@liquidmetal-ai/raindrop 0.4.11 → 0.4.13

package/dist/codegen.test.js

@@ -130,10 +130,10 @@ test('kebabCaseToCamelCase', () => {
 test('kebabCaseToUpperCamelCase', () => {
     expect(kebabCaseToUpperCamelCase('my-variable')).toEqual('MyVariable');
 });
-test('generates AgentMemory type bindings', async () => {
+test('generates SmartMemory type bindings', async () => {
     const apps = await mustManifestFromString(`
     application "test-app" {
-      agent_memory "user-memory" {}
+      smartmemory "user-memory" {}
       
       service "test-service" {}
     }
@@ -141,10 +141,10 @@ test('generates AgentMemory type bindings', async () => {
     const app = apps[0];
     const service = app.service[0];
     const generated = gatherEnvForHandler(service, app);
-    // Should include AgentMemory import
-    expect(generated).toMatch(/import\s+{[^}]*AgentMemory[^}]*}\s+from\s+'@liquidmetal-ai\/raindrop-framework'/);
-    // Should include AgentMemory type binding with constant case naming
-    expect(generated).toMatch(/USER_MEMORY:\s*AgentMemory/);
+    // Should include SmartMemory import
+    expect(generated).toMatch(/import\s+{[^}]*SmartMemory[^}]*}\s+from\s+'@liquidmetal-ai\/raindrop-framework'/);
+    // Should include SmartMemory type binding with constant case naming
+    expect(generated).toMatch(/USER_MEMORY:\s*SmartMemory/);
 });
 test('generates SmartBucket type bindings', async () => {
     const apps = await mustManifestFromString(`

package/dist/commands/bucket/create-credential.d.ts

@@ -0,0 +1,25 @@
+import { BaseCommand } from '../../base-command.js';
+export default class CreateCredential extends BaseCommand<typeof CreateCredential> {
+    static description: string;
+    static examples: string[];
+    static flags: {
+        bucket: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        name: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        'expires-at': import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        'api-url': import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        application: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        version: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        output: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        impersonate: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        manifest: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        config: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowAuthService: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        raindropCatalogService: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowAuthToken: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowOrganizationId: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowUserId: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        sendVersionMetadata: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+}
+//# sourceMappingURL=create-credential.d.ts.map

package/dist/commands/bucket/create-credential.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"create-credential.d.ts","sourceRoot":"","sources":["../../../src/commands/bucket/create-credential.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEpD,MAAM,CAAC,OAAO,OAAO,gBAAiB,SAAQ,WAAW,CAAC,OAAO,gBAAgB,CAAC;IAChF,MAAM,CAAC,WAAW,SAAwC;IAE1D,MAAM,CAAC,QAAQ,WAUb;IAEF,MAAM,CAAC,KAAK;;;;;;;;;;;;;;;;;MAqDV;IAEI,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC;CA8G3B"}

package/dist/commands/bucket/create-credential.js

@@ -0,0 +1,171 @@
+import { toJsonString } from '@bufbuild/protobuf';
+import { timestampDate, timestampFromDate } from '@bufbuild/protobuf/wkt';
+import { valueOf } from '@liquidmetal-ai/drizzle/appify/build';
+import { CreateCredentialResponseSchema } from '@liquidmetal-ai/drizzle/liquidmetal/v1alpha1/bucket_api_pb';
+import { Flags } from '@oclif/core';
+import { BaseCommand } from '../../base-command.js';
+export default class CreateCredential extends BaseCommand {
+    static description = 'Create S3 credentials for a bucket';
+    static examples = [
+        `<%= config.bin %> bucket create-credential --bucket my-bucket --name "My API Key"
+Create a new S3 credential for my-bucket
+`,
+        `<%= config.bin %> bucket create-credential --bucket my-bucket --name "Temp Key" --expires-at "2024-12-31"
+Create a credential that expires on Dec 31, 2024
+`,
+        `<%= config.bin %> bucket create-credential --api-url https://bucket.example.com --name "Direct API Key"
+Create a credential using a direct API URL
+`,
+    ];
+    static flags = {
+        ...BaseCommand.HIDDEN_FLAGS,
+        bucket: Flags.string({
+            char: 'b',
+            description: 'bucket name',
+            required: false,
+            exclusive: ['api-url'],
+        }),
+        name: Flags.string({
+            char: 'n',
+            description: 'credential name',
+            required: true,
+        }),
+        'expires-at': Flags.string({
+            description: 'expiration date (ISO 8601 format)',
+            required: false,
+        }),
+        'api-url': Flags.string({
+            description: 'direct API URL (bypasses bucket discovery)',
+            required: false,
+            exclusive: ['bucket', 'application', 'version'],
+        }),
+        application: Flags.string({
+            char: 'a',
+            description: 'application name',
+            required: false,
+            exclusive: ['api-url'],
+        }),
+        version: Flags.string({
+            char: 'v',
+            description: 'application version',
+            required: false,
+            exclusive: ['api-url'],
+        }),
+        output: Flags.string({
+            char: 'o',
+            description: 'output format',
+            default: 'text',
+            options: ['text', 'json'],
+        }),
+        impersonate: Flags.string({
+            char: 'i',
+            description: 'impersonate organization',
+            required: false,
+            hidden: true,
+        }),
+        manifest: Flags.string({
+            char: 'M',
+            description: 'project manifest',
+            required: false,
+            default: 'raindrop.manifest',
+            hidden: true,
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(CreateCredential);
+        // Validate that we have either api-url or bucket
+        if (!flags['api-url'] && !flags.bucket) {
+            this.error('Either --api-url or --bucket must be specified');
+        }
+        let apiUrl;
+        let bucketName;
+        if (flags['api-url']) {
+            // Direct API URL provided, skip discovery
+            apiUrl = flags['api-url'];
+        }
+        else {
+            // Need to discover the bucket
+            bucketName = flags.bucket;
+            // Get application info from flags or config/manifest
+            let applicationName = flags.application;
+            let applicationVersionId = flags.version;
+            if (!applicationVersionId) {
+                const config = await this.loadConfig();
+                applicationVersionId = config.versionId;
+            }
+            if (!applicationName) {
+                const apps = await this.loadManifest();
+                const app = apps[0];
+                if (app === undefined) {
+                    this.error('No application provided or found in manifest', { exit: 1 });
+                }
+                applicationName = valueOf(app.name);
+            }
+            // Query for the bucket module
+            const { client: catalogService, userId, organizationId: defaultOrganizationId } = await this.catalogService();
+            const organizationId = flags.impersonate ?? defaultOrganizationId;
+            const modulesResp = await catalogService.queryModules({
+                userId,
+                applicationName,
+                applicationVersionId,
+                organizationId,
+                moduleType: 'bucket',
+            });
+            // Find the specific bucket
+            const bucketModule = modulesResp.modules.find(m => m.name === bucketName && m.type === 'bucket');
+            if (!bucketModule) {
+                this.error(`Bucket '${bucketName}' not found in application ${applicationName}@${applicationVersionId}`);
+            }
+            // Extract the API URL from the bucket module
+            apiUrl = bucketModule.bucket?.s3?.apiUrl;
+            if (!apiUrl) {
+                this.error(`Bucket '${bucketName}' does not have an API URL configured`);
+            }
+        }
+        // Parse expires_at if provided
+        let expiresAt;
+        if (flags['expires-at']) {
+            const expiresDate = new Date(flags['expires-at']);
+            if (isNaN(expiresDate.getTime())) {
+                this.error('Invalid expiration date format. Use ISO 8601 format (e.g., 2024-12-31 or 2024-12-31T23:59:59Z)');
+            }
+            if (expiresDate <= new Date()) {
+                this.error('Expiration date must be in the future');
+            }
+            expiresAt = timestampFromDate(expiresDate);
+        }
+        // Create the S3 credential service client
+        const { client: credentialService } = await this.bucketApiService(apiUrl);
+        try {
+            const response = await credentialService.createCredential({
+                name: flags.name,
+                expiresAt,
+            });
+            // Output the result
+            if (flags.output === 'json') {
+                console.log(toJsonString(CreateCredentialResponseSchema, response, { prettySpaces: 2 }));
+            }
+            else {
+                const cred = response.credential;
+                if (!cred) {
+                    this.error('No credential returned from service');
+                }
+                console.log(`Successfully created S3 credential${bucketName ? ` for bucket '${bucketName}'` : ''}`);
+                console.log(`\nAccess Key: ${cred.accessKey}`);
+                console.log(`Secret Key: ${cred.secretKey}`);
+                console.log(`Name: ${cred.name}`);
+                if (cred.createdAt) {
+                    console.log(`Created: ${timestampDate(cred.createdAt).toISOString()}`);
+                }
+                if (cred.expiresAt) {
+                    console.log(`Expires: ${timestampDate(cred.expiresAt).toISOString()}`);
+                }
+                console.log('\n⚠️  Save these credentials securely - the secret key cannot be retrieved again!');
+            }
+        }
+        catch (error) {
+            const err = error;
+            this.error(`Failed to create credential: ${err.message}`);
+        }
+    }
+}

package/dist/commands/bucket/delete-credential.d.ts

@@ -0,0 +1,24 @@
+import { BaseCommand } from '../../base-command.js';
+export default class DeleteCredential extends BaseCommand<typeof DeleteCredential> {
+    static description: string;
+    static examples: string[];
+    static flags: {
+        bucket: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        'access-key': import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        'api-url': import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        application: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        version: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        output: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        impersonate: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        manifest: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        config: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowAuthService: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        raindropCatalogService: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowAuthToken: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowOrganizationId: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowUserId: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        sendVersionMetadata: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+}
+//# sourceMappingURL=delete-credential.d.ts.map

package/dist/commands/bucket/delete-credential.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"delete-credential.d.ts","sourceRoot":"","sources":["../../../src/commands/bucket/delete-credential.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEpD,MAAM,CAAC,OAAO,OAAO,gBAAiB,SAAQ,WAAW,CAAC,OAAO,gBAAgB,CAAC;IAChF,MAAM,CAAC,WAAW,SAA6B;IAE/C,MAAM,CAAC,QAAQ,WAOb;IAEF,MAAM,CAAC,KAAK;;;;;;;;;;;;;;;;MAgDV;IAEI,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC;CAqF3B"}

package/dist/commands/bucket/delete-credential.js

@@ -0,0 +1,140 @@
+import { toJsonString } from '@bufbuild/protobuf';
+import { valueOf } from '@liquidmetal-ai/drizzle/appify/build';
+import { DeleteCredentialResponseSchema } from '@liquidmetal-ai/drizzle/liquidmetal/v1alpha1/bucket_api_pb';
+import { Flags } from '@oclif/core';
+import { BaseCommand } from '../../base-command.js';
+export default class DeleteCredential extends BaseCommand {
+    static description = 'Delete an S3 credential';
+    static examples = [
+        `<%= config.bin %> bucket delete-credential --bucket my-bucket --access-key AKIAIOSFODNN7EXAMPLE
+Delete a specific credential
+`,
+        `<%= config.bin %> bucket delete-credential --api-url https://bucket.example.com --access-key AKIAIOSFODNN7EXAMPLE
+Delete credential using a direct API URL
+`,
+    ];
+    static flags = {
+        ...BaseCommand.HIDDEN_FLAGS,
+        bucket: Flags.string({
+            char: 'b',
+            description: 'bucket name',
+            required: false,
+            exclusive: ['api-url'],
+        }),
+        'access-key': Flags.string({
+            description: 'access key of the credential to delete',
+            required: true,
+        }),
+        'api-url': Flags.string({
+            description: 'direct API URL (bypasses bucket discovery)',
+            required: false,
+            exclusive: ['bucket', 'application', 'version'],
+        }),
+        application: Flags.string({
+            char: 'a',
+            description: 'application name',
+            required: false,
+            exclusive: ['api-url'],
+        }),
+        version: Flags.string({
+            char: 'v',
+            description: 'application version',
+            required: false,
+            exclusive: ['api-url'],
+        }),
+        output: Flags.string({
+            char: 'o',
+            description: 'output format',
+            default: 'text',
+            options: ['text', 'json'],
+        }),
+        impersonate: Flags.string({
+            char: 'i',
+            description: 'impersonate organization',
+            required: false,
+            hidden: true,
+        }),
+        manifest: Flags.string({
+            char: 'M',
+            description: 'project manifest',
+            required: false,
+            default: 'raindrop.manifest',
+            hidden: true,
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(DeleteCredential);
+        // Validate that we have either api-url or bucket
+        if (!flags['api-url'] && !flags.bucket) {
+            this.error('Either --api-url or --bucket must be specified');
+        }
+        let apiUrl;
+        let bucketName;
+        if (flags['api-url']) {
+            // Direct API URL provided, skip discovery
+            apiUrl = flags['api-url'];
+        }
+        else {
+            // Need to discover the bucket
+            bucketName = flags.bucket;
+            // Get application info from flags or config/manifest
+            let applicationName = flags.application;
+            let applicationVersionId = flags.version;
+            if (!applicationVersionId) {
+                const config = await this.loadConfig();
+                applicationVersionId = config.versionId;
+            }
+            if (!applicationName) {
+                const apps = await this.loadManifest();
+                const app = apps[0];
+                if (app === undefined) {
+                    this.error('No application provided or found in manifest', { exit: 1 });
+                }
+                applicationName = valueOf(app.name);
+            }
+            // Query for the bucket module
+            const { client: catalogService, userId, organizationId: defaultOrganizationId } = await this.catalogService();
+            const organizationId = flags.impersonate ?? defaultOrganizationId;
+            const modulesResp = await catalogService.queryModules({
+                userId,
+                applicationName,
+                applicationVersionId,
+                organizationId,
+                moduleType: 'bucket',
+            });
+            // Find the specific bucket
+            const bucketModule = modulesResp.modules.find(m => m.name === bucketName && m.type === 'bucket');
+            if (!bucketModule) {
+                this.error(`Bucket '${bucketName}' not found in application ${applicationName}@${applicationVersionId}`);
+            }
+            // Extract the API URL from the bucket module
+            apiUrl = bucketModule.bucket?.s3?.apiUrl;
+            if (!apiUrl) {
+                this.error(`Bucket '${bucketName}' does not have an API URL configured`);
+            }
+        }
+        // Create the S3 credential service client
+        const { client: credentialService } = await this.bucketApiService(apiUrl);
+        try {
+            const response = await credentialService.deleteCredential({
+                accessKey: flags['access-key'],
+            });
+            // Output the result
+            if (flags.output === 'json') {
+                console.log(toJsonString(DeleteCredentialResponseSchema, response, { prettySpaces: 2 }));
+            }
+            else {
+                if (response.deleted) {
+                    console.log(`Successfully deleted credential '${flags['access-key']}'${bucketName ? ` from bucket '${bucketName}'` : ''}`);
+                }
+                else {
+                    console.log(`Credential '${flags['access-key']}' not found${bucketName ? ` in bucket '${bucketName}'` : ''}`);
+                }
+            }
+        }
+        catch (error) {
+            const err = error;
+            this.error(`Failed to delete credential: ${err.message}`);
+        }
+    }
+}

package/dist/commands/bucket/get-credential.d.ts

@@ -0,0 +1,24 @@
+import { BaseCommand } from '../../base-command.js';
+export default class GetCredential extends BaseCommand<typeof GetCredential> {
+    static description: string;
+    static examples: string[];
+    static flags: {
+        bucket: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        'access-key': import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        'api-url': import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        application: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        version: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        output: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        impersonate: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        manifest: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        config: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowAuthService: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        raindropCatalogService: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowAuthToken: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowOrganizationId: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowUserId: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        sendVersionMetadata: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+}
+//# sourceMappingURL=get-credential.d.ts.map

package/dist/commands/bucket/get-credential.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-credential.d.ts","sourceRoot":"","sources":["../../../src/commands/bucket/get-credential.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEpD,MAAM,CAAC,OAAO,OAAO,aAAc,SAAQ,WAAW,CAAC,OAAO,aAAa,CAAC;IAC1E,MAAM,CAAC,WAAW,SAA6C;IAE/D,MAAM,CAAC,QAAQ,WAOb;IAEF,MAAM,CAAC,KAAK;;;;;;;;;;;;;;;;MAgDV;IAEI,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC;CA+F3B"}

package/dist/commands/bucket/get-credential.js

@@ -0,0 +1,149 @@
+import { toJsonString } from '@bufbuild/protobuf';
+import { timestampDate } from '@bufbuild/protobuf/wkt';
+import { valueOf } from '@liquidmetal-ai/drizzle/appify/build';
+import { GetCredentialResponseSchema } from '@liquidmetal-ai/drizzle/liquidmetal/v1alpha1/bucket_api_pb';
+import { Flags } from '@oclif/core';
+import { BaseCommand } from '../../base-command.js';
+export default class GetCredential extends BaseCommand {
+    static description = 'Get details of a specific S3 credential';
+    static examples = [
+        `<%= config.bin %> bucket get-credential --bucket my-bucket --access-key AKIAIOSFODNN7EXAMPLE
+Get details of a specific credential
+`,
+        `<%= config.bin %> bucket get-credential --api-url https://bucket.example.com --access-key AKIAIOSFODNN7EXAMPLE
+Get credential details using a direct API URL
+`,
+    ];
+    static flags = {
+        ...BaseCommand.HIDDEN_FLAGS,
+        bucket: Flags.string({
+            char: 'b',
+            description: 'bucket name',
+            required: false,
+            exclusive: ['api-url'],
+        }),
+        'access-key': Flags.string({
+            description: 'access key of the credential to retrieve',
+            required: true,
+        }),
+        'api-url': Flags.string({
+            description: 'direct API URL (bypasses bucket discovery)',
+            required: false,
+            exclusive: ['bucket', 'application', 'version'],
+        }),
+        application: Flags.string({
+            char: 'a',
+            description: 'application name',
+            required: false,
+            exclusive: ['api-url'],
+        }),
+        version: Flags.string({
+            char: 'v',
+            description: 'application version',
+            required: false,
+            exclusive: ['api-url'],
+        }),
+        output: Flags.string({
+            char: 'o',
+            description: 'output format',
+            default: 'text',
+            options: ['text', 'json'],
+        }),
+        impersonate: Flags.string({
+            char: 'i',
+            description: 'impersonate organization',
+            required: false,
+            hidden: true,
+        }),
+        manifest: Flags.string({
+            char: 'M',
+            description: 'project manifest',
+            required: false,
+            default: 'raindrop.manifest',
+            hidden: true,
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(GetCredential);
+        // Validate that we have either api-url or bucket
+        if (!flags['api-url'] && !flags.bucket) {
+            this.error('Either --api-url or --bucket must be specified');
+        }
+        let apiUrl;
+        let bucketName;
+        if (flags['api-url']) {
+            // Direct API URL provided, skip discovery
+            apiUrl = flags['api-url'];
+        }
+        else {
+            // Need to discover the bucket
+            bucketName = flags.bucket;
+            // Get application info from flags or config/manifest
+            let applicationName = flags.application;
+            let applicationVersionId = flags.version;
+            if (!applicationVersionId) {
+                const config = await this.loadConfig();
+                applicationVersionId = config.versionId;
+            }
+            if (!applicationName) {
+                const apps = await this.loadManifest();
+                const app = apps[0];
+                if (app === undefined) {
+                    this.error('No application provided or found in manifest', { exit: 1 });
+                }
+                applicationName = valueOf(app.name);
+            }
+            // Query for the bucket module
+            const { client: catalogService, userId, organizationId: defaultOrganizationId } = await this.catalogService();
+            const organizationId = flags.impersonate ?? defaultOrganizationId;
+            const modulesResp = await catalogService.queryModules({
+                userId,
+                applicationName,
+                applicationVersionId,
+                organizationId,
+                moduleType: 'bucket',
+            });
+            // Find the specific bucket
+            const bucketModule = modulesResp.modules.find(m => m.name === bucketName && m.type === 'bucket');
+            if (!bucketModule) {
+                this.error(`Bucket '${bucketName}' not found in application ${applicationName}@${applicationVersionId}`);
+            }
+            // Extract the API URL from the bucket module
+            apiUrl = bucketModule.bucket?.s3?.apiUrl;
+            if (!apiUrl) {
+                this.error(`Bucket '${bucketName}' does not have an API URL configured`);
+            }
+        }
+        // Create the S3 credential service client
+        const { client: credentialService } = await this.bucketApiService(apiUrl);
+        try {
+            const response = await credentialService.getCredential({
+                accessKey: flags['access-key'],
+            });
+            // Output the result
+            if (flags.output === 'json') {
+                console.log(toJsonString(GetCredentialResponseSchema, response, { prettySpaces: 2 }));
+            }
+            else {
+                const cred = response.credential;
+                if (!cred) {
+                    this.error('No credential returned from service');
+                }
+                console.log(`Credential details${bucketName ? ` for bucket '${bucketName}'` : ''}:\n`);
+                console.log(`Access Key: ${cred.accessKey}`);
+                console.log(`Name: ${cred.name}`);
+                if (cred.createdAt) {
+                    console.log(`Created: ${timestampDate(cred.createdAt).toISOString()}`);
+                }
+                if (cred.expiresAt) {
+                    console.log(`Expires: ${timestampDate(cred.expiresAt).toISOString()}`);
+                }
+                console.log('\nNote: Secret key is not displayed for security reasons');
+            }
+        }
+        catch (error) {
+            const err = error;
+            this.error(`Failed to get credential: ${err.message}`);
+        }
+    }
+}

package/dist/commands/bucket/list-credentials.d.ts

@@ -0,0 +1,23 @@
+import { BaseCommand } from '../../base-command.js';
+export default class ListCredentials extends BaseCommand<typeof ListCredentials> {
+    static description: string;
+    static examples: string[];
+    static flags: {
+        bucket: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        'api-url': import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        application: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        version: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        output: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        impersonate: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        manifest: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        config: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowAuthService: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        raindropCatalogService: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowAuthToken: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowOrganizationId: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        rainbowUserId: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        sendVersionMetadata: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+}
+//# sourceMappingURL=list-credentials.d.ts.map

package/dist/commands/bucket/list-credentials.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-credentials.d.ts","sourceRoot":"","sources":["../../../src/commands/bucket/list-credentials.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEpD,MAAM,CAAC,OAAO,OAAO,eAAgB,SAAQ,WAAW,CAAC,OAAO,eAAe,CAAC;IAC9E,MAAM,CAAC,WAAW,SAAsC;IAExD,MAAM,CAAC,QAAQ,WAOb;IAEF,MAAM,CAAC,KAAK;;;;;;;;;;;;;;;MA4CV;IAEI,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC;CAkG3B"}