npm - @invarn/cibuild - Versions diffs - 1.3.16 → 1.3.18 - Mend

@invarn/cibuild 1.3.16 → 1.3.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (242) hide show

package/dist/cli.cjs +1 -1
package/dist/src/cli.d.ts +3 -0
package/dist/src/cli.d.ts.map +1 -0
package/dist/src/cli.js +987 -0
package/dist/src/commands/android-scanner.d.ts +32 -0
package/dist/src/commands/android-scanner.d.ts.map +1 -0
package/dist/src/commands/android-scanner.js +667 -0
package/dist/src/commands/build.d.ts +5 -0
package/dist/src/commands/build.d.ts.map +1 -0
package/dist/src/commands/build.js +1096 -0
package/dist/src/commands/edit.d.ts +3 -0
package/dist/src/commands/edit.d.ts.map +1 -0
package/dist/src/commands/edit.js +651 -0
package/dist/src/commands/file-secret-collector.d.ts +37 -0
package/dist/src/commands/file-secret-collector.d.ts.map +1 -0
package/dist/src/commands/file-secret-collector.js +199 -0
package/dist/src/commands/github-workflow.d.ts +5 -0
package/dist/src/commands/github-workflow.d.ts.map +1 -0
package/dist/src/commands/github-workflow.js +45 -0
package/dist/src/commands/ios-scanner.d.ts +27 -0
package/dist/src/commands/ios-scanner.d.ts.map +1 -0
package/dist/src/commands/ios-scanner.js +337 -0
package/dist/src/commands/reset.d.ts +7 -0
package/dist/src/commands/reset.d.ts.map +1 -0
package/dist/src/commands/reset.js +81 -0
package/dist/src/commands/secrets-sync-workflow.d.ts +15 -0
package/dist/src/commands/secrets-sync-workflow.d.ts.map +1 -0
package/dist/src/commands/secrets-sync-workflow.js +255 -0
package/dist/src/commands/secrets-upload.d.ts +21 -0
package/dist/src/commands/secrets-upload.d.ts.map +1 -0
package/dist/src/commands/secrets-upload.js +177 -0
package/dist/src/commands/secrets-upload.test.d.ts +5 -0
package/dist/src/commands/secrets-upload.test.d.ts.map +1 -0
package/dist/src/commands/secrets-upload.test.js +60 -0
package/dist/src/config.d.ts +3 -0
package/dist/src/config.d.ts.map +1 -0
package/dist/src/config.js +47 -0
package/dist/src/envman/cli.d.ts +21 -0
package/dist/src/envman/cli.d.ts.map +1 -0
package/dist/src/envman/cli.js +240 -0
package/dist/src/envman/envman.d.ts +83 -0
package/dist/src/envman/envman.d.ts.map +1 -0
package/dist/src/envman/envman.js +361 -0
package/dist/src/envman/envman.test.d.ts +5 -0
package/dist/src/envman/envman.test.d.ts.map +1 -0
package/dist/src/envman/envman.test.js +236 -0
package/dist/src/envman/index.d.ts +23 -0
package/dist/src/envman/index.d.ts.map +1 -0
package/dist/src/envman/index.js +23 -0
package/dist/src/envman/types.d.ts +55 -0
package/dist/src/envman/types.d.ts.map +1 -0
package/dist/src/envman/types.js +12 -0
package/dist/src/lib.d.ts +27 -0
package/dist/src/lib.d.ts.map +1 -0
package/dist/src/lib.js +32 -0
package/dist/src/pipeline.d.ts +3 -0
package/dist/src/pipeline.d.ts.map +1 -0
package/dist/src/pipeline.js +57 -0
package/dist/src/runner.d.ts +17 -0
package/dist/src/runner.d.ts.map +1 -0
package/dist/src/runner.js +234 -0
package/dist/src/types.d.ts +58 -0
package/dist/src/types.d.ts.map +1 -0
package/dist/src/types.js +2 -0
package/dist/src/yaml/bitrise-compat.d.ts +65 -0
package/dist/src/yaml/bitrise-compat.d.ts.map +1 -0
package/dist/src/yaml/bitrise-compat.js +206 -0
package/dist/src/yaml/bitrise-compat.test.d.ts +5 -0
package/dist/src/yaml/bitrise-compat.test.d.ts.map +1 -0
package/dist/src/yaml/bitrise-compat.test.js +347 -0
package/dist/src/yaml/converter.d.ts +33 -0
package/dist/src/yaml/converter.d.ts.map +1 -0
package/dist/src/yaml/converter.js +222 -0
package/dist/src/yaml/converter.test.d.ts +5 -0
package/dist/src/yaml/converter.test.d.ts.map +1 -0
package/dist/src/yaml/converter.test.js +348 -0
package/dist/src/yaml/e2e.test.d.ts +6 -0
package/dist/src/yaml/e2e.test.d.ts.map +1 -0
package/dist/src/yaml/e2e.test.js +446 -0
package/dist/src/yaml/env-resolver.d.ts +120 -0
package/dist/src/yaml/env-resolver.d.ts.map +1 -0
package/dist/src/yaml/env-resolver.js +405 -0
package/dist/src/yaml/env-resolver.test.d.ts +5 -0
package/dist/src/yaml/env-resolver.test.d.ts.map +1 -0
package/dist/src/yaml/env-resolver.test.js +502 -0
package/dist/src/yaml/interactive-prompts.d.ts +71 -0
package/dist/src/yaml/interactive-prompts.d.ts.map +1 -0
package/dist/src/yaml/interactive-prompts.js +258 -0
package/dist/src/yaml/missing-env-handler.d.ts +45 -0
package/dist/src/yaml/missing-env-handler.d.ts.map +1 -0
package/dist/src/yaml/missing-env-handler.js +64 -0
package/dist/src/yaml/parser.d.ts +33 -0
package/dist/src/yaml/parser.d.ts.map +1 -0
package/dist/src/yaml/parser.js +145 -0
package/dist/src/yaml/pipeline-with-secrets.d.ts +25 -0
package/dist/src/yaml/pipeline-with-secrets.d.ts.map +1 -0
package/dist/src/yaml/pipeline-with-secrets.js +76 -0
package/dist/src/yaml/platform-detector.d.ts +83 -0
package/dist/src/yaml/platform-detector.d.ts.map +1 -0
package/dist/src/yaml/platform-detector.js +188 -0
package/dist/src/yaml/platform-detector.test.d.ts +5 -0
package/dist/src/yaml/platform-detector.test.d.ts.map +1 -0
package/dist/src/yaml/platform-detector.test.js +414 -0
package/dist/src/yaml/preflight-validation.d.ts +40 -0
package/dist/src/yaml/preflight-validation.d.ts.map +1 -0
package/dist/src/yaml/preflight-validation.js +152 -0
package/dist/src/yaml/secrets-manager.d.ts +77 -0
package/dist/src/yaml/secrets-manager.d.ts.map +1 -0
package/dist/src/yaml/secrets-manager.js +219 -0
package/dist/src/yaml/step-validator.d.ts +54 -0
package/dist/src/yaml/step-validator.d.ts.map +1 -0
package/dist/src/yaml/step-validator.js +403 -0
package/dist/src/yaml/steps/android-sign.d.ts +35 -0
package/dist/src/yaml/steps/android-sign.d.ts.map +1 -0
package/dist/src/yaml/steps/android-sign.js +147 -0
package/dist/src/yaml/steps/android-version.d.ts +26 -0
package/dist/src/yaml/steps/android-version.d.ts.map +1 -0
package/dist/src/yaml/steps/android-version.js +128 -0
package/dist/src/yaml/steps/android-version.test.d.ts +5 -0
package/dist/src/yaml/steps/android-version.test.d.ts.map +1 -0
package/dist/src/yaml/steps/android-version.test.js +196 -0
package/dist/src/yaml/steps/android.d.ts +95 -0
package/dist/src/yaml/steps/android.d.ts.map +1 -0
package/dist/src/yaml/steps/android.js +916 -0
package/dist/src/yaml/steps/app-store-deploy.d.ts +48 -0
package/dist/src/yaml/steps/app-store-deploy.d.ts.map +1 -0
package/dist/src/yaml/steps/app-store-deploy.js +162 -0
package/dist/src/yaml/steps/base.d.ts +238 -0
package/dist/src/yaml/steps/base.d.ts.map +1 -0
package/dist/src/yaml/steps/base.js +345 -0
package/dist/src/yaml/steps/bitrise-android-tools.d.ts +26 -0
package/dist/src/yaml/steps/bitrise-android-tools.d.ts.map +1 -0
package/dist/src/yaml/steps/bitrise-android-tools.js +198 -0
package/dist/src/yaml/steps/bitrise-android-tools.test.d.ts +5 -0
package/dist/src/yaml/steps/bitrise-android-tools.test.d.ts.map +1 -0
package/dist/src/yaml/steps/bitrise-android-tools.test.js +280 -0
package/dist/src/yaml/steps/bitrise-apk-info.d.ts +22 -0
package/dist/src/yaml/steps/bitrise-apk-info.d.ts.map +1 -0
package/dist/src/yaml/steps/bitrise-apk-info.js +144 -0
package/dist/src/yaml/steps/bitrise-apk-info.test.d.ts +5 -0
package/dist/src/yaml/steps/bitrise-apk-info.test.d.ts.map +1 -0
package/dist/src/yaml/steps/bitrise-apk-info.test.js +331 -0
package/dist/src/yaml/steps/bitrise-slack.d.ts +49 -0
package/dist/src/yaml/steps/bitrise-slack.d.ts.map +1 -0
package/dist/src/yaml/steps/bitrise-slack.js +280 -0
package/dist/src/yaml/steps/bitrise-slack.test.d.ts +5 -0
package/dist/src/yaml/steps/bitrise-slack.test.d.ts.map +1 -0
package/dist/src/yaml/steps/bitrise-slack.test.js +484 -0
package/dist/src/yaml/steps/bitrise-ssh.d.ts +27 -0
package/dist/src/yaml/steps/bitrise-ssh.d.ts.map +1 -0
package/dist/src/yaml/steps/bitrise-ssh.js +134 -0
package/dist/src/yaml/steps/bitrise-ssh.test.d.ts +5 -0
package/dist/src/yaml/steps/bitrise-ssh.test.d.ts.map +1 -0
package/dist/src/yaml/steps/bitrise-ssh.test.js +205 -0
package/dist/src/yaml/steps/cache.d.ts +52 -0
package/dist/src/yaml/steps/cache.d.ts.map +1 -0
package/dist/src/yaml/steps/cache.js +352 -0
package/dist/src/yaml/steps/fastlane.d.ts +27 -0
package/dist/src/yaml/steps/fastlane.d.ts.map +1 -0
package/dist/src/yaml/steps/fastlane.js +79 -0
package/dist/src/yaml/steps/file.d.ts +27 -0
package/dist/src/yaml/steps/file.d.ts.map +1 -0
package/dist/src/yaml/steps/file.js +35 -0
package/dist/src/yaml/steps/flutter.d.ts +63 -0
package/dist/src/yaml/steps/flutter.d.ts.map +1 -0
package/dist/src/yaml/steps/flutter.js +215 -0
package/dist/src/yaml/steps/git-clone.d.ts +26 -0
package/dist/src/yaml/steps/git-clone.d.ts.map +1 -0
package/dist/src/yaml/steps/git-clone.js +111 -0
package/dist/src/yaml/steps/google-play-deploy.d.ts +37 -0
package/dist/src/yaml/steps/google-play-deploy.d.ts.map +1 -0
package/dist/src/yaml/steps/google-play-deploy.js +193 -0
package/dist/src/yaml/steps/google-play-deploy.test.d.ts +5 -0
package/dist/src/yaml/steps/google-play-deploy.test.d.ts.map +1 -0
package/dist/src/yaml/steps/google-play-deploy.test.js +310 -0
package/dist/src/yaml/steps/index.d.ts +10 -0
package/dist/src/yaml/steps/index.d.ts.map +1 -0
package/dist/src/yaml/steps/index.js +1361 -0
package/dist/src/yaml/steps/ios-deps.d.ts +43 -0
package/dist/src/yaml/steps/ios-deps.d.ts.map +1 -0
package/dist/src/yaml/steps/ios-deps.js +141 -0
package/dist/src/yaml/steps/ios-deps.test.d.ts +5 -0
package/dist/src/yaml/steps/ios-deps.test.d.ts.map +1 -0
package/dist/src/yaml/steps/ios-deps.test.js +90 -0
package/dist/src/yaml/steps/ios-signing.d.ts +31 -0
package/dist/src/yaml/steps/ios-signing.d.ts.map +1 -0
package/dist/src/yaml/steps/ios-signing.js +144 -0
package/dist/src/yaml/steps/ios-version.d.ts +47 -0
package/dist/src/yaml/steps/ios-version.d.ts.map +1 -0
package/dist/src/yaml/steps/ios-version.js +151 -0
package/dist/src/yaml/steps/linting.d.ts +47 -0
package/dist/src/yaml/steps/linting.d.ts.map +1 -0
package/dist/src/yaml/steps/linting.js +148 -0
package/dist/src/yaml/steps/phase2.test.d.ts +6 -0
package/dist/src/yaml/steps/phase2.test.d.ts.map +1 -0
package/dist/src/yaml/steps/phase2.test.js +197 -0
package/dist/src/yaml/steps/phase3.test.d.ts +5 -0
package/dist/src/yaml/steps/phase3.test.d.ts.map +1 -0
package/dist/src/yaml/steps/phase3.test.js +144 -0
package/dist/src/yaml/steps/phase4.test.d.ts +5 -0
package/dist/src/yaml/steps/phase4.test.d.ts.map +1 -0
package/dist/src/yaml/steps/phase4.test.js +166 -0
package/dist/src/yaml/steps/phase5.test.d.ts +6 -0
package/dist/src/yaml/steps/phase5.test.d.ts.map +1 -0
package/dist/src/yaml/steps/phase5.test.js +263 -0
package/dist/src/yaml/steps/registry.d.ts +88 -0
package/dist/src/yaml/steps/registry.d.ts.map +1 -0
package/dist/src/yaml/steps/registry.js +125 -0
package/dist/src/yaml/steps/registry.test.d.ts +5 -0
package/dist/src/yaml/steps/registry.test.d.ts.map +1 -0
package/dist/src/yaml/steps/registry.test.js +235 -0
package/dist/src/yaml/steps/release.d.ts +50 -0
package/dist/src/yaml/steps/release.d.ts.map +1 -0
package/dist/src/yaml/steps/release.js +154 -0
package/dist/src/yaml/steps/script.d.ts +23 -0
package/dist/src/yaml/steps/script.d.ts.map +1 -0
package/dist/src/yaml/steps/script.js +63 -0
package/dist/src/yaml/steps/spec-validation.test.d.ts +6 -0
package/dist/src/yaml/steps/spec-validation.test.d.ts.map +1 -0
package/dist/src/yaml/steps/spec-validation.test.js +130 -0
package/dist/src/yaml/steps/steps.test.d.ts +6 -0
package/dist/src/yaml/steps/steps.test.d.ts.map +1 -0
package/dist/src/yaml/steps/steps.test.js +505 -0
package/dist/src/yaml/steps/test-config.d.ts +3 -0
package/dist/src/yaml/steps/test-config.d.ts.map +1 -0
package/dist/src/yaml/steps/test-config.js +17 -0
package/dist/src/yaml/steps/xcode-new.test.d.ts +5 -0
package/dist/src/yaml/steps/xcode-new.test.d.ts.map +1 -0
package/dist/src/yaml/steps/xcode-new.test.js +211 -0
package/dist/src/yaml/steps/xcode.d.ts +222 -0
package/dist/src/yaml/steps/xcode.d.ts.map +1 -0
package/dist/src/yaml/steps/xcode.js +999 -0
package/dist/src/yaml/types.d.ts +68 -0
package/dist/src/yaml/types.d.ts.map +1 -0
package/dist/src/yaml/types.js +5 -0
package/dist/src/yaml/validation-types.d.ts +96 -0
package/dist/src/yaml/validation-types.d.ts.map +1 -0
package/dist/src/yaml/validation-types.js +8 -0
package/dist/src/yaml/yaml-updater.d.ts +24 -0
package/dist/src/yaml/yaml-updater.d.ts.map +1 -0
package/dist/src/yaml/yaml-updater.js +128 -0
package/package.json +16 -4

package/dist/src/yaml/env-resolver.js ADDED Viewed

@@ -0,0 +1,405 @@
+/**
+ * Environment variable resolution and interpolation
+ * Merges global and workflow-level environment variables
+ * Supports variable interpolation in multiple formats
+ */
+import * as crypto from 'crypto';
+import * as fs from 'fs';
+import * as path from 'path';
+import { execSync } from 'child_process';
+import { SecretsManager } from './secrets-manager.js';
+/**
+ * Hints for common variables that require user configuration
+ */
+const CIBUILD_VARIABLE_HINTS = {
+    CIBUILD_PUBLIC_INSTALL_PAGE_URL: 'Public URL where users can download/install the built app.\n\n' +
+        'Purpose:\n' +
+        '  • Used in Slack notifications and other build artifacts\n' +
+        '  • Provides a download link for QA, stakeholders, or beta testers\n' +
+        '  • Commonly points to artifact hosting (Firebase App Distribution, TestFlight, etc.)\n\n' +
+        'Expected format:\n' +
+        '  ┌────────────────────────────────────────────────────────┐\n' +
+        '  │ https://example.com/downloads/myapp-v1.0.0.apk         │\n' +
+        '  │ https://appdistribution.firebase.dev/i/abc123          │\n' +
+        '  │ https://testflight.apple.com/join/xyz456               │\n' +
+        '  └────────────────────────────────────────────────────────┘\n\n' +
+        'How to set:\n' +
+        '  • Add to your YAML under app.envs or workflows.[name].envs:\n' +
+        '    envs:\n' +
+        '      - CIBUILD_PUBLIC_INSTALL_PAGE_URL: "https://your-url-here"\n' +
+        '  • Or set dynamically in a previous step that uploads the build\n' +
+        '  • Or leave it as a placeholder if not using artifact distribution',
+    CIBUILD_PUBLIC_INSTALL_PAGE_QR_CODE_IMAGE_URL: 'URL to a QR code image for easy mobile download/install.\n\n' +
+        'Purpose:\n' +
+        '  • Used in Slack notifications for quick mobile access\n' +
+        '  • QR code typically points to CIBUILD_PUBLIC_INSTALL_PAGE_URL\n\n' +
+        'Expected format:\n' +
+        '  ┌────────────────────────────────────────────────────────┐\n' +
+        '  │ https://example.com/qr-codes/myapp-v1.0.0.png          │\n' +
+        '  │ https://api.qrserver.com/v1/create-qr-code/?data=...   │\n' +
+        '  └────────────────────────────────────────────────────────┘\n\n' +
+        'How to set:\n' +
+        '  • Add to your YAML under app.envs or workflows.[name].envs\n' +
+        '  • Or generate dynamically in a previous step\n' +
+        '  • Or use a QR code generation service with the install URL',
+    CIBUILD_PULL_REQUEST: 'Pull request number or ID for PR builds.\n\n' +
+        'Expected format:\n' +
+        '  ┌────────────────────────────────────────────────────────┐\n' +
+        '  │ 123                                                     │\n' +
+        '  │ pr-456                                                  │\n' +
+        '  └────────────────────────────────────────────────────────┘\n\n' +
+        'How to set:\n' +
+        '  • Typically provided by CI system for PR builds\n' +
+        '  • Or set manually: export CIBUILD_PULL_REQUEST="123"',
+    CIBUILD_GIT_TAG: 'Git tag name for tag-triggered builds.\n\n' +
+        'Expected format:\n' +
+        '  ┌────────────────────────────────────────────────────────┐\n' +
+        '  │ v1.0.0                                                  │\n' +
+        '  │ release-2024-01-15                                      │\n' +
+        '  └────────────────────────────────────────────────────────┘\n\n' +
+        'How to set:\n' +
+        '  • Typically provided by CI system for tag builds\n' +
+        '  • Or set manually: export CIBUILD_GIT_TAG="v1.0.0"',
+};
+export class MissingEnvironmentVariableError extends Error {
+    variableName;
+    stepName;
+    hint;
+    constructor(variableName, stepName, hint) {
+        const stepInfo = stepName ? ` required by step: '${stepName}'` : '';
+        const hintInfo = hint ? `\n\n${hint}` : '';
+        super(`Missing environment variable: '${variableName}'${stepInfo}\n` +
+            `Check your YAML file's 'app.envs' or 'workflows.[name].envs' sections.${hintInfo}`);
+        this.variableName = variableName;
+        this.stepName = stepName;
+        this.hint = hint;
+        this.name = 'MissingEnvironmentVariableError';
+    }
+}
+/**
+ * EnvResolver handles environment variable merging and interpolation
+ */
+export class EnvResolver {
+    envVars;
+    referencedVars = new Set();
+    secretsManager;
+    constructor(pipeline, workflow, workflowName, platform, stack, yamlFilePath) {
+        this.envVars = new Map();
+        this.secretsManager = new SecretsManager();
+        // Step 1: Add built-in environment variables (auto-detected defaults)
+        this.addBuiltInVars(workflowName, platform, stack, yamlFilePath);
+        // Step 2: Load secrets — overrides auto-detected built-ins with user-stored values
+        // Workflow-specific secrets take precedence over global secrets
+        const allSecrets = this.secretsManager.getAll(workflowName);
+        for (const [key, value] of Object.entries(allSecrets)) {
+            this.envVars.set(key, value);
+        }
+        // Step 3: Add global environment variables (app.envs) — overrides secrets
+        if (pipeline.app?.envs) {
+            this.mergeEnvVars(pipeline.app.envs);
+        }
+        // Step 4: Add workflow-level environment variables — highest priority, overrides everything
+        if (workflow.envs) {
+            this.mergeEnvVars(workflow.envs);
+        }
+    }
+    /**
+     * Gets the value of an environment variable
+     * @param name Variable name
+     * @returns Variable value or undefined if not found
+     */
+    get(name) {
+        this.referencedVars.add(name);
+        return this.envVars.get(name);
+    }
+    /**
+     * Checks if an environment variable is defined
+     * @param name Variable name
+     * @returns True if variable exists
+     */
+    has(name) {
+        return this.envVars.has(name);
+    }
+    /**
+     * Registers a variable as a step output passthrough.
+     * When this variable appears in a later step's inputs it will be kept as
+     * the literal shell reference "$NAME" so the shell resolves it at runtime.
+     */
+    registerStepOutput(name) {
+        if (!this.envVars.has(name)) {
+            this.envVars.set(name, `$${name}`);
+        }
+    }
+    /**
+     * Gets all environment variables as a plain object
+     * @returns Object with all environment variables
+     */
+    getAll() {
+        const result = {};
+        for (const [key, value] of this.envVars.entries()) {
+            result[key] = value;
+        }
+        return result;
+    }
+    /**
+     * Interpolates environment variables in a string
+     * Supports four formats:
+     * - $VAR
+     * - ${VAR}
+     * - {{getenv "VAR"}}
+     * - {{checksum "path/to/file"}}
+     *
+     * @param str String to interpolate
+     * @param stepName Optional step name for error messages
+     * @returns Interpolated string
+     * @throws MissingEnvironmentVariableError if referenced variable not found
+     */
+    interpolate(str, stepName) {
+        let result = str;
+        // Format 1: {{checksum "file"}}
+        result = result.replace(/\{\{checksum "([^"]+)"\}\}/g, (match, filePath) => {
+            return this.computeChecksum(filePath);
+        });
+        // Format 2: {{getenv "VAR"}}
+        result = result.replace(/\{\{getenv "([^"]+)"\}\}/g, (match, varName) => {
+            return this.resolveVar(varName, stepName);
+        });
+        // Format 3: ${VAR}
+        result = result.replace(/\$\{([A-Z_][A-Z0-9_]*)\}/g, (match, varName) => {
+            return this.resolveVar(varName, stepName);
+        });
+        // Format 4: $VAR (must not be followed by alphanumeric or underscore)
+        result = result.replace(/\$([A-Z_][A-Z0-9_]*)(?![A-Z0-9_])/g, (match, varName) => {
+            return this.resolveVar(varName, stepName);
+        });
+        return result;
+    }
+    /**
+     * Interpolates environment variables in an object recursively
+     * @param obj Object to interpolate
+     * @param stepName Optional step name for error messages
+     * @returns Interpolated object
+     */
+    interpolateObject(obj, stepName) {
+        if (typeof obj === 'string') {
+            return this.interpolate(obj, stepName);
+        }
+        if (Array.isArray(obj)) {
+            return obj.map((item) => this.interpolateObject(item, stepName));
+        }
+        if (obj && typeof obj === 'object') {
+            const result = {};
+            for (const [key, value] of Object.entries(obj)) {
+                result[key] = this.interpolateObject(value, stepName);
+            }
+            return result;
+        }
+        return obj;
+    }
+    /**
+     * Validates that all referenced variables are defined
+     * @throws MissingEnvironmentVariableError if any referenced variable is missing
+     */
+    validateReferencedVars() {
+        for (const varName of this.referencedVars) {
+            if (!this.envVars.has(varName)) {
+                throw new MissingEnvironmentVariableError(varName);
+            }
+        }
+    }
+    /**
+     * Resolves a single variable reference
+     * @param varName Variable name
+     * @param stepName Optional step name for error messages
+     * @returns Variable value
+     * @throws MissingEnvironmentVariableError if variable not found
+     */
+    resolveVar(varName, stepName) {
+        this.referencedVars.add(varName);
+        const value = this.envVars.get(varName);
+        if (value === undefined) {
+            // Check if we have a hint for this variable
+            const hint = CIBUILD_VARIABLE_HINTS[varName];
+            throw new MissingEnvironmentVariableError(varName, stepName, hint);
+        }
+        return value;
+    }
+    /**
+     * Computes MD5 checksum of a file
+     * @param filePath Path to file (relative to current working directory)
+     * @returns MD5 hash of file contents
+     * @throws Error if file does not exist or cannot be read
+     */
+    computeChecksum(filePath) {
+        try {
+            // Resolve relative path to absolute path
+            const absolutePath = path.resolve(process.cwd(), filePath);
+            // Check if file exists
+            if (!fs.existsSync(absolutePath)) {
+                throw new Error(`File not found: ${filePath}`);
+            }
+            // Read file and compute MD5 hash
+            const fileBuffer = fs.readFileSync(absolutePath);
+            const hash = crypto.createHash('md5');
+            hash.update(fileBuffer);
+            return hash.digest('hex');
+        }
+        catch (error) {
+            if (error instanceof Error) {
+                throw new Error(`Failed to compute checksum for "${filePath}": ${error.message}`);
+            }
+            throw error;
+        }
+    }
+    /**
+     * Adds built-in environment variables
+     * @param workflowName Name of the current workflow
+     * @param platform Detected platform
+     * @param stack Optional stack identifier
+     */
+    addBuiltInVars(workflowName, platform, stack, yamlFilePath) {
+        // CI Build native variables (FR-9.2)
+        const buildNumber = process.env.BUILD_NUMBER || '1';
+        const buildUrl = process.env.BUILD_URL || 'https://cibuild.io/builds/1';
+        const appTitle = process.env.APP_TITLE || 'CI Build Build';
+        // Extract YAML filename (without extension) for use in naming resources like SSH keys
+        if (yamlFilePath) {
+            const yamlFilename = path.basename(yamlFilePath, path.extname(yamlFilePath));
+            this.envVars.set('CIBUILD_YAML_FILENAME', yamlFilename);
+        }
+        this.envVars.set('CIBUILD_BUILD_NUMBER', buildNumber);
+        this.envVars.set('CIBUILD_BUILD_URL', buildUrl);
+        this.envVars.set('CIBUILD_APP_TITLE', appTitle);
+        // Writable scratch path on local APFS disk. The sandbox runner sets this
+        // in the guest shell; outside a sandbox we fall back to TMPDIR so
+        // pipelines that reference $CIBUILD_SCRATCH still interpolate to
+        // something writable.
+        this.envVars.set('CIBUILD_SCRATCH', process.env.CIBUILD_SCRATCH || process.env.TMPDIR || '/tmp');
+        // Auto-detect git metadata from local repo
+        const git = (cmd, fallback) => {
+            try {
+                return execSync(`git ${cmd}`, { encoding: 'utf8', stdio: ['pipe', 'pipe', 'pipe'] }).trim() || fallback;
+            }
+            catch {
+                return fallback;
+            }
+        };
+        // Common built-in variables
+        const gitBranch = process.env.GIT_BRANCH || git('rev-parse --abbrev-ref HEAD', 'main');
+        const gitCommit = git('rev-parse HEAD', process.env.GIT_COMMIT || 'HEAD');
+        const gitRepoUrl = process.env.CIBUILD_GIT_REPOSITORY_URL || process.env.GIT_REPOSITORY_URL || git('remote get-url origin', '');
+        // Source directory
+        this.envVars.set('CIBUILD_SOURCE_DIR', process.cwd());
+        // Git variables
+        this.envVars.set('CIBUILD_GIT_BRANCH', gitBranch);
+        this.envVars.set('CIBUILD_GIT_COMMIT', gitCommit);
+        this.envVars.set('CIBUILD_GIT_REPOSITORY_URL', gitRepoUrl);
+        this.envVars.set('CIBUILD_TRIGGERED_WORKFLOW_ID', workflowName);
+        // Git metadata (auto-detected from local repo)
+        this.envVars.set('GIT_CLONE_COMMIT_HASH', gitCommit);
+        this.envVars.set('GIT_CLONE_COMMIT_AUTHOR_NAME', git('log -1 --format=%an', process.env.GIT_AUTHOR_NAME || ''));
+        this.envVars.set('GIT_CLONE_COMMIT_AUTHOR_EMAIL', git('log -1 --format=%ae', process.env.GIT_AUTHOR_EMAIL || ''));
+        this.envVars.set('GIT_CLONE_COMMIT_COMMITER_NAME', git('log -1 --format=%cn', process.env.GIT_COMMITTER_NAME || ''));
+        this.envVars.set('GIT_CLONE_COMMIT_COMMITER_EMAIL', git('log -1 --format=%ce', process.env.GIT_COMMITTER_EMAIL || ''));
+        this.envVars.set('GIT_CLONE_COMMIT_MESSAGE_SUBJECT', git('log -1 --format=%s', process.env.GIT_COMMIT_MESSAGE || ''));
+        this.envVars.set('GIT_CLONE_COMMIT_MESSAGE_BODY', git('log -1 --format=%b', ''));
+        // Platform-specific built-in variables
+        if (stack) {
+            this.envVars.set('CIBUILD_STACK', stack);
+        }
+        if (platform === 'macos') {
+            // Extract Xcode version from stack if available
+            if (stack) {
+                const xcodeMatch = stack.match(/xcode-(\d+\.\d+)/);
+                if (xcodeMatch) {
+                    this.envVars.set('CIBUILD_XCODE_VERSION', xcodeMatch[1]);
+                }
+            }
+            // Default Xcode scheme (can be overridden by user)
+            if (!this.envVars.has('CIBUILD_SCHEME')) {
+                this.envVars.set('CIBUILD_SCHEME', process.env.XCODE_SCHEME || 'Release');
+            }
+        }
+        if (platform === 'linux') {
+            // JAVA_HOME (can be overridden by user)
+            this.envVars.set('JAVA_HOME', process.env.JAVA_HOME || '/usr/lib/jvm/java-17-openjdk');
+            this.envVars.set('CIBUILD_GRADLE_VERSION', process.env.GRADLE_VERSION || '8.0');
+        }
+    }
+    /**
+     * Merges environment variables from YAML array format
+     * @param envArray Array of environment variable objects
+     */
+    mergeEnvVars(envArray) {
+        for (const envObj of envArray) {
+            for (const [key, value] of Object.entries(envObj)) {
+                // First resolve any secret references
+                const secretResolved = this.resolveSecretReference(value);
+                // Then interpolate in case it references other env vars
+                const interpolated = this.interpolateEnvValue(secretResolved);
+                // Don't overwrite a non-empty value (e.g. a loaded secret) with an empty
+                // YAML placeholder string — secrets are loaded before YAML envs and should
+                // survive empty placeholder declarations like `KEYSTORE_BASE64: ""`
+                if (interpolated === '' && this.envVars.get(key)) {
+                    continue;
+                }
+                this.envVars.set(key, interpolated);
+            }
+        }
+    }
+    /**
+     * Resolves $SECRET{secret_id} references to actual secret values
+     * @param value Value that may contain a secret reference
+     * @returns Resolved value with secret content, or empty string if secret not found
+     */
+    resolveSecretReference(value) {
+        // Convert non-strings to strings first
+        if (typeof value !== 'string') {
+            return String(value);
+        }
+        // Check for $SECRET{secret_id} pattern
+        const secretMatch = value.match(/^\$SECRET\{([^}]+)\}$/);
+        if (!secretMatch) {
+            return value;
+        }
+        const secretId = secretMatch[1];
+        const secretValue = this.secretsManager.getSecret(secretId);
+        if (!secretValue) {
+            // Return empty string silently — the validation step will report this
+            return '';
+        }
+        return secretValue;
+    }
+    /**
+     * Interpolates environment variable value during initial setup
+     * This allows env vars to reference other env vars
+     * @param value Raw value
+     * @returns Interpolated value or original if interpolation fails
+     */
+    interpolateEnvValue(value) {
+        try {
+            return this.interpolate(value);
+        }
+        catch (err) {
+            // If interpolation fails during setup, return the raw value
+            // It will be interpolated later when all vars are available
+            return value;
+        }
+    }
+}
+/**
+ * Helper function to create an EnvResolver for a workflow
+ * @param pipeline Parsed YAML pipeline
+ * @param workflowName Name of the workflow
+ * @param platform Detected platform
+ * @param stack Optional stack identifier
+ * @returns EnvResolver instance
+ */
+export function createEnvResolver(pipeline, workflowName, platform, stack) {
+    const workflow = pipeline.workflows[workflowName];
+    if (!workflow) {
+        throw new Error(`Workflow '${workflowName}' not found`);
+    }
+    return new EnvResolver(pipeline, workflow, workflowName, platform, stack);
+}
+//# sourceMappingURL=env-resolver.js.map

package/dist/src/yaml/env-resolver.test.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+/**
+ * Unit tests for environment variable resolution
+ */
+export {};
+//# sourceMappingURL=env-resolver.test.d.ts.map

package/dist/src/yaml/env-resolver.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"env-resolver.test.d.ts","sourceRoot":"","sources":["../../../src/yaml/env-resolver.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}