl = executeAuthFlowOriginal;
+}
+/**
+ * Get the current auth flow implementation
+ */
+export function getAuthFlowImpl() {
+    return authFlowImpl;
+}
+/**
+ * Set a custom account add flow implementation (for testing)
+ */
+export function setAccountAddImpl(impl) {
+    accountAddImpl = impl;
+}
+/**
+ * Reset account add flow to original implementation
+ */
+export function resetAccountAddImpl() {
+    accountAddImpl = executeAccountAddOriginal;
+}
+/**
+ * Get the current account add flow implementation
+ */
+export function getAccountAddImpl() {
+    return accountAddImpl;
+}
+/**
+ * Set a custom git connect flow implementation (for testing)
+ */
+export function setGitConnectImpl(impl) {
+    gitConnectImpl = impl;
+}
+/**
+ * Reset git connect flow to original implementation
+ */
+export function resetGitConnectImpl() {
+    gitConnectImpl = executeGitConnectOriginal;
+}
+/**
+ * Get the current git connect flow implementation
+ */
+export function getGitConnectImpl() {
+    return gitConnectImpl;
+}
+/**
+ * Set a custom jira connect flow implementation (for testing)
+ */
+export function setJiraConnectImpl(impl) {
+    jiraConnectImpl = impl;
+}
+/**
+ * Reset jira connect flow to original implementation
+ */
+export function resetJiraConnectImpl() {
+    jiraConnectImpl = executeJiraConnectOriginal;
+}
+/**
+ * Get the current jira connect flow implementation
+ */
+export function getJiraConnectImpl() {
+    return jiraConnectImpl;
+}
+export default class Init extends Command {
+    static description = 'Initialize Hyperdrive CLI with guided setup wizard';
+    static examples = [
+        '<%= config.bin %> <%= command.id %>',
+    ];
+    accountsSkipped = false;
+    authSkipped = false;
+    connectedAccounts = [];
+    connectedGitProvider;
+    connectedJira;
+    gitSkipped = false;
+    jiraSkipped = false;
+    tenantService;
+    constructor(argv, config) {
+        super(argv, config);
+        this.tenantService = new TenantService();
+    }
+    async run() {
+        this.displayWelcome();
+        const shouldContinue = await this.promptContinue();
+        if (!shouldContinue) {
+            this.log('');
+            this.log(chalk.yellow('👋 Setup cancelled. Run `hd init` when you\'re ready to configure Hyperdrive.'));
+            return;
+        }
+        // Step 1: Configure tenant domain
+        this.log('');
+        const tenantDomain = await this.configureTenantDomain();
+        // Step 2: Authenticate user
+        this.log('');
+        await this.authenticateUser(tenantDomain);
+        // Step 3: AWS Account Setup (only if authenticated or skipped)
+        this.log('');
+        await this.addAwsAccounts(tenantDomain);
+        // Step 4: Git Provider Setup
+        this.log('');
+        await this.connectGitProvider();
+        // Step 5: Jira Integration Setup
+        this.log('');
+        await this.connectJira();
+        // Display summary
+        this.showSummary(tenantDomain);
+    }
+    /**
+     * Add AWS accounts step in the init wizard
+     *
+     * Implements:
+     * - Initial prompt to add an AWS account
+     * - Loop to add multiple accounts
+     * - Skip option with helpful message
+     * - Summary display of connected accounts
+     */
+    async addAwsAccounts(tenantDomain) {
+        this.log(chalk.blue('AWS Account Setup'));
+        this.log(chalk.dim('Connect AWS accounts that Hyperdrive can deploy to'));
+        this.log('');
+        // Check if authentication was skipped - warn user but allow to try
+        if (this.authSkipped) {
+            this.log(chalk.yellow('⚠') + ' Authentication was skipped. Account setup requires authentication.');
+            const { tryAnyway } = await inquirer.prompt([{
+                    default: false,
+                    message: 'Would you like to try adding an AWS account anyway?',
+                    name: 'tryAnyway',
+                    type: 'confirm',
+                }]);
+            if (!tryAnyway) {
+                this.accountsSkipped = true;
+                this.log(chalk.yellow('⚠') + " Skipped AWS account setup. Run 'hd account add' later.");
+                return;
+            }
+        }
+        // Initial prompt to add an account
+        const { addAccount } = await inquirer.prompt([{
+                default: true,
+                message: 'Would you like to add an AWS account?',
+                name: 'addAccount',
+                type: 'confirm',
+            }]);
+        if (!addAccount) {
+            this.accountsSkipped = true;
+            this.log(chalk.yellow('⚠') + " Skipped AWS account setup. Run 'hd account add' later.");
+            return;
+        }
+        // Loop to add multiple accounts
+        let continueAdding = true;
+        while (continueAdding) {
+            const result = await this.addSingleAwsAccount(tenantDomain);
+            if (result.success && result.accountId) {
+                this.connectedAccounts.push({
+                    accountId: result.accountId,
+                    alias: result.alias,
+                });
+                // Prompt to add another
+                const { addAnother } = await inquirer.prompt([{
+                        default: false,
+                        message: 'Add another AWS account?',
+                        name: 'addAnother',
+                        type: 'confirm',
+                    }]);
+                continueAdding = addAnother;
+            }
+            else {
+                // Account add failed - offer retry or skip
+                const { action } = await inquirer.prompt([{
+                        choices: [
+                            { name: 'Retry adding this account', value: 'retry' },
+                            { name: 'Skip this account and continue', value: 'skip' },
+                            { name: 'Skip AWS account setup entirely', value: 'skip_all' },
+                        ],
+                        message: 'Account setup failed. What would you like to do?',
+                        name: 'action',
+                        type: 'list',
+                    }]);
+                if (action === 'retry') {
+                    // Continue the loop to retry
+                    continue;
+                }
+                else if (action === 'skip') {
+                    // Ask if they want to add a different account
+                    const { addAnother } = await inquirer.prompt([{
+                            default: false,
+                            message: 'Would you like to add a different AWS account?',
+                            name: 'addAnother',
+                            type: 'confirm',
+                        }]);
+                    continueAdding = addAnother;
+                }
+                else {
+                    // Skip all
+                    continueAdding = false;
+                }
+            }
+        }
+        // Display summary
+        this.displayAccountSummary();
+    }
+    /**
+     * Add a single AWS account with proper separation of concerns
+     *
+     * Architecture:
+     * 1. Prompt for account details (no spinner - user needs to see prompts)
+     * 2. Check for duplicate account ID
+     * 3. Register account with API (with spinner - actual work happening)
+     * 4. Handle role creation if needed
+     */
+    async addSingleAwsAccount(tenantDomain) {
+        try {
+            // Step 1: Collect account details from user (NO SPINNER - user needs to see prompts!)
+            const accountData = await promptAccountDetails();
+            // Step 2: Check for duplicate account ID
+            const isDuplicate = this.connectedAccounts.some(account => account.accountId === accountData.accountId);
+            if (isDuplicate) {
+                this.log(chalk.yellow('⚠') + ` Account ${accountData.accountId} is already connected`);
+                this.log(chalk.gray('  Skipping duplicate account...'));
+                return { success: false };
+            }
+            // Step 3: Register account with API (WITH SPINNER - actual API work)
+            const spinner = ora('Registering AWS account...').start();
+            const result = await registerAccount(accountData);
+            if (!result.success) {
+                spinner.fail('Failed to register AWS account');
+                this.log(chalk.red('✗') + ` Error: ${result.error || 'Unknown error'}`);
+                return { success: false };
+            }
+            spinner.succeed('AWS account registered');
+            this.log(chalk.green('✓') + ` Account ${result.accountId} added${result.accountAlias ? ` (${result.accountAlias})` : ''}`);
+            // Step 3: Handle role creation if needed
+            if (result.quickCreateUrl) {
+                await this.handleRoleCreation(result);
+            }
+            return {
+                accountId: result.accountId,
+                alias: result.accountAlias,
+                success: true,
+            };
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            this.log(chalk.red('✗') + ` Error: ${errorMessage}`);
+            return { success: false };
+        }
+    }
+    /**
+     * Authenticate user using OAuth PKCE flow with retry logic
+     *
+     * Implements:
+     * - Spinner display during authentication
+     * - Retry logic (max 3 attempts)
+     * - Skip option after failed attempts
+     */
+    async authenticateUser(tenantDomain) {
+        const MAX_RETRIES = 3;
+        let attempts = 0;
+        this.log(chalk.blue('Authenticating with Hyperdrive...'));
+        while (attempts < MAX_RETRIES) {
+            attempts++;
+            const spinner = ora('Opening browser for authentication...').start();
+            try {
+                const result = await getAuthFlowImpl()({
+                    logger: (message) => this.log(message),
+                    tenantDomain
+                });
+                if (result.success) {
+                    spinner.succeed('Browser authentication complete');
+                    this.log(chalk.green('✓') + ' Authentication successful');
+                    return;
+                }
+                else {
+                    spinner.fail('Authentication failed');
+                    this.log(chalk.red('✗') + ` Authentication failed: ${result.error || 'Unknown error'}`);
+                    // Check if we should retry or offer skip
+                    if (attempts < MAX_RETRIES) {
+                        const { retry } = await inquirer.prompt([
+                            {
+                                default: true,
+                                message: 'Authentication failed. Would you like to retry?',
+                                name: 'retry',
+                                type: 'confirm',
+                            },
+                        ]);
+                        if (!retry) {
+                            // User chose not to retry, offer skip
+                            await this.handleAuthSkip();
+                            return;
+                        }
+                    }
+                    else {
+                        // Max retries reached, offer skip
+                        const { skip } = await inquirer.prompt([
+                            {
+                                default: false,
+                                message: 'Authentication failed 3 times. Skip and continue?',
+                                name: 'skip',
+                                type: 'confirm',
+                            },
+                        ]);
+                        if (skip) {
+                            await this.handleAuthSkip();
+                            return;
+                        }
+                        else {
+                            // User chose not to skip after max retries, exit
+                            this.log('');
+                            this.log(chalk.yellow('⚠') + ' Setup cannot continue without authentication.');
+                            this.log(chalk.gray("Run 'hd auth login' to authenticate separately."));
+                            return;
+                        }
+                    }
+                }
+            }
+            catch (error) {
+                spinner.fail('Authentication failed');
+                const errorMessage = error instanceof Error ? error.message : String(error);
+                this.log(chalk.red('✗') + ` Authentication failed: ${errorMessage}`);
+                // Check if we should retry or offer skip
+                if (attempts < MAX_RETRIES) {
+                    const { retry } = await inquirer.prompt([
+                        {
+                            default: true,
+                            message: 'Authentication failed. Would you like to retry?',
+                            name: 'retry',
+                            type: 'confirm',
+                        },
+                    ]);
+                    if (!retry) {
+                        // User chose not to retry, offer skip
+                        await this.handleAuthSkip();
+                        return;
+                    }
+                }
+                else {
+                    // Max retries reached, offer skip
+                    const { skip } = await inquirer.prompt([
+                        {
+                            default: false,
+                            message: 'Authentication failed 3 times. Skip and continue?',
+                            name: 'skip',
+                            type: 'confirm',
+                        },
+                    ]);
+                    if (skip) {
+                        await this.handleAuthSkip();
+                        return;
+                    }
+                    else {
+                        // User chose not to skip after max retries, exit
+                        this.log('');
+                        this.log(chalk.yellow('⚠') + ' Setup cannot continue without authentication.');
+                        this.log(chalk.gray("Run 'hd auth login' to authenticate separately."));
+                        return;
+                    }
+                }
+            }
+        }
+    }
+    /**
+     * Configure tenant domain - prompts for input or offers to keep existing
+     * Returns the configured domain for potential use in subsequent steps
+     */
+    async configureTenantDomain() {
+        const existingDomain = this.tenantService.getTenantDomain();
+        let domain;
+        if (existingDomain) {
+            // Existing domain found - offer to keep or change
+            const { action } = await inquirer.prompt([
+                {
+                    choices: [
+                        { name: `Keep current domain (${existingDomain})`, value: 'keep' },
+                        { name: 'Enter a different domain', value: 'change' },
+                    ],
+                    message: `Tenant domain already configured: ${chalk.cyan(existingDomain)}`,
+                    name: 'action',
+                    type: 'list',
+                },
+            ]);
+            if (action === 'keep') {
+                domain = existingDomain;
+                this.log(chalk.green('✓') + ' Tenant domain configured: ' + chalk.cyan(domain));
+                return domain;
+            }
+        }
+        // Prompt for new domain
+        const { newDomain } = await inquirer.prompt([
+            {
+                message: 'Enter your tenant domain (e.g., acme.hyperdrive.bot):',
+                name: 'newDomain',
+                type: 'input',
+                validate: (input) => {
+                    if (validateTenantDomain(input)) {
+                        return true;
+                    }
+                    return 'Invalid domain format. Use subdomain.hyperdrive.bot or a valid custom domain';
+                },
+            },
+        ]);
+        domain = newDomain.trim();
+        // Save the domain to config
+        this.tenantService.setTenantDomain(domain);
+        this.log(chalk.green('✓') + ' Tenant domain configured: ' + chalk.cyan(domain));
+        return domain;
+    }
+    /**
+     * Connect Git provider step in the init wizard
+     *
+     * Implements:
+     * - Provider selection prompt (GitHub, GitLab, Skip)
+     * - OAuth flow execution with spinner
+     * - Retry logic on failure
+     * - Skip option with helpful message
+     */
+    async connectGitProvider() {
+        this.log(chalk.blue('Git Provider Setup'));
+        this.log(chalk.dim('Connect GitHub or GitLab for automated deployments'));
+        this.log('');
+        // Check if authentication was skipped - warn user but allow to try
+        if (this.authSkipped) {
+            this.log(chalk.yellow('⚠') + ' Authentication was skipped. Git provider setup requires authentication.');
+            const { tryAnyway } = await inquirer.prompt([{
+                    default: false,
+                    message: 'Would you like to try connecting a Git provider anyway?',
+                    name: 'tryAnyway',
+                    type: 'confirm',
+                }]);
+            if (!tryAnyway) {
+                this.gitSkipped = true;
+                this.log(chalk.yellow('⚠') + " Skipped Git provider setup. Run 'hd git connect' later.");
+                return;
+            }
+        }
+        // Prompt for provider selection (includes Skip option)
+        const provider = await promptGitProvider(true);
+        if (provider === 'skip') {
+            this.gitSkipped = true;
+            this.log(chalk.yellow('⚠') + " Skipped Git provider setup. Run 'hd git connect' later.");
+            return;
+        }
+        // Execute OAuth flow with retry logic
+        await this.executeGitOAuthFlow(provider);
+    }
+    /**
+     * Connect Jira integration step in the init wizard
+     *
+     * Implements:
+     * 1. Prompt to connect Jira (includes Skip option)
+     * 2. Prompt for Jira domain
+     * 3. Pre-register domain with API
+     * 4. Display marketplace URL for app installation
+     */
+    async connectJira() {
+        this.log(chalk.blue('Jira Integration Setup'));
+        this.log(chalk.dim('Connect Jira for automated project management integration'));
+        this.log('');
+        // Check if authentication was skipped - warn user but allow to try
+        if (this.authSkipped) {
+            this.log(chalk.yellow('⚠') + ' Authentication was skipped. Jira integration requires authentication.');
+            const { tryAnyway } = await inquirer.prompt([{
+                    default: false,
+                    message: 'Would you like to try connecting Jira anyway?',
+                    name: 'tryAnyway',
+                    type: 'confirm',
+                }]);
+            if (!tryAnyway) {
+                this.jiraSkipped = true;
+                this.log(chalk.yellow('⚠') + " Skipped Jira integration. Run 'hd jira connect' later.");
+                return;
+            }
+        }
+        // Prompt to connect or skip
+        const action = await promptJiraConnect(true);
+        if (action === 'skip') {
+            this.jiraSkipped = true;
+            this.log(chalk.yellow('⚠') + " Skipped Jira integration. Run 'hd jira connect' later.");
+            return;
+        }
+        // Execute Jira connection flow with retry limit
+        await this.executeJiraConnect(0);
+    }
+    /**
+     * Display summary of connected accounts
+     */
+    displayAccountSummary() {
+        this.log('');
+        if (this.connectedAccounts.length > 0) {
+            this.log(chalk.green('✓') + ` Connected ${this.connectedAccounts.length} AWS account(s)`);
+            for (const account of this.connectedAccounts) {
+                this.log(chalk.gray(`  - ${account.accountId}${account.alias ? ` (${account.alias})` : ''}`));
+            }
+        }
+        else {
+            this.log(chalk.yellow('⚠') + ' No AWS accounts connected');
+            this.log(chalk.gray("  Run 'hd account add' later to connect AWS accounts."));
+        }
+    }
+    /**
+     * Display welcome message with Hyperdrive branding and setup steps
+     */
+    displayWelcome() {
+        this.log('');
+        this.log(chalk.blue('╔═══════════════════════════════════════════════════════════════╗'));
+        this.log(chalk.blue('║') + chalk.white.bold('              Welcome to Hyperdrive CLI Setup                 ') + chalk.blue('║'));
+        this.log(chalk.blue('╚═══════════════════════════════════════════════════════════════╝'));
+        this.log('');
+        this.log(chalk.white('This wizard will guide you through configuring Hyperdrive CLI.'));
+        this.log(chalk.white('The following steps will be completed:'));
+        this.log('');
+        this.log(chalk.cyan('  1. Tenant Domain'));
+        this.log(chalk.gray('     Configure your organization\'s Hyperdrive tenant domain'));
+        this.log('');
+        this.log(chalk.cyan('  2. Authentication'));
+        this.log(chalk.gray('     Sign in to your Hyperdrive account using OAuth'));
+        this.log('');
+        this.log(chalk.cyan('  3. AWS Accounts'));
+        this.log(chalk.gray('     Link AWS accounts for deployment targets'));
+        this.log('');
+        this.log(chalk.cyan('  4. Git Provider'));
+        this.log(chalk.gray('     Connect your Git provider for repository access'));
+        this.log('');
+        this.log(chalk.cyan('  5. Jira Integration'));
+        this.log(chalk.gray('     Connect Jira for project management integration'));
+        this.log('');
+    }
+    /**
+     * Execute Git OAuth flow with retry logic
+     *
+     * @param provider - Git provider to connect (github or gitlab)
+     * @param attemptCount - Current retry attempt (0-indexed)
+     */
+    async executeGitOAuthFlow(provider, attemptCount = 0) {
+        const providerName = provider === 'github' ? 'GitHub' : 'GitLab';
+        const spinner = ora(`Connecting to ${providerName}...`).start();
+        try {
+            const result = await getGitConnectImpl()({
+                logger: (message) => {
+                    spinner.text = message;
+                },
+                provider,
+            });
+            if (result.success) {
+                spinner.succeed(`Connected to ${providerName}`);
+                // Display connected account info
+                if (result.accountName) {
+                    this.log(chalk.green('✓') + ` Linked ${result.accountName}`);
+                }
+                // List connected installations if available
+                if (result.installations && result.installations.length > 0) {
+                    for (const installation of result.installations) {
+                        const accountName = installation.accountLogin || installation.gitlabUsername || 'Unknown';
+                        this.log(chalk.gray(`  - ${accountName} (${installation.provider})`));
+                    }
+                }
+                // Store connected provider info for summary
+                this.connectedGitProvider = {
+                    accountName: result.accountName,
+                    provider: result.provider,
+                };
+            }
+            else {
+                spinner.fail(`Failed to connect to ${providerName}`);
+                this.log(chalk.red('✗') + ` Error: ${result.error || 'Unknown error'}`);
+                // Offer retry
+                await this.handleGitRetry(provider, attemptCount);
+            }
+        }
+        catch (error) {
+            spinner.fail(`Failed to connect to ${providerName}`);
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            this.log(chalk.red('✗') + ` Error: ${errorMessage}`);
+            // Offer retry
+            await this.handleGitRetry(provider, attemptCount);
+        }
+    }
+    /**
+     * Execute Jira connection with proper separation of concerns
+     *
+     * Architecture:
+     * 1. Prompt for Jira domain (no spinner - user needs to see prompt)
+     * 2. Register domain with API (with spinner - actual work happening)
+     * 3. Display marketplace URL and next steps
+     *
+     * @param attemptCount - Current retry attempt (0-indexed)
+     */
+    async executeJiraConnect(attemptCount = 0) {
+        const MAX_RETRIES = 3;
+        try {
+            // Step 1: Collect Jira domain from user (NO SPINNER - user needs to see prompt!)
+            const domainData = await promptJiraDomain();
+            // Step 2: Register domain with API (WITH SPINNER - actual API work)
+            const spinner = ora('Registering Jira domain...').start();
+            const result = await registerJiraDomain(domainData.jiraDomain);
+            if (!result.success) {
+                spinner.fail('Failed to register Jira domain');
+                this.log(chalk.red('✗') + ` Error: ${result.error || 'Unknown error'}`);
+                // Offer retry if under max attempts
+                await this.handleJiraRetry(attemptCount);
+                return;
+            }
+            spinner.succeed('Jira domain registered successfully');
+            this.log(chalk.green('✓') + ` Domain ${result.jiraDomain} registered`);
+            // Store connected Jira info for summary
+            this.connectedJira = {
+                jiraDomain: result.jiraDomain,
+                registrationToken: result.registrationToken,
+            };
+            // Display next steps
+            this.log('');
+            this.log(chalk.bold('📋 Next Steps:'));
+            this.log(`  ${chalk.cyan('1.')} Install the Hyperdrive Forge app from the Atlassian Marketplace`);
+            this.log(`  ${chalk.cyan('2.')} Enter the registration token during installation`);
+            this.log('');
+            this.log(chalk.bold('Marketplace URL:'));
+            this.log(`  ${chalk.cyan(result.marketplaceUrl || 'https://marketplace.atlassian.com')}`);
+            this.log('');
+            this.log(chalk.dim('💡 Tip: Run') + chalk.cyan(' hd jira status ') + chalk.dim('to verify the connection'));
+            this.log('');
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            this.log(chalk.red('✗') + ` Error: ${errorMessage}`);
+            // Offer retry if under max attempts
+            await this.handleJiraRetry(attemptCount);
+        }
+    }
+    /**
+     * Handle authentication skip - set flag and display warning
+     */
+    async handleAuthSkip() {
+        this.authSkipped = true;
+        this.log('');
+        this.log(chalk.yellow('⚠') + " Authentication skipped. You'll need to run 'hd auth login' to use most commands.");
+    }
+    /**
+     * Handle Git connection failure with retry option
+     *
+     * @param provider - Git provider to connect (github or gitlab)
+     * @param attemptCount - Current retry attempt (0-indexed)
+     */
+    async handleGitRetry(provider, attemptCount) {
+        const MAX_RETRIES = 3;
+        if (attemptCount >= MAX_RETRIES) {
+            // Max retries reached
+            const { skip } = await inquirer.prompt([{
+                    default: false,
+                    message: 'Git connection failed 3 times. Skip and continue?',
+                    name: 'skip',
+                    type: 'confirm',
+                }]);
+            if (skip) {
+                this.gitSkipped = true;
+                this.log(chalk.yellow('⚠') + " Skipped Git provider setup. Run 'hd git connect' later.");
+            }
+            else {
+                this.log('');
+                this.log(chalk.yellow('⚠') + ' Setup cannot continue without Git provider.');
+                this.log(chalk.gray("Run 'hd git connect' to connect Git separately."));
+            }
+            return;
+        }
+        // Under max retries - offer retry
+        const { retry } = await inquirer.prompt([{
+                default: true,
+                message: 'Would you like to retry?',
+                name: 'retry',
+                type: 'confirm',
+            }]);
+        if (retry) {
+            // Re-execute OAuth flow for same provider with incremented attempt count
+            await this.executeGitOAuthFlow(provider, attemptCount + 1);
+        }
+        else {
+            // User chose not to retry - mark as skipped
+            this.gitSkipped = true;
+            this.log(chalk.yellow('⚠') + " Skipped Git provider setup. Run 'hd git connect' later.");
+        }
+    }
+    /**
+     * Handle Jira connection failure with retry option
+     *
+     * @param attemptCount - Current retry attempt (0-indexed)
+     */
+    async handleJiraRetry(attemptCount) {
+        const MAX_RETRIES = 3;
+        if (attemptCount >= MAX_RETRIES) {
+            // Max retries reached
+            const { skip } = await inquirer.prompt([{
+                    default: false,
+                    message: 'Jira connection failed 3 times. Skip and continue?',
+                    name: 'skip',
+                    type: 'confirm',
+                }]);
+            if (skip) {
+                this.jiraSkipped = true;
+                this.log(chalk.yellow('⚠') + " Skipped Jira integration. Run 'hd jira connect' later.");
+            }
+            else {
+                this.log('');
+                this.log(chalk.yellow('⚠') + ' Setup cannot continue without Jira connection.');
+                this.log(chalk.gray("Run 'hd jira connect' to connect Jira separately."));
+            }
+            return;
+        }
+        // Under max retries - offer retry
+        const { retry } = await inquirer.prompt([{
+                default: true,
+                message: 'Would you like to retry?',
+                name: 'retry',
+                type: 'confirm',
+            }]);
+        if (retry) {
+            // Re-execute Jira connection with incremented attempt count
+            await this.executeJiraConnect(attemptCount + 1);
+        }
+        else {
+            // User chose not to retry - mark as skipped
+            this.jiraSkipped = true;
+            this.log(chalk.yellow('⚠') + " Skipped Jira integration. Run 'hd jira connect' later.");
+        }
+    }
+    /**
+     * Handle cross-account IAM role creation
+     */
+    async handleRoleCreation(result) {
+        this.log('');
+        this.log(chalk.yellow('⚠') + ' A cross-account IAM role needs to be created.');
+        const { openBrowser } = await inquirer.prompt([{
+                default: true,
+                message: 'Open CloudFormation in browser to create the role?',
+                name: 'openBrowser',
+                type: 'confirm',
+            }]);
+        if (openBrowser) {
+            this.log(chalk.gray('Opening browser for CloudFormation stack creation...'));
+            this.log(chalk.dim('If browser doesn\'t open or opens in wrong profile, copy this URL:'));
+            this.log(chalk.cyan(`  ${result.quickCreateUrl}`));
+            this.log('');
+            await openCloudFormationUrl(result.quickCreateUrl);
+            // Wait for role verification
+            const verifySpinner = ora('Waiting for role verification...').start();
+            const verifyResult = await waitForRoleVerification(result.accountId, (message) => { verifySpinner.text = message; });
+            if (verifyResult.verified) {
+                verifySpinner.succeed('Cross-account role verified');
+                this.log(chalk.green('✓') + ' Role verified successfully');
+            }
+            else {
+                verifySpinner.warn('Role verification timed out');
+                this.log(chalk.yellow('⚠') + ' Role may still be creating. You can verify later with:');
+                this.log(chalk.gray(`  hd account verify --accountId ${result.accountId}`));
+            }
+        }
+        else {
+            this.log(chalk.gray('You can create the role later by running:'));
+            this.log(chalk.gray(`  hd account verify --accountId ${result.accountId}`));
+        }
+    }
+    /**
+     * Prompt user to continue or exit the setup wizard
+     */
+    async promptContinue() {
+        const answers = await inquirer.prompt([
+            {
+                default: true,
+                message: 'Ready to continue with setup?',
+                name: 'continue',
+                type: 'confirm',
+            },
+        ]);
+        return answers.continue;
+    }
+    /**
+     * Display final setup summary using the summary-display utility
+     */
+    showSummary(tenantDomain) {
+        const results = {
+            accountsSkipped: this.accountsSkipped,
+            authCompleted: !this.authSkipped,
+            authSkipped: this.authSkipped,
+            connectedAccounts: this.connectedAccounts,
+            gitAccountName: this.connectedGitProvider?.accountName,
+            gitProvider: this.connectedGitProvider?.provider,
+            gitSkipped: this.gitSkipped,
+            jiraDomain: this.connectedJira?.jiraDomain,
+            jiraSkipped: this.jiraSkipped,
+            tenantDomain,
+        };
+        displaySetupSummary(results, (message) => this.log(message));
+    }
+}