@keywaysh/cli 0.1.10 → 0.1.12

package/dist/cli.js

@@ -101,7 +101,7 @@ var INTERNAL_POSTHOG_HOST = "https://eu.i.posthog.com";
 // package.json
 var package_default = {
   name: "@keywaysh/cli",
-  version: "0.1.10",
+  version: "0.1.12",
   description: "One link to all your secrets",
   type: "module",
   bin: {
@@ -409,9 +409,10 @@ async function deleteConnection(accessToken, connectionId) {
   });
   await handleResponse(response);
 }
-function getProviderAuthUrl(provider, redirectUri) {
-  const params = redirectUri ? `?redirect_uri=${encodeURIComponent(redirectUri)}` : "";
-  return `${API_BASE_URL}/v1/integrations/${provider}/authorize${params}`;
+function getProviderAuthUrl(provider, accessToken, redirectUri) {
+  const params = new URLSearchParams({ token: accessToken });
+  if (redirectUri) params.set("redirect_uri", redirectUri);
+  return `${API_BASE_URL}/v1/integrations/${provider}/authorize?${params}`;
 }
 async function getConnectionProjects(accessToken, connectionId) {
   const response = await fetchWithTimeout(`${API_BASE_URL}/v1/integrations/connections/${connectionId}/projects`, {
@@ -1312,23 +1313,20 @@ async function ensureLoginAndGitHubApp(repoFullName, options = {}) {
   if (!allowPrompt || !isInteractive()) {
     throw new Error('No Keyway session found. Run "keyway login" to authenticate.');
   }
-  console.log("");
-  console.log(pc6.gray("  Keyway uses a GitHub App for secure access."));
-  console.log(pc6.gray("  Installing the app will also log you in."));
+  const deviceStart = await startDeviceLogin(repoFullName);
+  const installUrl = deviceStart.githubAppInstallUrl || "https://github.com/apps/keyway/installations/new";
   console.log("");
   const { shouldProceed } = await prompts4({
     type: "confirm",
     name: "shouldProceed",
-    message: "Open browser to install Keyway & sign in?",
+    message: "Open browser to sign in?",
     initial: true
   });
   if (!shouldProceed) {
     throw new Error('Setup required. Run "keyway init" when ready.');
   }
-  const deviceStart = await startDeviceLogin(repoFullName);
-  const installUrl = deviceStart.githubAppInstallUrl || "https://github.com/apps/keyway/installations/new";
-  await openUrl(installUrl);
-  console.log(pc6.blue("\u23F3 Waiting for installation & authorization..."));
+  await openUrl(deviceStart.verificationUriComplete);
+  console.log(pc6.blue("\u23F3 Waiting for authorization..."));
   console.log(pc6.gray("   (Press Ctrl+C to cancel)\n"));
   const pollIntervalMs = Math.max((deviceStart.interval ?? 5) * 1e3, POLL_INTERVAL_MS);
   const startTime = Date.now();
@@ -1337,30 +1335,73 @@ async function ensureLoginAndGitHubApp(repoFullName, options = {}) {
   while (Date.now() - startTime < POLL_TIMEOUT_MS) {
     await sleep(pollIntervalMs);
     try {
-      if (!accessToken) {
-        const result = await pollDeviceLogin(deviceStart.deviceCode);
-        if (result.status === "approved" && result.keywayToken) {
-          accessToken = result.keywayToken;
-          await saveAuthToken(result.keywayToken, {
-            githubLogin: result.githubLogin,
-            expiresAt: result.expiresAt
+      const result = await pollDeviceLogin(deviceStart.deviceCode);
+      if (result.status === "approved" && result.keywayToken) {
+        accessToken = result.keywayToken;
+        await saveAuthToken(result.keywayToken, {
+          githubLogin: result.githubLogin,
+          expiresAt: result.expiresAt
+        });
+        console.log(pc6.green("\u2713 Signed in!"));
+        if (result.githubLogin) {
+          identifyUser(result.githubLogin, {
+            github_username: result.githubLogin,
+            login_method: "device_flow"
           });
-          console.log(pc6.green("\u2713 Signed in!"));
-          if (result.githubLogin) {
-            identifyUser(result.githubLogin, {
-              github_username: result.githubLogin,
-              login_method: "github_app"
-            });
-          }
         }
+        break;
       }
-      if (accessToken) {
-        const installStatus = await checkGitHubAppInstallation(repoOwner, repoName, accessToken);
-        if (installStatus.installed) {
-          console.log(pc6.green("\u2713 GitHub App installed!"));
-          console.log("");
-          return accessToken;
-        }
+      consecutiveErrors = 0;
+      process.stdout.write(pc6.gray("."));
+    } catch (error) {
+      consecutiveErrors++;
+      if (consecutiveErrors >= MAX_CONSECUTIVE_ERRORS) {
+        const errorMsg = error instanceof Error ? error.message : "Unknown error";
+        throw new Error(`Login failed after ${MAX_CONSECUTIVE_ERRORS} consecutive errors: ${errorMsg}`);
+      }
+    }
+  }
+  if (!accessToken) {
+    console.log("");
+    console.log(pc6.yellow("\u26A0 Timed out waiting for sign in."));
+    throw new Error("Sign in timed out. Please try again.");
+  }
+  const installStatus = await checkGitHubAppInstallation(repoOwner, repoName, accessToken);
+  if (installStatus.installed) {
+    console.log(pc6.green("\u2713 GitHub App installed"));
+    console.log("");
+    return accessToken;
+  }
+  console.log("");
+  console.log(pc6.yellow("\u26A0 GitHub App not installed on this repository"));
+  console.log(pc6.gray("  The Keyway GitHub App is required for secure access."));
+  console.log("");
+  const { shouldInstall } = await prompts4({
+    type: "confirm",
+    name: "shouldInstall",
+    message: "Open browser to install GitHub App?",
+    initial: true
+  });
+  if (!shouldInstall) {
+    console.log(pc6.gray(`
+  Install later: ${installUrl}`));
+    throw new Error("GitHub App installation required.");
+  }
+  await openUrl(installUrl);
+  console.log(pc6.blue("\u23F3 Waiting for GitHub App installation..."));
+  console.log(pc6.gray('   Add this repository and click "Install"'));
+  console.log(pc6.gray("   Then return here - the CLI will detect it automatically"));
+  console.log(pc6.gray("   (Press Ctrl+C to cancel)\n"));
+  const installStartTime = Date.now();
+  consecutiveErrors = 0;
+  while (Date.now() - installStartTime < POLL_TIMEOUT_MS) {
+    await sleep(POLL_INTERVAL_MS);
+    try {
+      const pollStatus = await checkGitHubAppInstallation(repoOwner, repoName, accessToken);
+      if (pollStatus.installed) {
+        console.log(pc6.green("\u2713 GitHub App installed!"));
+        console.log("");
+        return accessToken;
       }
       consecutiveErrors = 0;
       process.stdout.write(pc6.gray("."));
@@ -1368,14 +1409,14 @@ async function ensureLoginAndGitHubApp(repoFullName, options = {}) {
       consecutiveErrors++;
       if (consecutiveErrors >= MAX_CONSECUTIVE_ERRORS) {
         const errorMsg = error instanceof Error ? error.message : "Unknown error";
-        throw new Error(`Setup failed after ${MAX_CONSECUTIVE_ERRORS} consecutive errors: ${errorMsg}`);
+        throw new Error(`Installation check failed after ${MAX_CONSECUTIVE_ERRORS} consecutive errors: ${errorMsg}`);
       }
     }
   }
   console.log("");
-  console.log(pc6.yellow("\u26A0 Timed out waiting for setup."));
+  console.log(pc6.yellow("\u26A0 Timed out waiting for installation."));
   console.log(pc6.gray(`  Install the GitHub App: ${installUrl}`));
-  throw new Error("Setup timed out. Please try again.");
+  throw new Error("GitHub App installation timed out.");
 }
 async function ensureGitHubAppInstalledOnly(repoFullName, accessToken) {
   const [repoOwner, repoName] = repoFullName.split("/");
@@ -1970,7 +2011,7 @@ async function connectWithTokenFlow(accessToken, provider, displayName) {
   }
 }
 async function connectWithOAuthFlow(accessToken, provider, displayName) {
-  const authUrl = getProviderAuthUrl(provider);
+  const authUrl = getProviderAuthUrl(provider, accessToken);
   const startTime = /* @__PURE__ */ new Date();
   await openUrl(authUrl);
   console.log(pc9.gray("Waiting for authorization..."));
@@ -2136,12 +2177,24 @@ function mapToRailwayEnvironment(keywayEnv) {
   };
   return mapping[keywayEnv.toLowerCase()] || "production";
 }
+function mapToNetlifyEnvironment(keywayEnv) {
+  const mapping = {
+    production: "production",
+    staging: "branch-deploy",
+    preview: "deploy-preview",
+    dev: "dev",
+    development: "dev"
+  };
+  return mapping[keywayEnv.toLowerCase()] || "production";
+}
 function mapToProviderEnvironment(provider, keywayEnv) {
   switch (provider.toLowerCase()) {
     case "vercel":
       return mapToVercelEnvironment(keywayEnv);
     case "railway":
       return mapToRailwayEnvironment(keywayEnv);
+    case "netlify":
+      return mapToNetlifyEnvironment(keywayEnv);
     default:
       return keywayEnv;
   }
@@ -2263,6 +2316,32 @@ async function syncCommand(provider, options = {}) {
       process.exit(1);
     }
     console.log(pc10.gray(`Repository: ${repoFullName}`));
+    const vaultExists = await checkVaultExists(accessToken, repoFullName);
+    if (!vaultExists) {
+      console.log(pc10.yellow(`
+No vault found for ${repoFullName}.`));
+      const { shouldCreate } = await prompts7({
+        type: "confirm",
+        name: "shouldCreate",
+        message: "Create vault now?",
+        initial: true
+      });
+      if (!shouldCreate) {
+        console.log(pc10.gray("Cancelled. Run `keyway init` to create a vault first."));
+        process.exit(0);
+      }
+      console.log(pc10.gray("\nCreating vault..."));
+      try {
+        await initVault(repoFullName, accessToken);
+        console.log(pc10.green(`\u2713 Vault created for ${repoFullName}
+`));
+      } catch (error) {
+        const message = error instanceof Error ? error.message : "Failed to create vault";
+        console.error(pc10.red(`
+\u2717 ${message}`));
+        process.exit(1);
+      }
+    }
     let { connections } = await getConnections(accessToken);
     let connection = connections.find((c) => c.provider === provider.toLowerCase());
     if (!connection) {
@@ -2556,6 +2635,8 @@ async function executeSyncOperation(accessToken, repoFullName, connectionId, pro
   const preview = await getSyncPreview(accessToken, repoFullName, {
     connectionId,
     projectId: project.id,
+    serviceId: project.serviceId,
+    // Railway: service ID for service-specific variables
     keywayEnvironment: keywayEnv,
     providerEnvironment: providerEnv,
     direction,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@keywaysh/cli",
-  "version": "0.1.10",
+  "version": "0.1.12",
   "description": "One link to all your secrets",
   "type": "module",
   "bin": {