@meshxdata/fops 0.1.54 → 0.1.57

package/CHANGELOG.md

@@ -1,8 +1,191 @@
+## [0.1.57] - 2026-03-26
+
+- restore all missing services (pgpool, exporters, grafana, etc), add loki to k3s profile, always activate loki profile in fops up (4e2744a)
+- fix: grafana alert-rules provisioning, ENVIRONMENT_NAME from --url, k3s secret sync, vm-sizes endpoint, project root resolution (9839052)
+- feat(azure): add 'fops azure reconcile <name>' command for VM drift fix (79ba6e2)
+- fix(otel,loki): remove duplicate spanmetrics dimensions, use .env for loki S3 creds (e3d1def)
+- fix(loki): pass S3 credentials from .env so loki works without vault-init (c57906d)
+- fix(azure): improve VM provisioning reliability (2ddd669)
+- cluster discovery (009257d)
+- feat(storage): add loki container to provisioning (898c544)
+- feat(azure): add ping command to check backend health (8336825)
+- operator cli bump 0.1.52 (f052cb5)
+- fix(doctor): set KUBECONFIG for k3s kubectl commands (db9359b)
+- fix(azure): move --landscape to test run command, not separate subcommand (4b9b089)
+- feat(azure): add test integration command with landscape support (b2990a0)
+- fix(fleet): skip VMs without public IPs in fleet exec (39acbaa)
+- feat(azure): detect and fix External Secrets identity issues (f907d11)
+- operator cli bump 0.1.51 (db55bdc)
+- feat: add postgres-exporter and Azure tray menu improvements (2a337ac)
+- operator cli plugin fix (4dae908)
+- operator cli plugin fix (25620cc)
+- operator cli test fixes (1d1c18f)
+- feat(test): add setup-users command for QA test user creation (b929507)
+- feat(aks): show HA standby clusters with visual grouping (8fb640c)
+- refactor(provision): extract VM provisioning to dedicated module (af321a7)
+- refactor(provision): extract post-start health checks to dedicated module (6ed5f2d)
+- fix: ping timeout 15s, fix prometheus sed escaping (d11ac14)
+- refactor(vm): extract terraform HCL generation to dedicated module (896a64b)
+- refactor(keyvault): extract key operations to dedicated module (716bbe4)
+- refactor(azure): extract swarm functions to azure-fleet-swarm.js (4690e34)
+- refactor(azure): extract SSH/remote functions to azure-ops-ssh.js (e62b8f0)
+- refactor(azure): split azure-ops.js into smaller modules (4515425)
+- feat(aks): add --ha flag for full cross-region HA setup (ece68c5)
+- feat(fops): inject ENVIRONMENT_NAME on VM provisioning (6ef2a27)
+- fix(postgres): disable SSL mode to fix connection issues (c789ae9)
+- feat(trino): add caching configuration for docker-compose (3668224)
+- fix(fops-azure): run pytest directly instead of missing scripts (29f8410)
+- add -d detach option for local frontend dev, remove hive cpu limits (3306667)
+- release 0.1.49 (dcca32b)
+- release 0.1.48 (9b195e5)
+- stash on updates (2916c01)
+- stash on updates (b5c14df)
+- stash on updates (d0453d1)
+- frontend dev fixes (0ca7b00)
+- fix: update azure test commands (77c81da)
+- default locust to CLI mode, add --web for UI (ca35bff)
+- add locust command for load testing AKS clusters (1278722)
+- update spot node pool default autoscaling to 1-20 (617c182)
+- module for aks (3dd1a61)
+- add hive to PG_SERVICE_DBS for fops pg-setup (afccb16)
+- feat(azure): enhance aks doctor with ExternalSecrets and PGSSLMODE checks (8b14861)
+- add foundation-postgres ExternalName service to reconciler (ea88e11)
+- new flux templates (0e2e372)
+- feat(azure): add storage-engine secrets to Key Vault (a4f488e)
+- feat(azure-aks): add AUTH0_DOMAIN to template rendering variables (216c37e)
+- feat(azure): add storage account creation per cluster (aa1b138)
+- bump watcher (ab24473)
+- fix: concurrent compute calls (#66) (03e2edf)
+- bump backend version (5058ff5)
+- bump fops to 0.1.44 (8c0ef5d)
+- Mlflow and azure plugin fix (176881f)
+- fix lifecycle (a2cb9e7)
+- callback url for localhost (821fb94)
+- disable 4 scaffolding plugin by default. (bfb2b76)
+- jaccard improvements (b7494a0)
+- refactor azure plugin (68dfef4)
+- refactor azure plugin (b24a008)
+- fix trino catalog missing (4928a55)
+- v36 bump and changelog generation on openai (37a0440)
+- v36 bump and changelog generation on openai (a3b02d9)
+- bump (a990058)
+- status bar fix and new plugin for ttyd (27dde1e)
+- file demo and tray (1a3e704)
+- electron app (59ad0bb)
+- compose and fops file plugin (1cf0e81)
+- bump (346ffc1)
+- localhost replaced by 127.0.0.1 (82b9f30)
+- .29 (587b0e1)
+- improve up down and bootstrap script (b79ebaf)
+- checksum (22c8086)
+- checksum (96b434f)
+- checksum (15ed3c0)
+- checksum (8a6543a)
+- bump embed trino linksg (8440504)
+- bump data (765ffd9)
+- bump (cb8b232)
+- broken tests (c532229)
+- release 0.1.18, preflight checks (d902249)
+- fix compute display bug (d10f5d9)
+- cleanup packer files (6330f18)
+- plan mode (cb36a8a)
+- bump to 0.1.16 - agent ui (41ac1a2)
+- bump to 0.1.15 - agent ui (4ebe2e1)
+- bump to 0.1.14 (6c3a7fa)
+- bump to 0.1.13 (8db570f)
+- release 0.1.12 (c1c79e5)
+- bump (11aa3b0)
+- git keep and bump tui (be1678e)
+- skills, index, rrf, compacted context (100k > 10k) (7b2fffd)
+- cloudflare and token consumption, graphs indexing (0ad9eec)
+- bump storage default (22c83ba)
+- storage fix (68a22a0)
+- skills update (7f56500)
+- v9 bump (3864446)
+- bump (c95eedc)
+- rrf (dbf8c95)
+- feat: warning when running predictions (95e8c52)
+- feat: support for local predictions (45cf26b)
+- feat: wip support for predictions + mlflow (3457052)
+- add Reciprocal Rank Fusion (RRF) to knowledge and skill retrieval (61549bc)
+- validate CSV headers in compute_run readiness check (a8c7a43)
+- fix corrupted Iceberg metadata: probe tables + force cleanup on re-apply (50578af)
+- enforce: never use foundation_apply to fix broken products (2e049bf)
+- update SKILL.md with complete tool reference for knowledge retrieval (30b1924)
+- add storage read, input DP table probe, and compute_run improvements (34e6c4c)
+- skills update (1220385)
+- skills update (bb66958)
+- some tui improvement andd tools apply overwrite (e90c35c)
+- skills update (e9227a1)
+- skills update (669c4b3)
+- fix plugin pre-flight checks (f741743)
+- increase agent context (6479aaa)
+- skills and init sql fixes (5fce35e)
+- checksum (3518b56)
+- penging job limit (a139861)
+- checksum (575d28c)
+- bump (92049ba)
+- fix bug per tab status (0a33657)
+- fix bug per tab status (50457c6)
+- checksumming (0ad842e)
+- shot af mardkwon overlapping (51f63b9)
+- add spark dockerfile for multiarch builds (95abbd1)
+- fix plugin initialization (16b9782)
+- split index.js (50902a2)
+- cloudflare cidr (cc4e021)
+- cloduflare restrictions (2f6ba2d)
+- sequential start (86b496e)
+- sequential start (4930fe1)
+- sequential start (353f014)
+- qa tests (2dc6a1a)
+- bump sha for .85 (dc2edfe)
+- preserve env on sudo (7831227)
+- bump sha for .84 (6c052f9)
+- non interactive for azure vms (0aa8a2f)
+- keep .env if present (d072450)
+- bump (7a8e732)
+- ensure opa is on compose if not set (f4a5228)
+- checksum bump (a2ccc20)
+- netrc defensive checks (a0b0ccc)
+- netrc defensive checks (ae37403)
+- checksum (ec45d11)
+- update sync and fix up (7f9af72)
+- expand test for azure and add new per app tag support (388a168)
+- checksum on update (44005fc)
+- cleanup for later (15e5313)
+- cleanup for later (11c9597)
+- switch branch feature (822fecc)
+- add pull (d1c19ab)
+- Bump hono from 4.11.9 to 4.12.0 in /operator-cli (ad25144)
+- tests (f180a9a)
+- cleanup (39c49a3)
+- registry (7b7126a)
+- reconcile kafka (832d0db)
+- gh login bug (025886c)
+- cleanup (bb96cab)
+- strip envs from process (2421180)
+- force use of gh creds not tokens in envs var (fff7787)
+- resolve import between npm installs and npm link (79522e1)
+- fix gh scope and azure states (afd846c)
+- refactoring (da50352)
+- split fops repo (d447638)
+- aks (b791f8f)
+- refactor azure (67d3bad)
+- wildcard (391f023)
+- azure plugin (c074074)
+- zap (d7e6e7f)
+- fix knock (cf89c05)
+- azure (4adec98)
+- Bump tar from 7.5.7 to 7.5.9 in /operator-cli (e41e98e)
+- azure stack index.js split (de12272)
+- Bump ajv from 8.17.1 to 8.18.0 in /operator-cli (76da21f)
+- packer (9665fbc)
+
 # Changelog
 
 All notable changes to @meshxdata/fops (Foundation Operator CLI) are documented here.
 
-## [0.1.54] - 2026-03-26
+## [0.1.56] - 2026-03-26
 
 - feat(azure): add 'fops azure reconcile <name>' command for VM drift fix (79ba6e2)
 - fix(otel,loki): remove duplicate spanmetrics dimensions, use .env for loki S3 creds (e3d1def)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@meshxdata/fops",
-  "version": "0.1.54",
+  "version": "0.1.57",
   "description": "CLI to install and manage data mesh platforms",
   "keywords": [
     "fops",
@@ -17,7 +17,6 @@
     "fops.mjs",
     "src/",
     "!src/**/*.test.js",
-    "!src/**/node_modules",
     "!scripts/",
     "README.md",
     "CHANGELOG.md"

package/src/commands/index.js

@@ -7,6 +7,7 @@ import { registerPluginCommands } from "./plugin-cmd.js";
 import { registerIntegrationCommands } from "./integration-cmd.js";
 import { registerCompletionCommand } from "./completion.js";
 import { registerEditCommands } from "./edit-cmd.js";
+import { registerK3sCommands } from "./k3s-cmd.js";
 import { configureColorHelp } from "./help.js";
 
 export function registerCommands(program, registry) {
@@ -43,5 +44,6 @@ export function registerCommands(program, registry) {
   registerPluginCommands(program, registry);
   registerIntegrationCommands(program, registry);
   registerEditCommands(program);
+  registerK3sCommands(program);
   registerCompletionCommand(program);
 }

package/src/commands/k3s-cmd.js

@@ -0,0 +1,124 @@
+import path from "node:path";
+import chalk from "chalk";
+import { requireRoot } from "../project.js";
+
+const DIM = chalk.dim;
+const OK = chalk.green;
+const ERR = chalk.red;
+const WARN = chalk.yellow;
+
+const K3S_KUBECTL = ["exec", "-e", "KUBECONFIG=/etc/rancher/k3s/k3s.yaml", "k3s-server", "kubectl"];
+const K3S_KUBECTL_I = ["exec", "-i", "-e", "KUBECONFIG=/etc/rancher/k3s/k3s.yaml", "k3s-server", "kubectl"];
+
+async function kubectlApply(execa, args) {
+  const create = await execa("docker", [
+    ...K3S_KUBECTL, "create", ...args, "--dry-run=client", "-o", "yaml",
+  ], { timeout: 15000, reject: false });
+  if (create.exitCode !== 0) throw new Error(`kubectl create failed: ${create.stderr}`);
+  const apply = await execa("docker", [
+    ...K3S_KUBECTL_I, "apply", "-f", "-",
+  ], { input: create.stdout, timeout: 15000, reject: false });
+  if (apply.exitCode !== 0) throw new Error(`kubectl apply failed: ${apply.stderr}`);
+}
+
+async function syncSecrets(root) {
+  const { execa } = await import("execa");
+  const { loadEnvFromFile } = await import("../utils/load-env.js");
+
+  // Check k3s is running
+  const { exitCode, stdout } = await execa("docker", [
+    ...K3S_KUBECTL, "get", "nodes",
+  ], { timeout: 10000, reject: false });
+  if (exitCode !== 0 || !/Ready/.test(stdout)) {
+    console.error(ERR("  k3s cluster is not reachable. Is it running?"));
+    console.error(DIM("  Start it with: fops up --k3s"));
+    return;
+  }
+
+  // Load credentials from .env (same resolution as setup-kubernetes.sh)
+  const env = loadEnvFromFile(path.join(root, ".env"));
+  const s3Id = env.BOOTSTRAP_STORAGE_ACCESS_KEY || env.AUTH_IDENTITY || "minio";
+  const s3Pw = env.BOOTSTRAP_STORAGE_SECRET_KEY || env.AUTH_CREDENTIAL || "minio123";
+
+  console.log(DIM(`  Storage credentials: ${s3Id} / ${"*".repeat(Math.min(s3Pw.length, 8))}`));
+
+  // 1. storage-secret in foundation namespace
+  console.log(DIM("  Creating storage-secret (foundation)..."));
+  await kubectlApply(execa, [
+    "secret", "generic", "storage-secret",
+    `--from-literal=ACCESS_KEY=${s3Id}`,
+    `--from-literal=SECRET_KEY=${s3Pw}`,
+    "--namespace=foundation",
+  ]);
+  console.log(OK("  ✓ storage-secret"));
+
+  // 2. foundation-storage-engine-auth in foundation namespace
+  console.log(DIM("  Creating foundation-storage-engine-auth (foundation)..."));
+  await kubectlApply(execa, [
+    "secret", "generic", "foundation-storage-engine-auth",
+    `--from-literal=AUTH_IDENTITY=${s3Id}`,
+    `--from-literal=AUTH_CREDENTIAL=${s3Pw}`,
+    "--namespace=foundation",
+  ]);
+  console.log(OK("  ✓ foundation-storage-engine-auth"));
+
+  // 3. Default storage system secret for Spark jobs
+  const sparkSecretName = "00000000-0000-0000-0000-000000000001-secret";
+  console.log(DIM(`  Creating ${sparkSecretName} (spark-jobs)...`));
+  await kubectlApply(execa, [
+    "secret", "generic", sparkSecretName,
+    `--from-literal=AWS_ACCESS_KEY_ID=${s3Id}`,
+    `--from-literal=AWS_SECRET_ACCESS_KEY=${s3Pw}`,
+    `--from-literal=AWS_SECRET_ACCESS_KEY_ID=${s3Pw}`,
+    "--from-literal=AWS_ENDPOINT_LOCATION=http://foundation-storage-engine:8080",
+    "--from-literal=AWS_REGION=me-central-1",
+    "--from-literal=MLFLOW_S3_ENDPOINT_URL=http://foundation-storage-engine:8080",
+    "--namespace=spark-jobs",
+  ]);
+
+  // Re-apply label
+  await execa("docker", [
+    ...K3S_KUBECTL, "label", "secret", sparkSecretName,
+    "foundation.io/data-system=storage",
+    "--namespace=spark-jobs", "--overwrite",
+  ], { timeout: 10000, reject: false });
+  console.log(OK(`  ✓ ${sparkSecretName} (with label)`));
+
+  console.log(OK("\n  ✓ All storage secrets synced to k3s"));
+}
+
+export function registerK3sCommands(program) {
+  const k3s = program
+    .command("k3s")
+    .description("Manage local k3s Kubernetes cluster");
+
+  k3s
+    .command("sync-secrets")
+    .description("Sync storage secrets from .env into k3s (fixes S3 AccessDenied)")
+    .action(async () => {
+      const root = requireRoot(program);
+      try {
+        await syncSecrets(root);
+      } catch (err) {
+        console.error(ERR(`  ✗ ${err.message}`));
+        process.exitCode = 1;
+      }
+    });
+
+  k3s
+    .command("exec [cmd...]")
+    .description("Run a command inside k3s (default: interactive shell)")
+    .option("-n, --namespace <ns>", "Kubernetes namespace", "spark-jobs")
+    .action(async (cmd, opts) => {
+      const { execaNode } = await import("execa");
+      const { execSync } = await import("node:child_process");
+      const args = cmd.length
+        ? [...K3S_KUBECTL, "-n", opts.namespace, ...cmd]
+        : ["exec", "-it", "-e", "KUBECONFIG=/etc/rancher/k3s/k3s.yaml", "k3s-server", "/bin/sh"];
+      try {
+        execSync(`docker ${args.map(a => a.includes(" ") ? `"${a}"` : a).join(" ")}`, { stdio: "inherit" });
+      } catch (err) {
+        if (err.status) process.exitCode = err.status;
+      }
+    });
+}

package/src/commands/lifecycle.js

@@ -562,6 +562,12 @@ async function runUp(program, registry, opts) {
       fs.writeFileSync(envPath, envContent);
       console.log(chalk.dim(`  FOUNDATION_PUBLIC_URL=${publicUrl} written to .env`));
     }
+    // Derive and set ENVIRONMENT_NAME from URL (e.g. https://staging.meshx.app → Staging)
+    const envName = publicUrl.replace(/https?:\/\//, "").split(".")[0] || "Local";
+    const environmentName = envName.charAt(0).toUpperCase() + envName.slice(1);
+    envContent = envContent.replace(/^ENVIRONMENT_NAME=.*\n?/m, "");
+    envContent = envContent.trimEnd() + `\nENVIRONMENT_NAME=${environmentName}\n`;
+    fs.writeFileSync(envPath, envContent);
   } else {
     // Local: only inject localhost fallback if not already set
     if (!/^FOUNDATION_PUBLIC_URL=/m.test(envContent)) {
@@ -577,6 +583,7 @@ async function runUp(program, registry, opts) {
   const envProfiles = (process.env.COMPOSE_PROFILES || "").split(",").map(s => s.trim()).filter(Boolean);
   const activeProfiles = new Set(envProfiles);
   if (opts.k3s) activeProfiles.add("k3s");
+  activeProfiles.add("loki");
   if (publicUrl) {
     if (opts.traefik) activeProfiles.add("traefik");
     try {

package/src/plugins/builtins/docker-compose.js

@@ -507,17 +507,12 @@ You investigate alerts, diagnose service failures, and suggest fixes. You have d
 5. **Fix**: Suggest specific actions (restart, config change, scale, rollback).
 
 ## Output Format
-Structure your response with blank lines between each section:
-
-**Status:** One-line summary (e.g. "Processor container restarting due to OOM")
-
-**Findings:** What you discovered from each tool
-
-**Root Cause:** Most likely cause
-
-**Actions:** Specific steps to fix
-
-**Prevention:** How to avoid this in the future
+Structure your response as:
+- **Status**: One-line summary (e.g. "Processor container restarting due to OOM")
+- **Findings**: What you discovered from each tool
+- **Root Cause**: Most likely cause
+- **Actions**: Specific steps to fix
+- **Prevention**: How to avoid this in the future
 
 ## Rules
 - Always check compose_ps first.
@@ -526,8 +521,7 @@ Structure your response with blank lines between each section:
 - If a dependency is down (postgres, kafka), flag it — fixing the dependency fixes the dependent.
 - Be concise — this output goes into a Glue chat thread.
 - Never suggest 'docker compose down' — prefer targeted restarts.
-- After restarting, verify with compose_ps.
-- IMPORTANT: Always put a blank line between sections in your response so they render as separate paragraphs.`,
+- After restarting, verify with compose_ps.`,
     });
 
     // ── Doctor check: Trivy ───────────────────────────────────────────

package/src/plugins/bundled/fops-plugin-azure/lib/azure-openai.js

@@ -55,9 +55,6 @@ async function ensureAzAuth(execa, { subscription } = {}) {
 /** Resolve Foundation project root (directory with docker-compose). Exported for use by azure agent sync. */
 export function findProjectRoot() {
   const cwd = process.cwd();
-  if (process.env.FOUNDATION_ROOT && fs.existsSync(process.env.FOUNDATION_ROOT)) {
-    return path.resolve(process.env.FOUNDATION_ROOT);
-  }
   try {
     const cfgPath = path.join(process.env.HOME || process.env.USERPROFILE || "", ".fops.json");
     if (fs.existsSync(cfgPath)) {

package/src/plugins/bundled/fops-plugin-azure/lib/commands/vm-cmds.js

@@ -263,7 +263,7 @@ export function registerVmCommands(azure, api, registry) {
       if (opts.dai) opts.k3s = true;
       const {
         lazyExeca, ensureAzCli, ensureAzAuth, resolveGithubToken, verifyGithubToken,
-        reconcileVm, DEFAULTS,
+        reconcileVm, DEFAULTS, buildDefaultUrl,
       } = await import("../azure.js");
       const { resolveCfToken } = await import("../cloudflare.js");
       const { readVmState, writeVmState } = await import("../azure-state.js");
@@ -279,7 +279,10 @@ export function registerVmCommands(azure, api, registry) {
         process.exit(1);
       }
       const rg = tracked.resourceGroup;
-      const desiredUrl = opts.url || tracked.publicUrl;
+      const storedUrl = tracked.publicUrl;
+      // If the stored URL is IP-based, prefer the default domain-based URL
+      const isIpUrl = storedUrl && /^https?:\/\/\d+\.\d+\.\d+\.\d+/.test(storedUrl);
+      const desiredUrl = opts.url || (isIpUrl ? buildDefaultUrl(name) : storedUrl);
       const cfToken = resolveCfToken(opts.cfToken);
       const { publicIp, publicUrl, rg: actualRg } = await reconcileVm(execa, {
         vmName: name, rg, sub, subId, location: tracked.location || DEFAULTS.location,

package/src/plugins/bundled/fops-plugin-cloud/api.js

@@ -333,6 +333,20 @@ export function createCloudApi(registry) {
     return c.json(providers);
   });
 
+  // ── VM Sizes ────────────────────────────────────────────
+
+  app.get("/vm-sizes", (c) => {
+    return c.json([
+      "Standard_D4s_v5",
+      "Standard_D8s_v5",
+      "Standard_D16s_v5",
+      "Standard_D32s_v5",
+      "Standard_D48s_v5",
+      "Standard_D64s_v5",
+      "Standard_D96s_v5",
+    ]);
+  });
+
   // ── Resources ───────────────────────────────────────────
 
   app.get("/resources", async (c) => {

package/src/project.js

@@ -32,8 +32,8 @@ function saveProjectRoot(root) {
   const configPath = path.join(os.homedir(), ".fops.json");
   let config = {};
   try { config = JSON.parse(fs.readFileSync(configPath, "utf8")); } catch {}
-  if (config.projectRoot === root) return; // already saved
-  config.projectRoot = root;
+  if (config.foundationRoot === root || config.projectRoot === root) return; // already saved
+  config.foundationRoot = root;
   try {
     fs.mkdirSync(path.dirname(configPath), { recursive: true });
     fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
@@ -41,14 +41,19 @@ function saveProjectRoot(root) {
 }
 
 export function rootDir(cwd = process.cwd()) {
+
+  // Check FOUNDATION_ROOT env var first (explicit override)
   const envRoot = process.env.FOUNDATION_ROOT;
-  if (envRoot && fs.existsSync(envRoot)) return path.resolve(envRoot);
+  if (envRoot && isFoundationRoot(envRoot)) {
+    return path.resolve(envRoot);
+  }
 
-  // Check ~/.fops.json for saved project root
+  // Check ~/.fops.json for saved project root (projectRoot or foundationRoot)
   try {
     const fopsConfig = JSON.parse(fs.readFileSync(path.join(os.homedir(), ".fops.json"), "utf8"));
-    if (fopsConfig.projectRoot && isFoundationRoot(fopsConfig.projectRoot)) {
-      return path.resolve(fopsConfig.projectRoot);
+    const configRoot = fopsConfig.foundationRoot || fopsConfig.projectRoot;
+    if (configRoot && isFoundationRoot(configRoot)) {
+      return path.resolve(configRoot);
     }
   } catch {}
 
@@ -104,7 +109,7 @@ export function requireRoot(program) {
     console.error(
       chalk.red("Not a Foundation project (no docker-compose + Makefile).")
     );
-    console.error(chalk.dim("  Run `fops init` to set up, or set FOUNDATION_ROOT."));
+    console.error(chalk.dim("  Run `fops init` to set up, or run from the foundation-compose directory."));
     program.error("", { exitCode: 1 });
   }
   return r;

package/src/plugins/bundled/fops-plugin-cloud/ui/postcss.config.cjs

@@ -1,5 +0,0 @@
-module.exports = {
-  plugins: {
-    "@tailwindcss/postcss": {},
-  },
-};

package/src/plugins/bundled/fops-plugin-cloud/ui/src/App.jsx

@@ -1,32 +0,0 @@
-import React, { useEffect } from "react";
-import { Routes, Route, useLocation } from "react-router-dom";
-
-import "./css/style.css";
-
-import Resources from "./pages/Resources";
-import CreateResource from "./pages/CreateResource";
-import Fleet from "./pages/Fleet";
-import Costs from "./pages/Costs";
-import Audit from "./pages/Audit";
-
-function App() {
-  const location = useLocation();
-
-  useEffect(() => {
-    document.querySelector("html").style.scrollBehavior = "auto";
-    window.scroll({ top: 0 });
-    document.querySelector("html").style.scrollBehavior = "";
-  }, [location.pathname]);
-
-  return (
-    <Routes>
-      <Route exact path="/" element={<Resources />} />
-      <Route path="/resources/new" element={<CreateResource />} />
-      <Route path="/fleet" element={<Fleet />} />
-      <Route path="/costs" element={<Costs />} />
-      <Route path="/audit" element={<Audit />} />
-    </Routes>
-  );
-}
-
-export default App;

package/src/plugins/bundled/fops-plugin-cloud/ui/src/api/client.js

@@ -1,114 +0,0 @@
-const BASE = "/cloud/api";
-
-// Token getter — set by AuthContext once Auth0 is initialized
-let _getToken = null;
-
-export function setTokenGetter(fn) {
-  _getToken = fn;
-}
-
-async function authHeaders(extra = {}) {
-  if (!_getToken) return extra;
-  try {
-    const token = await _getToken();
-    return { ...extra, Authorization: `Bearer ${token}` };
-  } catch {
-    return extra;
-  }
-}
-
-export async function apiFetch(path, opts = {}) {
-  const headers = await authHeaders({ "Content-Type": "application/json", ...opts.headers });
-  const res = await fetch(`${BASE}${path}`, { ...opts, headers });
-  if (!res.ok) {
-    const body = await res.json().catch(() => ({}));
-    throw new Error(body.error || `HTTP ${res.status}`);
-  }
-  return res.json();
-}
-
-/**
- * Make a streaming POST/DELETE request and call onLine for each SSE event.
- * Returns the final result from the "done" event, or throws on "error".
- */
-export async function apiStream(path, { method = "POST", body, onLine, onJobId } = {}) {
-  const headers = await authHeaders({ "Content-Type": "application/json" });
-  const res = await fetch(`${BASE}${path}`, {
-    method,
-    headers,
-    body: body ? JSON.stringify(body) : undefined,
-  });
-
-  if (!res.ok) {
-    const err = await res.json().catch(() => ({}));
-    throw new Error(err.error || `HTTP ${res.status}`);
-  }
-
-  const reader = res.body.getReader();
-  const decoder = new TextDecoder();
-  let buffer = "";
-  let finalResult = null;
-  let finalError = null;
-
-  while (true) {
-    const { done, value } = await reader.read();
-    if (done) break;
-    buffer += decoder.decode(value, { stream: true });
-
-    const lines = buffer.split("\n");
-    buffer = lines.pop();
-
-    for (const line of lines) {
-      if (!line.startsWith("data: ")) continue;
-      try {
-        const evt = JSON.parse(line.slice(6));
-        if (evt.type === "job") {
-          onJobId?.(evt.jobId);
-        } else if (evt.type === "done") {
-          finalResult = evt.result;
-          onLine?.("\u2713 Operation complete", "done");
-        } else if (evt.type === "error" && !evt.text?.startsWith("  ")) {
-          finalError = evt.text;
-        } else if (evt.type === "log" || evt.type === "error") {
-          onLine?.(evt.text, evt.type);
-        }
-      } catch { /* ignore */ }
-    }
-  }
-
-  if (finalError) throw new Error(finalError);
-  return finalResult;
-}
-
-/**
- * Poll a job's buffered logs for reconnection after page reload.
- */
-export async function pollJob(jobId, onLine) {
-  let offset = 0;
-
-  while (true) {
-    const headers = await authHeaders();
-    const res = await fetch(`${BASE}/jobs/${jobId}?since=${offset}`, { headers });
-    if (!res.ok) {
-      if (res.status === 404) throw new Error("Job not found \u2014 it may have expired");
-      throw new Error(`HTTP ${res.status}`);
-    }
-
-    const data = await res.json();
-
-    for (const log of data.logs) {
-      onLine?.(log.text, log.type);
-    }
-    offset = data.offset + data.logs.length;
-
-    if (data.status === "done") {
-      onLine?.("\u2713 Operation complete", "done");
-      return { status: "done", result: data.result };
-    }
-    if (data.status === "error") {
-      return { status: "error", error: data.error };
-    }
-
-    await new Promise((r) => setTimeout(r, 1000));
-  }
-}