@instafy/cli 0.1.7 → 0.1.8-staging.348

package/dist/index.js

@@ -2,11 +2,14 @@ import { Command, Option } from "commander";
 import { pathToFileURL } from "node:url";
 import { createRequire } from "node:module";
 import kleur from "kleur";
-import { runtimeStart, runtimeStatus, runtimeStop, runtimeToken, } from "./runtime.js";
+import { runtimeStart, runtimeStatus, runtimeStop, runtimeToken, findProjectManifest, } from "./runtime.js";
+import { login, logout } from "./auth.js";
 import { gitToken } from "./git.js";
+import { runGitCredentialHelper } from "./git-credential.js";
 import { projectInit } from "./project.js";
-import { runTunnelCommand } from "./tunnel.js";
+import { listTunnelSessions, startTunnelDetached, stopTunnelSession, tailTunnelLogs, runTunnelCommand } from "./tunnel.js";
 import { requestControllerApi } from "./api.js";
+import { configGet, configList, configPath, configSet, configUnset } from "./config-command.js";
 export const program = new Command();
 const require = createRequire(import.meta.url);
 const pkg = require("../package.json");
@@ -32,6 +35,114 @@ program
     .name("instafy")
     .description("Instafy CLI — run your project locally and connect to Studio")
     .version(pkg.version ?? "0.1.0");
+program
+    .command("login")
+    .description("Log in and save an access token for future CLI commands")
+    .option("--studio-url <url>", "Studio web URL (default: staging or localhost)")
+    .option("--server-url <url>", "Instafy server/controller URL")
+    .option("--token <token>", "Provide token directly (skips prompt)")
+    .option("--no-git-setup", "Do not configure git credential helper")
+    .option("--no-store", "Do not save token to ~/.instafy/config.json")
+    .option("--json", "Output JSON")
+    .action(async (opts) => {
+    try {
+        await login({
+            controllerUrl: opts.serverUrl,
+            studioUrl: opts.studioUrl,
+            token: opts.token,
+            gitSetup: opts.gitSetup,
+            noStore: opts.store === false,
+            json: opts.json,
+        });
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
+program
+    .command("logout")
+    .description("Clear the saved CLI access token")
+    .option("--json", "Output JSON")
+    .action(async (opts) => {
+    try {
+        await logout({ json: opts.json });
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
+const configCommand = program.command("config").description("Get/set saved CLI configuration");
+configCommand
+    .command("path")
+    .description("Print the config file path")
+    .option("--json", "Output JSON")
+    .action(async (opts) => {
+    try {
+        configPath({ json: opts.json });
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
+configCommand
+    .command("list")
+    .description("List saved configuration")
+    .option("--json", "Output JSON")
+    .action(async (opts) => {
+    try {
+        configList({ json: opts.json });
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
+configCommand
+    .command("get")
+    .description("Get a config value (controller-url, studio-url)")
+    .argument("<key>", "Config key")
+    .option("--json", "Output JSON")
+    .action(async (key, opts) => {
+    try {
+        configGet({ key, json: opts.json });
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
+configCommand
+    .command("set")
+    .description("Set a config value (controller-url, studio-url)")
+    .argument("<key>", "Config key")
+    .argument("<value>", "Config value")
+    .option("--json", "Output JSON")
+    .action(async (key, value, opts) => {
+    try {
+        configSet({ key, value, json: opts.json });
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
+configCommand
+    .command("unset")
+    .description("Unset a config value (controller-url, studio-url)")
+    .argument("<key>", "Config key")
+    .option("--json", "Output JSON")
+    .action(async (key, opts) => {
+    try {
+        configUnset({ key, json: opts.json });
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
 const runtimeStartCommand = program
     .command("runtime:start")
     .description("Start a local runtime for this project")
@@ -46,6 +157,7 @@ runtimeStartCommand
     .option("--codex-bin <path>", "Path to codex binary (fallback to PATH)")
     .option("--proxy-base-url <url>", "Codex proxy base URL")
     .option("--workspace <path>", "Workspace directory (defaults to ./.instafy/workspace)")
+    .option("--runtime-mode <mode>", "Runtime runner (auto|docker|process)", "auto")
     .option("--origin-id <uuid>", "Origin ID to use (auto-generated if omitted)")
     .option("--origin-endpoint <url>", "Explicit origin endpoint (skip tunnel setup when provided)")
     .option("--origin-token <token>", "Runtime/origin access token for Studio registration")
@@ -100,7 +212,7 @@ program
 const runtimeTokenCommand = program
     .command("runtime:token")
     .description("Mint a runtime access token")
-    .requiredOption("--project <id>", "Project UUID");
+    .option("--project <id>", "Project UUID (defaults to .instafy/project.json)");
 addServerUrlOptions(runtimeTokenCommand);
 addAccessTokenOptions(runtimeTokenCommand, "Instafy access token (required)");
 runtimeTokenCommand
@@ -109,8 +221,14 @@ runtimeTokenCommand
     .option("--json", "Output token as JSON")
     .action(async (opts) => {
     try {
+        const project = typeof opts.project === "string" && opts.project.trim()
+            ? opts.project.trim()
+            : findProjectManifest(process.cwd()).manifest?.projectId ?? null;
+        if (!project) {
+            throw new Error("No project configured. Run `instafy project:init` or pass --project.");
+        }
         await runtimeToken({
-            project: opts.project,
+            project,
             controllerUrl: opts.serverUrl ?? opts.controllerUrl,
             controllerAccessToken: opts.accessToken ?? opts.controllerAccessToken,
             runtimeId: opts.runtimeId,
@@ -126,7 +244,7 @@ runtimeTokenCommand
 const gitTokenCommand = program
     .command("git:token")
     .description("Mint a git access token for the project repo")
-    .requiredOption("--project <id>", "Project UUID");
+    .option("--project <id>", "Project UUID (defaults to .instafy/project.json)");
 addServerUrlOptions(gitTokenCommand);
 addAccessTokenOptions(gitTokenCommand, "Instafy access token (required)");
 gitTokenCommand
@@ -137,13 +255,19 @@ gitTokenCommand
     .option("--json", "Output token response as JSON")
     .action(async (opts) => {
     try {
+        const project = typeof opts.project === "string" && opts.project.trim()
+            ? opts.project.trim()
+            : findProjectManifest(process.cwd()).manifest?.projectId ?? null;
+        if (!project) {
+            throw new Error("No project configured. Run `instafy project:init` or pass --project.");
+        }
         const ttlSecondsRaw = typeof opts.ttlSeconds === "string" ? opts.ttlSeconds.trim() : "";
         const ttlSeconds = ttlSecondsRaw.length > 0 ? Number.parseInt(ttlSecondsRaw, 10) : undefined;
         if (ttlSecondsRaw.length > 0 && (!Number.isFinite(ttlSeconds) || ttlSeconds <= 0)) {
             throw new Error("--ttl-seconds must be a positive integer");
         }
         await gitToken({
-            project: opts.project,
+            project,
             controllerUrl: opts.serverUrl ?? opts.controllerUrl,
             controllerAccessToken: opts.accessToken ?? opts.controllerAccessToken,
             supabaseAccessToken: opts.supabaseAccessToken,
@@ -158,6 +282,19 @@ gitTokenCommand
         process.exit(1);
     }
 });
+program
+    .command("git:credential", { hidden: true })
+    .description("Internal: git credential helper (used by Git when configured)")
+    .argument("<operation>", "Operation (get|store|erase)")
+    .action(async (operation) => {
+    try {
+        await runGitCredentialHelper(operation);
+    }
+    catch (error) {
+        console.error(String(error));
+        process.exit(1);
+    }
+});
 const projectInitCommand = program
     .command("project:init")
     .description("Create an Instafy project and link this folder (.instafy/project.json)")
@@ -192,22 +329,130 @@ projectInitCommand
 });
 const tunnelCommand = program
     .command("tunnel")
-    .description("Create a shareable tunnel URL for a local port")
-    .option("--project <id>", "Project UUID (or set PROJECT_ID)");
+    .description("Start a shareable tunnel URL for a local port (defaults to detached)")
+    .option("--port <port>", "Local port to expose (default 3000)")
+    .option("--project <id>", "Project UUID (defaults to .instafy/project.json or PROJECT_ID)");
 addServerUrlOptions(tunnelCommand);
+addAccessTokenOptions(tunnelCommand, "Instafy access token (defaults to saved `instafy login` token)");
 addServiceTokenOptions(tunnelCommand, "Instafy service token (advanced)");
 tunnelCommand
-    .option("--port <port>", "Local port to expose (default 3000)")
+    .option("--no-detach", "Run in foreground until interrupted")
     .option("--rathole-bin <path>", "Path to rathole binary (or set RATHOLE_BIN)")
+    .option("--log-file <path>", "Write tunnel logs to a file (default: ~/.instafy/cli-tunnel-logs/*)")
+    .option("--json", "Output JSON")
     .action(async (opts) => {
     try {
         const port = opts.port ? Number(opts.port) : undefined;
-        await runTunnelCommand({
+        const controllerToken = opts.serviceToken ??
+            opts.controllerToken ??
+            opts.accessToken ??
+            opts.controllerAccessToken;
+        if (opts.detach === false) {
+            await runTunnelCommand({
+                project: opts.project,
+                controllerUrl: opts.serverUrl ?? opts.controllerUrl,
+                controllerToken,
+                port,
+                ratholeBin: opts.ratholeBin,
+            });
+            return;
+        }
+        const started = await startTunnelDetached({
             project: opts.project,
             controllerUrl: opts.serverUrl ?? opts.controllerUrl,
-            controllerToken: opts.serviceToken ?? opts.controllerToken,
+            controllerToken,
             port,
             ratholeBin: opts.ratholeBin,
+            logFile: opts.logFile,
+        });
+        if (opts.json) {
+            console.log(JSON.stringify(started, null, 2));
+            return;
+        }
+        console.log(kleur.green(`Tunnel started: ${started.url} (tunnelId=${started.tunnelId})`));
+        console.log(kleur.gray(`pid=${started.pid} · port=${started.localPort}`));
+        console.log(kleur.gray(`log: ${started.logFile}`));
+        console.log("");
+        console.log("Next:");
+        console.log(`- ${kleur.cyan(`instafy tunnel:list`)}`);
+        console.log(`- ${kleur.cyan(`instafy tunnel:logs ${started.tunnelId} --follow`)}`);
+        console.log(`- ${kleur.cyan(`instafy tunnel:stop ${started.tunnelId}`)}`);
+        if (process.platform !== "win32") {
+            console.log(kleur.gray(`(or) tail -n 200 -f ${started.logFile}`));
+        }
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
+program
+    .command("tunnel:list")
+    .description("List local tunnel sessions started by this CLI")
+    .option("--all", "Include stopped/stale tunnels")
+    .option("--json", "Output JSON")
+    .action(async (opts) => {
+    try {
+        const tunnels = listTunnelSessions({ all: Boolean(opts.all), json: Boolean(opts.json) });
+        if (opts.json) {
+            console.log(JSON.stringify(tunnels, null, 2));
+            return;
+        }
+        if (tunnels.length === 0) {
+            console.log(kleur.yellow("No tunnels found."));
+            return;
+        }
+        for (const tunnel of tunnels) {
+            console.log(`${tunnel.tunnelId} · ${tunnel.url} · port=${tunnel.localPort} · pid=${tunnel.pid}`);
+        }
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
+program
+    .command("tunnel:stop")
+    .description("Stop a local tunnel session and revoke it")
+    .argument("[tunnelId]", "Tunnel ID (defaults to the only active tunnel)")
+    .option("--server-url <url>", "Instafy server URL")
+    .option("--access-token <token>", "Instafy access token (defaults to saved `instafy login` token)")
+    .option("--service-token <token>", "Instafy service token (advanced)")
+    .option("--json", "Output JSON")
+    .action(async (tunnelId, opts) => {
+    try {
+        const result = await stopTunnelSession({
+            tunnelId,
+            controllerUrl: opts.serverUrl,
+            controllerToken: opts.serviceToken ?? opts.accessToken,
+            json: opts.json,
+        });
+        if (opts.json) {
+            console.log(JSON.stringify(result, null, 2));
+            return;
+        }
+        console.log(kleur.green(`Tunnel stopped: ${result.tunnelId}`));
+    }
+    catch (error) {
+        console.error(kleur.red(String(error)));
+        process.exit(1);
+    }
+});
+program
+    .command("tunnel:logs")
+    .description("Show logs for a local tunnel session")
+    .argument("[tunnelId]", "Tunnel ID (defaults to the only active tunnel)")
+    .option("--lines <n>", "Number of lines to show", "200")
+    .option("--follow", "Follow log output (like tail -f)")
+    .option("--json", "Output JSON")
+    .action(async (tunnelId, opts) => {
+    try {
+        const lines = typeof opts.lines === "string" ? Number(opts.lines) : undefined;
+        await tailTunnelLogs({
+            tunnelId,
+            lines,
+            follow: Boolean(opts.follow),
+            json: Boolean(opts.json),
         });
     }
     catch (error) {
@@ -292,22 +537,22 @@ function configureApiCommand(command, method) {
 }
 const apiGetCommand = program
     .command("api:get")
-    .description("Perform an authenticated GET request to the controller API")
+    .description("Advanced: authenticated GET request to the controller API")
     .argument("<path>", "API path (or full URL), e.g. /conversations/<id>/messages?limit=50");
 configureApiCommand(apiGetCommand, "GET");
 const apiPostCommand = program
     .command("api:post")
-    .description("Perform an authenticated POST request to the controller API")
+    .description("Advanced: authenticated POST request to the controller API")
     .argument("<path>", "API path (or full URL)");
 configureApiCommand(apiPostCommand, "POST");
 const apiPatchCommand = program
     .command("api:patch")
-    .description("Perform an authenticated PATCH request to the controller API")
+    .description("Advanced: authenticated PATCH request to the controller API")
     .argument("<path>", "API path (or full URL)");
 configureApiCommand(apiPatchCommand, "PATCH");
 const apiDeleteCommand = program
     .command("api:delete")
-    .description("Perform an authenticated DELETE request to the controller API")
+    .description("Advanced: authenticated DELETE request to the controller API")
     .argument("<path>", "API path (or full URL)");
 configureApiCommand(apiDeleteCommand, "DELETE");
 export async function runCli(argv = process.argv) {

package/dist/org.js

@@ -1,24 +1,11 @@
 import kleur from "kleur";
-function normalizeUrl(raw) {
-    const value = (raw ?? "").trim();
-    if (!value)
-        return "http://127.0.0.1:8788";
-    return value.replace(/\/$/, "");
-}
-function normalizeToken(raw) {
-    if (!raw)
-        return null;
-    const trimmed = raw.trim();
-    return trimmed.length ? trimmed : null;
-}
+import { resolveControllerUrl, resolveUserAccessToken } from "./config.js";
+import { formatAuthRequiredError } from "./errors.js";
 export async function listOrganizations(params) {
-    const controllerUrl = normalizeUrl(params.controllerUrl ?? process.env["INSTAFY_SERVER_URL"] ?? process.env["CONTROLLER_BASE_URL"]);
-    const token = normalizeToken(params.accessToken) ??
-        normalizeToken(process.env["INSTAFY_ACCESS_TOKEN"]) ??
-        normalizeToken(process.env["CONTROLLER_ACCESS_TOKEN"]) ??
-        normalizeToken(process.env["SUPABASE_ACCESS_TOKEN"]);
+    const controllerUrl = resolveControllerUrl({ controllerUrl: params.controllerUrl ?? null });
+    const token = resolveUserAccessToken({ accessToken: params.accessToken ?? null });
     if (!token) {
-        throw new Error("Instafy or Supabase access token is required (--access-token, INSTAFY_ACCESS_TOKEN, or SUPABASE_ACCESS_TOKEN).");
+        throw formatAuthRequiredError({ retryCommand: "instafy org:list" });
     }
     const response = await fetch(`${controllerUrl}/orgs`, {
         headers: { authorization: `Bearer ${token}` },

package/dist/project.js

@@ -1,18 +1,8 @@
 import fs from "node:fs";
 import path from "node:path";
 import kleur from "kleur";
-function normalizeUrl(raw) {
-    const value = (raw ?? "").trim();
-    if (!value)
-        return "http://127.0.0.1:8788";
-    return value.replace(/\/$/, "");
-}
-function normalizeToken(raw) {
-    if (!raw)
-        return null;
-    const trimmed = raw.trim();
-    return trimmed.length ? trimmed : null;
-}
+import { resolveControllerUrl, resolveUserAccessToken } from "./config.js";
+import { formatAuthRequiredError } from "./errors.js";
 async function fetchOrganizations(controllerUrl, token) {
     const response = await fetch(`${controllerUrl}/orgs`, {
         headers: {
@@ -73,13 +63,10 @@ async function resolveOrg(controllerUrl, token, options) {
     return { orgId, orgName: json.org_name ?? null };
 }
 export async function listProjects(options) {
-    const controllerUrl = normalizeUrl(options.controllerUrl ?? process.env["INSTAFY_SERVER_URL"] ?? process.env["CONTROLLER_BASE_URL"]);
-    const token = normalizeToken(options.accessToken) ??
-        normalizeToken(process.env["INSTAFY_ACCESS_TOKEN"]) ??
-        normalizeToken(process.env["CONTROLLER_ACCESS_TOKEN"]) ??
-        normalizeToken(process.env["SUPABASE_ACCESS_TOKEN"]);
+    const controllerUrl = resolveControllerUrl({ controllerUrl: options.controllerUrl ?? null });
+    const token = resolveUserAccessToken({ accessToken: options.accessToken ?? null });
     if (!token) {
-        throw new Error("Instafy or Supabase access token is required (--access-token, INSTAFY_ACCESS_TOKEN, or SUPABASE_ACCESS_TOKEN).");
+        throw formatAuthRequiredError({ retryCommand: "instafy project:list" });
     }
     const orgs = await fetchOrganizations(controllerUrl, token);
     let targetOrgs = orgs;
@@ -124,13 +111,13 @@ export async function listProjects(options) {
 }
 export async function projectInit(options) {
     const rootDir = path.resolve(options.path ?? process.cwd());
-    const controllerUrl = normalizeUrl(options.controllerUrl ?? process.env["INSTAFY_SERVER_URL"] ?? process.env["CONTROLLER_BASE_URL"]);
-    const token = normalizeToken(options.accessToken) ??
-        normalizeToken(process.env["INSTAFY_ACCESS_TOKEN"]) ??
-        normalizeToken(process.env["CONTROLLER_ACCESS_TOKEN"]) ??
-        normalizeToken(process.env["SUPABASE_ACCESS_TOKEN"]);
+    const controllerUrl = resolveControllerUrl({ controllerUrl: options.controllerUrl ?? null });
+    const token = resolveUserAccessToken({ accessToken: options.accessToken ?? null });
     if (!token) {
-        throw new Error("Instafy or Supabase access token is required (--access-token, INSTAFY_ACCESS_TOKEN, or SUPABASE_ACCESS_TOKEN).");
+        throw formatAuthRequiredError({
+            retryCommand: "instafy project:init",
+            advancedHint: "pass --access-token or set INSTAFY_ACCESS_TOKEN / SUPABASE_ACCESS_TOKEN",
+        });
     }
     const org = await resolveOrg(controllerUrl, token, options);
     const body = {