@kirschbaum-development/sst-laravel 0.1.6 → 0.2.7

package/README.md

@@ -38,6 +38,21 @@ To get started quickly, you can use the `init` command:
 npx sst-laravel init
 ```
 
+Running `init` now also prompts you to install the SST Laravel Initial Setup AI skill. Accepting the prompt will automatically detect whether `laravel/boost` ≥ 2.0 is available via Composer; if so, the skill is copied into `.ai/skills/sst-laravel-initial-setup/SKILL.md` and `php artisan boost:update` is executed. Otherwise, the command falls back to `npx skills add` with the bundled skill file.
+
+## AI Skill for Guided Setup
+
+Projects that rely on AI copilots (like OpenCode) can import the `skills/laravel-initial-setup/SKILL.md` file from this package. The skill walks an assistant through:
+
+- Auditing prerequisites (Node, AWS CLI, credentials, `sst-laravel` CLI)
+- Bootstrapping your repo by running `npx sst-laravel init` before any config changes
+- Choosing the right environment strategy (`RemoteEnvVault`, SST Secrets, or `.env` files)
+- Inspecting/creating VPC resources through the AWS CLI
+- Iteratively editing `sst.config.ts` until your Laravel service is deployable
+- Producing clear summaries after every step plus follow-up tasks and cautions
+
+Point your assistant at that file to get a prescriptive, secure onboarding workflow tailored for SST Laravel.
+
 ## Usage
 
 To start using, you only need to import the component in your `sst.config.ts` file:
@@ -178,6 +193,90 @@ const app = new LaravelService('MyLaravelApp', {
 
 This will automatically inject the environment variables into the `.env` file of your Laravel application. Read more about SST Secrets [here](https://sst.dev/docs/component/secret/).
 
+### AWS Secrets Manager (RemoteEnvVault)
+
+For a more robust environment variable management solution similar to Laravel Vapor, you can use the `RemoteEnvVault` component. This stores your environment variables in AWS Secrets Manager and provides CLI commands to push and pull secrets.
+
+```js
+import { RemoteEnvVault, LaravelService } from "@kirschbaum-development/sst-laravel";
+
+const env = new RemoteEnvVault("Env");
+const app = new LaravelService('MyLaravelApp', {
+  // ...
+  config: {
+    environment: {
+      secrets: env,
+    }
+  }
+});
+```
+
+The secrets are stored in AWS Secrets Manager at the path `/{app-name}/{stage}/env`.
+
+#### Large Environment Files
+
+Large environment files that exceed AWS Secrets Manager's 64KB limit are automatically handled. The CLI will:
+- Split large `.env` files into multiple chunks when pushing
+- Automatically merge all chunks when pulling or deploying
+
+This is completely transparent - you don't need to do anything special.
+
+#### Pushing Secrets
+
+To push your local `.env` file to AWS Secrets Manager:
+
+```bash
+# Push .env.production to the production stage
+npx sst-laravel env:push --stage production --input .env.production
+
+# Push .env to staging (interactive)
+npx sst-laravel env:push --stage staging
+```
+
+#### Pulling Secrets
+
+To pull secrets from AWS Secrets Manager to a local file:
+
+```bash
+# Pull from production to .env.production (default)
+npx sst-laravel env:pull --stage production
+
+# Pull from staging to a custom file
+npx sst-laravel env:pull --stage staging --output .env.local
+```
+
+#### Deploying with Secrets
+
+When using `RemoteEnvVault`, deploy using the `sst-laravel deploy` command which automatically fetches secrets before building:
+
+```bash
+npx sst-laravel deploy --stage production
+```
+
+#### Workflow Example
+
+```bash
+# 1. Initial setup - push your environment file
+npx sst-laravel env:push --stage production --input .env.production
+
+# 2. Deploy (secrets are automatically fetched)
+npx sst-laravel deploy --stage production
+
+# 3. Update secrets later
+npx sst-laravel env:pull --stage production  # Creates .env.production
+# Edit .env.production
+npx sst-laravel env:push --stage production --input .env.production
+npx sst-laravel deploy --stage production
+```
+
+You can also use a custom path for the secrets:
+
+```js
+const env = new RemoteEnvVault("Env", {
+  path: "/custom/path/env"
+});
+```
+
 ### Resources
 
 In SST, you can [link resources](https://sst.dev/docs/linking). If you link resources to your Laravel component, SST Laravel will automatically inject and configure environment variables using sensible defaults for all the linked resources.
@@ -283,7 +382,7 @@ php artisan migrate --force
 
 ## Deploying
 
-To deploy your application, you can use the `sst deploy` command. You must be authenticated with AWS in your terminal session to deploy.
+To deploy your application, you can use the `sst-laravel deploy` command. You must be authenticated with AWS in your terminal session to deploy.
 
 ```bash
 npx sst-laravel deploy --stage {stage}
@@ -291,6 +390,8 @@ npx sst-laravel deploy --stage sandbox
 npx sst-laravel deploy --stage production
 ```
 
+> **Note:** If you're using `RemoteEnvVault` for secrets management, you should use `sst-laravel deploy` instead of `sst deploy` directly. This ensures secrets are fetched from AWS Secrets Manager before the Docker build.
+
 ## Accessing Containers
 
 Using the `sst-laravel` CLI tool, you can easily connect to your running ECS containers for debugging and troubleshooting.
@@ -333,10 +434,6 @@ To send logs to AWS CloudWatch, you need to set the `LOG_CHANNEL` environment va
 
 ## Troubleshooting
 
-**APP_URL**
-
-In case your specified environment file does not contain the `APP_URL` variable, SST Laravel will automatically add it to the environment file with the value of the `web.domain` property.
-
 **Load Balancer and trusted proxies**
 
 SST Laravel puts the container behind a load balancer, so you must configure your Laravel application to trust the load balancer's IP addresses. You can do this by configuring the trusted proxies in `bootstrap/app.php`. If you deployed your app and it's trying to load assets using HTTP instead of HTTPS, this is likely the issue.
@@ -344,12 +441,6 @@ SST Laravel puts the container behind a load balancer, so you must configure you
 ```php
 ->withMiddleware(function (Middleware $middleware) {
     $middleware->trustProxies(at: '*');
-    $middleware->trustProxies(headers: Request::HEADER_X_FORWARDED_FOR |
-        Request::HEADER_X_FORWARDED_HOST |
-        Request::HEADER_X_FORWARDED_PORT |
-        Request::HEADER_X_FORWARDED_PROTO |
-        Request::HEADER_X_FORWARDED_AWS_ELB
-    );
 })
 ```
 
@@ -372,11 +463,15 @@ If you are getting the following error when deploying (usually via CI/CD), the i
    aws: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, failed to get API token, operation error ec2imds: getToken, http response error StatusCode: 400, request to EC2 IMDS failed
 ```
 
+**APP_URL**
+
+In case your specified environment file does not contain the `APP_URL` variable, SST Laravel will automatically add it to the environment file with the value of the `web.domain` property.
+
 ***
 
 ### Roadmap
 
-* Extend base Docker images;
+* Ability to extend base Docker images;
 * Add support for Inertia SSR;
 * Add support for Octane with FrankedPHP;
 * Add support for Laravel Reverb;
@@ -389,7 +484,7 @@ If you discover any security related issues, please email security@kirschbaumdev
 
 ## Sponsorship
 
-Development of this package is developed and sponsored by Kirschbaum Development Group, a developer driven company focused on problem solving, team building, and community. Learn more [about us](https://kirschbaumdevelopment.com) or [join us](https://careers.kirschbaumdevelopment.com)!
+Development of this package is sponsored by Kirschbaum Development Group, a developer driven company focused on problem solving, team building, and community. Learn more [about us](https://kirschbaumdevelopment.com) or [join us](https://careers.kirschbaumdevelopment.com)!
 
 ## License
 

package/dist/bin/cli.js

@@ -8,6 +8,8 @@ import { sshCommand } from './commands/ssh.js';
 import { logsCommand } from './commands/logs.js';
 import { githubIamCommand } from './commands/github-iam.js';
 import { installCommand } from './commands/install.js';
+import { envPullCommand } from './commands/env-pull.js';
+import { envPushCommand } from './commands/env-push.js';
 import { getPackageRoot } from './utils/sst-config.js';
 const packageJsonPath = path.join(getPackageRoot(), 'package.json');
 const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf-8'));
@@ -23,5 +25,7 @@ program.addCommand(sshCommand);
 program.addCommand(logsCommand);
 program.addCommand(githubIamCommand);
 program.addCommand(installCommand);
+program.addCommand(envPullCommand);
+program.addCommand(envPushCommand);
 program.parse();
 //# sourceMappingURL=cli.js.map

package/dist/bin/cli.js.map

@@ -1 +1 @@
-{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../bin/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,EAAE,cAAc,CAAC,CAAC;AACpE,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,CAAC;AAC1E,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC;AAEpC,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,aAAa,CAAC;KACnB,WAAW,CAAC,uCAAuC,CAAC;KACpD,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;AAC/B,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC;AACrC,OAAO,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;AAEnC,OAAO,CAAC,KAAK,EAAE,CAAC"}
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../bin/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,EAAE,cAAc,CAAC,CAAC;AACpE,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,CAAC;AAC1E,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC;AAEpC,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,aAAa,CAAC;KACnB,WAAW,CAAC,uCAAuC,CAAC;KACpD,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;AAC/B,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC;AACrC,OAAO,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;AACnC,OAAO,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;AACnC,OAAO,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;AAEnC,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/dist/bin/commands/deploy.js

@@ -1,16 +1,62 @@
 import { Command } from 'commander';
 import { spawn } from 'child_process';
-import { validateDeployment } from '../utils/sst-config.js';
+import * as fs from 'fs';
+import * as path from 'path';
+import { validateDeployment, findSstConfig, extractSstProjectName, extractSecretsConfig, getPackageRoot } from '../utils/sst-config.js';
+import { pullSecrets, getSecretPath, getSecretInfo, toEnvFileContent } from '../utils/secrets-manager.js';
 export const deployCommand = new Command('deploy')
     .description('Deploy the application using SST')
     .requiredOption('-s, --stage <stage>', 'SST stage name')
     .action(async (options) => {
     try {
         validateDeployment(options.stage);
+        const configPath = findSstConfig();
+        if (configPath) {
+            const appName = extractSstProjectName(configPath);
+            const secretsConfig = extractSecretsConfig(configPath);
+            if (appName && secretsConfig) {
+                console.log('RemoteEnvVault detected, fetching secrets from AWS Secrets Manager...');
+                // Determine the secret path
+                const secretPath = secretsConfig.path || getSecretPath(appName, options.stage);
+                try {
+                    // Get info about the secret structure first
+                    const secretInfo = await getSecretInfo(secretPath);
+                    if (!secretInfo) {
+                        console.warn(`Warning: No secrets found at ${secretPath}`);
+                        console.log('Continuing with deployment without secrets...');
+                    }
+                    else {
+                        if (secretInfo.chunked) {
+                            console.log(`Found ${secretInfo.totalKeys} variables in ${secretInfo.chunks} chunks`);
+                        }
+                        const secrets = await pullSecrets(secretPath);
+                        if (secrets) {
+                            // Ensure the .sst/laravel/deploy directory exists
+                            const deployDir = path.join(process.cwd(), '.sst', 'laravel', 'deploy');
+                            fs.mkdirSync(deployDir, { recursive: true });
+                            // Write secrets to .env file
+                            const envFilePath = path.join(deployDir, '.env');
+                            const envContent = toEnvFileContent(secrets);
+                            fs.writeFileSync(envFilePath, envContent + '\n');
+                            fs.chmodSync(envFilePath, 0o755);
+                            console.log(`Fetched ${Object.keys(secrets).length} variables from ${secretPath}`);
+                        }
+                    }
+                }
+                catch (error) {
+                    console.error(`Warning: Failed to fetch secrets from ${secretPath}:`, error.message);
+                    console.log('Continuing with deployment without secrets...');
+                }
+            }
+        }
         const deployProcess = spawn('npx', ['sst', 'deploy', '--stage', options.stage], {
             cwd: process.cwd(),
             stdio: 'inherit',
-            shell: true
+            shell: true,
+            env: {
+                ...process.env,
+                SST_LARAVEL_PACKAGE_ROOT: getPackageRoot(),
+            },
         });
         await new Promise((resolve, reject) => {
             deployProcess.on('exit', (code) => {

package/dist/bin/commands/deploy.js.map

@@ -1 +1 @@
-{"version":3,"file":"deploy.js","sourceRoot":"","sources":["../../../bin/commands/deploy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACtC,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAE5D,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,QAAQ,CAAC;KAC/C,WAAW,CAAC,kCAAkC,CAAC;KAC/C,cAAc,CAAC,qBAAqB,EAAE,gBAAgB,CAAC;KACvD,MAAM,CAAC,KAAK,EAAE,OAA0B,EAAE,EAAE;IAC3C,IAAI,CAAC;QACH,kBAAkB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAElC,MAAM,aAAa,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE;YAC9E,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE;YAClB,KAAK,EAAE,SAAS;YAChB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QAEH,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,aAAa,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;oBACf,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,IAAI,KAAK,CAAC,gCAAgC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC,CAAC,CAAC;YACH,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;QAClD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC"}
+{"version":3,"file":"deploy.js","sourceRoot":"","sources":["../../../bin/commands/deploy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACtC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxI,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAE1G,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,QAAQ,CAAC;KAC/C,WAAW,CAAC,kCAAkC,CAAC;KAC/C,cAAc,CAAC,qBAAqB,EAAE,gBAAgB,CAAC;KACvD,MAAM,CAAC,KAAK,EAAE,OAA0B,EAAE,EAAE;IAC3C,IAAI,CAAC;QACH,kBAAkB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAElC,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;QACnC,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAAC,CAAC;YAClD,MAAM,aAAa,GAAG,oBAAoB,CAAC,UAAU,CAAC,CAAC;YAEvD,IAAI,OAAO,IAAI,aAAa,EAAE,CAAC;gBAC7B,OAAO,CAAC,GAAG,CAAC,uEAAuE,CAAC,CAAC;gBAErF,4BAA4B;gBAC5B,MAAM,UAAU,GAAG,aAAa,CAAC,IAAI,IAAI,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;gBAE/E,IAAI,CAAC;oBACH,4CAA4C;oBAC5C,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;oBAEnD,IAAI,CAAC,UAAU,EAAE,CAAC;wBAChB,OAAO,CAAC,IAAI,CAAC,gCAAgC,UAAU,EAAE,CAAC,CAAC;wBAC3D,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;oBAC/D,CAAC;yBAAM,CAAC;wBACN,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;4BACvB,OAAO,CAAC,GAAG,CAAC,SAAS,UAAU,CAAC,SAAS,iBAAiB,UAAU,CAAC,MAAM,SAAS,CAAC,CAAC;wBACxF,CAAC;wBAED,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,UAAU,CAAC,CAAC;wBAE9C,IAAI,OAAO,EAAE,CAAC;4BACZ,kDAAkD;4BAClD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;4BACxE,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;4BAE7C,6BAA6B;4BAC7B,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;4BACjD,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;4BAC7C,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,UAAU,GAAG,IAAI,CAAC,CAAC;4BACjD,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;4BAEjC,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,mBAAmB,UAAU,EAAE,CAAC,CAAC;wBACrF,CAAC;oBACH,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,CAAC,KAAK,CAAC,yCAAyC,UAAU,GAAG,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;oBAChG,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;gBAC/D,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,aAAa,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE;YAC9E,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE;YAClB,KAAK,EAAE,SAAS;YAChB,KAAK,EAAE,IAAI;YACX,GAAG,EAAE;gBACH,GAAG,OAAO,CAAC,GAAG;gBACd,wBAAwB,EAAE,cAAc,EAAE;aAC3C;SACF,CAAC,CAAC;QAEH,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,aAAa,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;oBACf,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,IAAI,KAAK,CAAC,gCAAgC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC,CAAC,CAAC;YACH,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;QAClD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC"}

package/dist/bin/commands/env-pull.d.ts

@@ -0,0 +1,2 @@
+import { Command } from 'commander';
+export declare const envPullCommand: Command;

package/dist/bin/commands/env-pull.js

@@ -0,0 +1,81 @@
+import { Command } from 'commander';
+import * as fs from 'fs';
+import * as path from 'path';
+import { select, confirm } from '@inquirer/prompts';
+import { findSstConfig, extractSstProjectName } from '../utils/sst-config.js';
+import { pullSecrets, getSecretPath, getSecretInfo, toEnvFileContent, listAvailableStages } from '../utils/secrets-manager.js';
+export const envPullCommand = new Command('env:pull')
+    .description('Pull environment variables from AWS Secrets Manager')
+    .option('-s, --stage <stage>', 'SST stage name')
+    .option('-o, --output <file>', 'Output file path (default: .env.{stage})')
+    .option('-f, --force', 'Overwrite existing file without confirmation')
+    .action(async (options) => {
+    try {
+        const configPath = findSstConfig();
+        if (!configPath) {
+            console.error('Error: Could not find sst.config.ts or sst.config.js in current directory.');
+            process.exit(1);
+        }
+        const appName = extractSstProjectName(configPath);
+        if (!appName) {
+            console.error('Error: Could not extract app name from SST config.');
+            process.exit(1);
+        }
+        // Determine stage
+        let stage = options.stage;
+        if (!stage) {
+            const availableStages = await listAvailableStages(appName);
+            if (availableStages.length === 0) {
+                console.log('No stages found in AWS Secrets Manager for this app.');
+                console.log('Run this command again with the --stage <stage> flag to create the environment file.');
+                process.exit(1);
+            }
+            stage = await select({
+                message: 'Select the stage to pull from:',
+                choices: availableStages.map(s => ({ name: s, value: s })),
+            });
+        }
+        const secretPath = getSecretPath(appName, stage);
+        const outputFile = options.output || `.env.${stage}`;
+        const outputPath = path.resolve(process.cwd(), outputFile);
+        console.log(`Pulling environment variables from: ${secretPath}`);
+        // Get info about the secret structure
+        const secretInfo = await getSecretInfo(secretPath);
+        if (!secretInfo) {
+            console.error(`Error: No secrets found at ${secretPath}`);
+            console.log('');
+            console.log('To create secrets for this environment, run:');
+            console.log(`  sst-laravel env:push --stage ${stage} --input .env.example`);
+            process.exit(1);
+        }
+        if (secretInfo.chunked) {
+            console.log(`Found ${secretInfo.totalKeys} variables in ${secretInfo.chunks} chunks`);
+        }
+        // Check if output file exists
+        if (fs.existsSync(outputPath) && !options.force) {
+            const shouldOverwrite = await confirm({
+                message: `File ${outputFile} already exists. Overwrite?`,
+                default: false,
+            });
+            if (!shouldOverwrite) {
+                console.log('Aborted.');
+                process.exit(0);
+            }
+        }
+        // Pull secrets from AWS
+        const secrets = await pullSecrets(secretPath);
+        if (!secrets) {
+            console.error(`Error: Failed to pull secrets from ${secretPath}`);
+            process.exit(1);
+        }
+        // Convert to .env format and write
+        const envContent = toEnvFileContent(secrets);
+        fs.writeFileSync(outputPath, envContent + '\n');
+        console.log(`Successfully pulled ${Object.keys(secrets).length} variables to ${outputFile}`);
+    }
+    catch (error) {
+        console.error('Error:', error.message);
+        process.exit(1);
+    }
+});
+//# sourceMappingURL=env-pull.js.map

package/dist/bin/commands/env-pull.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"env-pull.js","sourceRoot":"","sources":["../../../bin/commands/env-pull.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAC9E,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,aAAa,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAE/H,MAAM,CAAC,MAAM,cAAc,GAAG,IAAI,OAAO,CAAC,UAAU,CAAC;KAClD,WAAW,CAAC,qDAAqD,CAAC;KAClE,MAAM,CAAC,qBAAqB,EAAE,gBAAgB,CAAC;KAC/C,MAAM,CAAC,qBAAqB,EAAE,0CAA0C,CAAC;KACzE,MAAM,CAAC,aAAa,EAAE,8CAA8C,CAAC;KACrE,MAAM,CAAC,KAAK,EAAE,OAA6D,EAAE,EAAE;IAC9E,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;QAEnC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,4EAA4E,CAAC,CAAC;YAC5F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAAC,CAAC;QAElD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACpE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,kBAAkB;QAClB,IAAI,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC1B,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,eAAe,GAAG,MAAM,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAE3D,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,sFAAsF,CAAC,CAAC;gBACpG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YAED,KAAK,GAAG,MAAM,MAAM,CAAC;gBACnB,OAAO,EAAE,gCAAgC;gBACzC,OAAO,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;aAC3D,CAAC,CAAC;QACL,CAAC;QAED,MAAM,UAAU,GAAG,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACjD,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,IAAI,QAAQ,KAAK,EAAE,CAAC;QACrD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;QAE3D,OAAO,CAAC,GAAG,CAAC,uCAAuC,UAAU,EAAE,CAAC,CAAC;QAEjE,sCAAsC;QACtC,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;QAEnD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,8BAA8B,UAAU,EAAE,CAAC,CAAC;YAC1D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;YAC5D,OAAO,CAAC,GAAG,CAAC,kCAAkC,KAAK,uBAAuB,CAAC,CAAC;YAC5E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,SAAS,UAAU,CAAC,SAAS,iBAAiB,UAAU,CAAC,MAAM,SAAS,CAAC,CAAC;QACxF,CAAC;QAED,8BAA8B;QAC9B,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YAChD,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC;gBACpC,OAAO,EAAE,QAAQ,UAAU,6BAA6B;gBACxD,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YAEH,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;gBACxB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,wBAAwB;QACxB,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,UAAU,CAAC,CAAC;QAE9C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,sCAAsC,UAAU,EAAE,CAAC,CAAC;YAClE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,mCAAmC;QACnC,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAC7C,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,UAAU,GAAG,IAAI,CAAC,CAAC;QAEhD,OAAO,CAAC,GAAG,CAAC,uBAAuB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,iBAAiB,UAAU,EAAE,CAAC,CAAC;IAC/F,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;QAClD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC"}

package/dist/bin/commands/env-push.d.ts

@@ -0,0 +1,2 @@
+import { Command } from 'commander';
+export declare const envPushCommand: Command;

package/dist/bin/commands/env-push.js

@@ -0,0 +1,93 @@
+import { Command } from 'commander';
+import * as fs from 'fs';
+import * as path from 'path';
+import { select, confirm } from '@inquirer/prompts';
+import { findSstConfig, extractSstProjectName } from '../utils/sst-config.js';
+import { pushSecrets, getSecretInfo, getSecretPath, parseEnvFile, needsChunking, listAvailableStages } from '../utils/secrets-manager.js';
+export const envPushCommand = new Command('env:push')
+    .description('Push environment variables to AWS Secrets Manager')
+    .option('-s, --stage <stage>', 'SST stage name')
+    .option('-i, --input <file>', 'Input file path (default: .env)')
+    .option('-f, --force', 'Push without confirmation')
+    .action(async (options) => {
+    try {
+        const configPath = findSstConfig();
+        if (!configPath) {
+            console.error('Error: Could not find sst.config.ts or sst.config.js in current directory.');
+            process.exit(1);
+        }
+        const appName = extractSstProjectName(configPath);
+        if (!appName) {
+            console.error('Error: Could not extract app name from SST config.');
+            process.exit(1);
+        }
+        // Determine stage
+        let stage = options.stage;
+        if (!stage) {
+            const availableStages = await listAvailableStages(appName);
+            if (availableStages.length === 0) {
+                console.log('No stages found in AWS Secrets Manager for this app.');
+                console.log('Run this command again with the --stage <stage> flag so the environment file can be created.');
+                process.exit(1);
+            }
+            stage = await select({
+                message: 'Select the stage to push to:',
+                choices: availableStages.map(s => ({ name: s, value: s })),
+            });
+        }
+        const inputFile = options.input || '.env';
+        const inputPath = path.resolve(process.cwd(), inputFile);
+        // Check if input file exists
+        if (!fs.existsSync(inputPath)) {
+            console.error(`Error: Input file ${inputFile} not found.`);
+            process.exit(1);
+        }
+        const secretPath = getSecretPath(appName, stage);
+        // Parse the .env file
+        const content = fs.readFileSync(inputPath, 'utf-8');
+        const vars = parseEnvFile(content);
+        const varCount = Object.keys(vars).length;
+        if (varCount === 0) {
+            console.error('Error: No variables found in the input file.');
+            process.exit(1);
+        }
+        console.log(`Found ${varCount} variables in ${inputFile}`);
+        console.log(`Target: ${secretPath}`);
+        // Check if chunking will be needed
+        if (needsChunking(vars)) {
+            console.log(`\nNote: Environment file exceeds AWS Secrets Manager limit and will be split into multiple chunks.`);
+        }
+        // Check if secrets already exist
+        const existingInfo = await getSecretInfo(secretPath);
+        if (existingInfo && !options.force) {
+            if (existingInfo.chunked) {
+                console.log(`\nWarning: ${existingInfo.totalKeys} variables already exist at this path (in ${existingInfo.chunks} chunks).`);
+            }
+            else {
+                console.log(`\nWarning: ${existingInfo.totalKeys} variables already exist at this path.`);
+            }
+            const shouldOverwrite = await confirm({
+                message: 'Do you want to overwrite the existing secrets?',
+                default: false,
+            });
+            if (!shouldOverwrite) {
+                console.log('Aborted.');
+                process.exit(0);
+            }
+        }
+        // Push secrets to AWS
+        console.log('\nPushing secrets to AWS Secrets Manager...');
+        const result = await pushSecrets(secretPath, vars);
+        if (result.chunked) {
+            console.log(`Successfully pushed ${varCount} variables to ${secretPath} (split into ${result.chunks} chunks)`);
+        }
+        else {
+            console.log(`Successfully pushed ${varCount} variables to ${secretPath}`);
+        }
+    }
+    catch (error) {
+        console.error('Error:', error.message);
+        process.exit(1);
+    }
+});
+//# sourceMappingURL=env-push.js.map

package/dist/bin/commands/env-push.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"env-push.js","sourceRoot":"","sources":["../../../bin/commands/env-push.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAC9E,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAE1I,MAAM,CAAC,MAAM,cAAc,GAAG,IAAI,OAAO,CAAC,UAAU,CAAC;KAClD,WAAW,CAAC,mDAAmD,CAAC;KAChE,MAAM,CAAC,qBAAqB,EAAE,gBAAgB,CAAC;KAC/C,MAAM,CAAC,oBAAoB,EAAE,iCAAiC,CAAC;KAC/D,MAAM,CAAC,aAAa,EAAE,2BAA2B,CAAC;KAClD,MAAM,CAAC,KAAK,EAAE,OAA4D,EAAE,EAAE;IAC7E,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;QAEnC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,4EAA4E,CAAC,CAAC;YAC5F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAAC,CAAC;QAElD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACpE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,kBAAkB;QAClB,IAAI,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC1B,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,eAAe,GAAG,MAAM,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAE3D,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,8FAA8F,CAAC,CAAC;gBAC5G,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YAED,KAAK,GAAG,MAAM,MAAM,CAAC;gBACnB,OAAO,EAAE,8BAA8B;gBACvC,OAAO,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;aAC3D,CAAC,CAAC;QACL,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,IAAI,MAAM,CAAC;QAC1C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,SAAS,CAAC,CAAC;QAEzD,6BAA6B;QAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9B,OAAO,CAAC,KAAK,CAAC,qBAAqB,SAAS,aAAa,CAAC,CAAC;YAC3D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,UAAU,GAAG,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAEjD,sBAAsB;QACtB,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QACpD,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;QACnC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;QAE1C,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;YACnB,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,SAAS,QAAQ,iBAAiB,SAAS,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,WAAW,UAAU,EAAE,CAAC,CAAC;QAErC,mCAAmC;QACnC,IAAI,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,oGAAoG,CAAC,CAAC;QACpH,CAAC;QAED,iCAAiC;QACjC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;QAErD,IAAI,YAAY,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACnC,IAAI,YAAY,CAAC,OAAO,EAAE,CAAC;gBACzB,OAAO,CAAC,GAAG,CAAC,cAAc,YAAY,CAAC,SAAS,6CAA6C,YAAY,CAAC,MAAM,WAAW,CAAC,CAAC;YAC/H,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,cAAc,YAAY,CAAC,SAAS,wCAAwC,CAAC,CAAC;YAC5F,CAAC;YAED,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC;gBACpC,OAAO,EAAE,gDAAgD;gBACzD,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YAEH,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;gBACxB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,sBAAsB;QACtB,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAEnD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,OAAO,CAAC,GAAG,CAAC,uBAAuB,QAAQ,iBAAiB,UAAU,gBAAgB,MAAM,CAAC,MAAM,UAAU,CAAC,CAAC;QACjH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,uBAAuB,QAAQ,iBAAiB,UAAU,EAAE,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;QAClD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC"}

package/dist/bin/commands/init.js

@@ -1,8 +1,106 @@
 import { Command } from 'commander';
-import { spawn } from 'child_process';
+import { spawn, execSync } from 'child_process';
 import * as fs from 'fs';
 import * as path from 'path';
-import { getTemplatePath } from '../utils/sst-config.js';
+import { fileURLToPath } from 'url';
+import { confirm } from '@inquirer/prompts';
+import { getTemplatePath, getPackageRoot } from '../utils/sst-config.js';
+const SKILL_FILE_PATH = fileURLToPath(new URL('../../skills/laravel-initial-setup/SKILL.md', import.meta.url));
+const runProcess = (command, args, cwd) => {
+    return new Promise((resolve, reject) => {
+        const child = spawn(command, args, {
+            cwd,
+            stdio: 'inherit',
+            shell: true
+        });
+        child.on('exit', (code) => {
+            if (code === 0) {
+                resolve();
+            }
+            else {
+                reject(new Error(`${command} ${args.join(' ')} exited with code ${code}`));
+            }
+        });
+        child.on('error', reject);
+    });
+};
+const detectLaravelBoostVersion = (cwd) => {
+    try {
+        const output = execSync('composer show laravel/boost --no-ansi --no-interaction', {
+            cwd,
+            stdio: ['ignore', 'pipe', 'pipe']
+        }).toString();
+        const versionMatch = output.match(/versions?\s*:\s*\*?\s*v?([0-9][^\s]*)/i);
+        if (!versionMatch) {
+            return null;
+        }
+        return versionMatch[1].replace(/^v/, '');
+    }
+    catch (error) {
+        return null;
+    }
+};
+const isVersionAtLeast = (version, minimum) => {
+    const normalize = (input) => input.split('.').map((segment) => parseInt(segment, 10) || 0);
+    const versionParts = normalize(version);
+    const minParts = normalize(minimum);
+    for (let i = 0; i < Math.max(versionParts.length, minParts.length); i++) {
+        const current = versionParts[i] ?? 0;
+        const min = minParts[i] ?? 0;
+        if (current > min)
+            return true;
+        if (current < min)
+            return false;
+    }
+    return true;
+};
+const installSkillWithBoost = async (cwd) => {
+    const aiSkillsDir = path.join(cwd, '.ai', 'skills', 'sst-laravel-initial-setup');
+    fs.mkdirSync(aiSkillsDir, { recursive: true });
+    const targetPath = path.join(aiSkillsDir, 'SKILL.md');
+    fs.copyFileSync(SKILL_FILE_PATH, targetPath);
+    console.log(`Copied skill file to ${path.relative(cwd, targetPath)}`);
+    console.log('Running boost:update to refresh Laravel Boost skills...');
+    await runProcess('php', ['artisan', 'boost:update'], cwd);
+};
+const installSkillViaNpx = async (cwd) => {
+    console.log('Installing skill via `npx skills add`...');
+    await runProcess('npx', ['skills', 'add', SKILL_FILE_PATH], cwd);
+};
+const maybeInstallSkill = async (cwd) => {
+    if (!process.stdin.isTTY || !process.stdout.isTTY) {
+        console.log('Skipping AI skill installation prompt (non-interactive terminal).');
+        return;
+    }
+    const shouldInstallSkill = await confirm({
+        message: 'Install the SST Laravel Initial Setup AI skill in this project?',
+        default: true
+    });
+    if (!shouldInstallSkill) {
+        console.log('Skipping AI skill installation. You can add it later from skills/laravel-initial-setup.');
+        return;
+    }
+    const boostVersion = detectLaravelBoostVersion(cwd);
+    if (boostVersion) {
+        console.log(`Detected laravel/boost version ${boostVersion}`);
+    }
+    else {
+        console.log('laravel/boost package not detected or Composer unavailable.');
+    }
+    if (boostVersion && isVersionAtLeast(boostVersion, '2.0.0')) {
+        await installSkillWithBoost(cwd);
+    }
+    else {
+        if (boostVersion) {
+            console.log('laravel/boost version is below 2.0. Falling back to npx skills.');
+        }
+        await installSkillViaNpx(cwd);
+    }
+    console.log('\n');
+    console.log('\n');
+    console.log('🤖 SST Laravel skill installed successfully');
+    console.log('Run "Please help me set up the deployment config of my application using SST Laravel" in your AI agent to get started');
+};
 export const initCommand = new Command('init')
     .description('Initialize SST and SST Laravel, creating a new sst.config.ts file to deploy your Laravel application')
     .action(async () => {
@@ -67,7 +165,11 @@ export const initCommand = new Command('init')
         const sstInstallProcess = spawn('npx', ['sst', 'install'], {
             cwd,
             stdio: 'inherit',
-            shell: true
+            shell: true,
+            env: {
+                ...process.env,
+                SST_LARAVEL_PACKAGE_ROOT: getPackageRoot(),
+            },
         });
         await new Promise((resolve, reject) => {
             sstInstallProcess.on('exit', (code) => {
@@ -102,16 +204,23 @@ export const initCommand = new Command('init')
             fs.chmodSync(deployScriptPath, 0o755);
             console.log('Created infra/deploy.sh script');
         }
+        try {
+            await maybeInstallSkill(cwd);
+        }
+        catch (skillError) {
+            console.warn('Failed to install AI skill automatically:', skillError.message);
+            console.warn('You can manually add it later from skills/laravel-initial-setup.');
+        }
         console.log('\n');
         console.log('\n');
-        console.log('Successfully configured sst.config.ts with Laravel boilerplate');
+        console.log('✅ Successfully configured sst.config.ts with Laravel boilerplate');
         console.log('You can now customize the configuration for your own Laravel application.');
         console.log('\n');
         console.log('Your default configuration is set to look for a .env.{stage} file when deploying. You can customize this in the sst.config.ts file as needed.');
         console.log('\n');
         console.log('A deploy.sh script has been created with example deployment tasks (migrations, caching, etc.). Customize it as needed.');
         console.log('\n');
-        console.log('Run `npx sst deploy --stage {stage}` to deploy your application.');
+        console.log('Run `npx sst-laravel deploy --stage {stage}` to deploy your application.');
     }
     catch (error) {
         console.error('Error:', error.message);