@meshxdata/fops 0.1.55 → 0.1.57

package/CHANGELOG.md

@@ -1,5 +1,7 @@
-## [0.1.55] - 2026-03-26
+## [0.1.57] - 2026-03-26
 
+- restore all missing services (pgpool, exporters, grafana, etc), add loki to k3s profile, always activate loki profile in fops up (4e2744a)
+- fix: grafana alert-rules provisioning, ENVIRONMENT_NAME from --url, k3s secret sync, vm-sizes endpoint, project root resolution (9839052)
 - feat(azure): add 'fops azure reconcile <name>' command for VM drift fix (79ba6e2)
 - fix(otel,loki): remove duplicate spanmetrics dimensions, use .env for loki S3 creds (e3d1def)
 - fix(loki): pass S3 credentials from .env so loki works without vault-init (c57906d)
@@ -178,14 +180,12 @@
 - azure stack index.js split (de12272)
 - Bump ajv from 8.17.1 to 8.18.0 in /operator-cli (76da21f)
 - packer (9665fbc)
-- remove stack api (db0fd4d)
-- packer cleanup (fe1bf14)
 
 # Changelog
 
 All notable changes to @meshxdata/fops (Foundation Operator CLI) are documented here.
 
-## [0.1.54] - 2026-03-26
+## [0.1.56] - 2026-03-26
 
 - feat(azure): add 'fops azure reconcile <name>' command for VM drift fix (79ba6e2)
 - fix(otel,loki): remove duplicate spanmetrics dimensions, use .env for loki S3 creds (e3d1def)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@meshxdata/fops",
-  "version": "0.1.55",
+  "version": "0.1.57",
   "description": "CLI to install and manage data mesh platforms",
   "keywords": [
     "fops",
@@ -17,7 +17,6 @@
     "fops.mjs",
     "src/",
     "!src/**/*.test.js",
-    "!src/**/node_modules",
     "!scripts/",
     "README.md",
     "CHANGELOG.md"

package/src/commands/index.js

@@ -7,6 +7,7 @@ import { registerPluginCommands } from "./plugin-cmd.js";
 import { registerIntegrationCommands } from "./integration-cmd.js";
 import { registerCompletionCommand } from "./completion.js";
 import { registerEditCommands } from "./edit-cmd.js";
+import { registerK3sCommands } from "./k3s-cmd.js";
 import { configureColorHelp } from "./help.js";
 
 export function registerCommands(program, registry) {
@@ -43,5 +44,6 @@ export function registerCommands(program, registry) {
   registerPluginCommands(program, registry);
   registerIntegrationCommands(program, registry);
   registerEditCommands(program);
+  registerK3sCommands(program);
   registerCompletionCommand(program);
 }

package/src/commands/k3s-cmd.js

@@ -0,0 +1,124 @@
+import path from "node:path";
+import chalk from "chalk";
+import { requireRoot } from "../project.js";
+
+const DIM = chalk.dim;
+const OK = chalk.green;
+const ERR = chalk.red;
+const WARN = chalk.yellow;
+
+const K3S_KUBECTL = ["exec", "-e", "KUBECONFIG=/etc/rancher/k3s/k3s.yaml", "k3s-server", "kubectl"];
+const K3S_KUBECTL_I = ["exec", "-i", "-e", "KUBECONFIG=/etc/rancher/k3s/k3s.yaml", "k3s-server", "kubectl"];
+
+async function kubectlApply(execa, args) {
+  const create = await execa("docker", [
+    ...K3S_KUBECTL, "create", ...args, "--dry-run=client", "-o", "yaml",
+  ], { timeout: 15000, reject: false });
+  if (create.exitCode !== 0) throw new Error(`kubectl create failed: ${create.stderr}`);
+  const apply = await execa("docker", [
+    ...K3S_KUBECTL_I, "apply", "-f", "-",
+  ], { input: create.stdout, timeout: 15000, reject: false });
+  if (apply.exitCode !== 0) throw new Error(`kubectl apply failed: ${apply.stderr}`);
+}
+
+async function syncSecrets(root) {
+  const { execa } = await import("execa");
+  const { loadEnvFromFile } = await import("../utils/load-env.js");
+
+  // Check k3s is running
+  const { exitCode, stdout } = await execa("docker", [
+    ...K3S_KUBECTL, "get", "nodes",
+  ], { timeout: 10000, reject: false });
+  if (exitCode !== 0 || !/Ready/.test(stdout)) {
+    console.error(ERR("  k3s cluster is not reachable. Is it running?"));
+    console.error(DIM("  Start it with: fops up --k3s"));
+    return;
+  }
+
+  // Load credentials from .env (same resolution as setup-kubernetes.sh)
+  const env = loadEnvFromFile(path.join(root, ".env"));
+  const s3Id = env.BOOTSTRAP_STORAGE_ACCESS_KEY || env.AUTH_IDENTITY || "minio";
+  const s3Pw = env.BOOTSTRAP_STORAGE_SECRET_KEY || env.AUTH_CREDENTIAL || "minio123";
+
+  console.log(DIM(`  Storage credentials: ${s3Id} / ${"*".repeat(Math.min(s3Pw.length, 8))}`));
+
+  // 1. storage-secret in foundation namespace
+  console.log(DIM("  Creating storage-secret (foundation)..."));
+  await kubectlApply(execa, [
+    "secret", "generic", "storage-secret",
+    `--from-literal=ACCESS_KEY=${s3Id}`,
+    `--from-literal=SECRET_KEY=${s3Pw}`,
+    "--namespace=foundation",
+  ]);
+  console.log(OK("  ✓ storage-secret"));
+
+  // 2. foundation-storage-engine-auth in foundation namespace
+  console.log(DIM("  Creating foundation-storage-engine-auth (foundation)..."));
+  await kubectlApply(execa, [
+    "secret", "generic", "foundation-storage-engine-auth",
+    `--from-literal=AUTH_IDENTITY=${s3Id}`,
+    `--from-literal=AUTH_CREDENTIAL=${s3Pw}`,
+    "--namespace=foundation",
+  ]);
+  console.log(OK("  ✓ foundation-storage-engine-auth"));
+
+  // 3. Default storage system secret for Spark jobs
+  const sparkSecretName = "00000000-0000-0000-0000-000000000001-secret";
+  console.log(DIM(`  Creating ${sparkSecretName} (spark-jobs)...`));
+  await kubectlApply(execa, [
+    "secret", "generic", sparkSecretName,
+    `--from-literal=AWS_ACCESS_KEY_ID=${s3Id}`,
+    `--from-literal=AWS_SECRET_ACCESS_KEY=${s3Pw}`,
+    `--from-literal=AWS_SECRET_ACCESS_KEY_ID=${s3Pw}`,
+    "--from-literal=AWS_ENDPOINT_LOCATION=http://foundation-storage-engine:8080",
+    "--from-literal=AWS_REGION=me-central-1",
+    "--from-literal=MLFLOW_S3_ENDPOINT_URL=http://foundation-storage-engine:8080",
+    "--namespace=spark-jobs",
+  ]);
+
+  // Re-apply label
+  await execa("docker", [
+    ...K3S_KUBECTL, "label", "secret", sparkSecretName,
+    "foundation.io/data-system=storage",
+    "--namespace=spark-jobs", "--overwrite",
+  ], { timeout: 10000, reject: false });
+  console.log(OK(`  ✓ ${sparkSecretName} (with label)`));
+
+  console.log(OK("\n  ✓ All storage secrets synced to k3s"));
+}
+
+export function registerK3sCommands(program) {
+  const k3s = program
+    .command("k3s")
+    .description("Manage local k3s Kubernetes cluster");
+
+  k3s
+    .command("sync-secrets")
+    .description("Sync storage secrets from .env into k3s (fixes S3 AccessDenied)")
+    .action(async () => {
+      const root = requireRoot(program);
+      try {
+        await syncSecrets(root);
+      } catch (err) {
+        console.error(ERR(`  ✗ ${err.message}`));
+        process.exitCode = 1;
+      }
+    });
+
+  k3s
+    .command("exec [cmd...]")
+    .description("Run a command inside k3s (default: interactive shell)")
+    .option("-n, --namespace <ns>", "Kubernetes namespace", "spark-jobs")
+    .action(async (cmd, opts) => {
+      const { execaNode } = await import("execa");
+      const { execSync } = await import("node:child_process");
+      const args = cmd.length
+        ? [...K3S_KUBECTL, "-n", opts.namespace, ...cmd]
+        : ["exec", "-it", "-e", "KUBECONFIG=/etc/rancher/k3s/k3s.yaml", "k3s-server", "/bin/sh"];
+      try {
+        execSync(`docker ${args.map(a => a.includes(" ") ? `"${a}"` : a).join(" ")}`, { stdio: "inherit" });
+      } catch (err) {
+        if (err.status) process.exitCode = err.status;
+      }
+    });
+}

package/src/commands/lifecycle.js

@@ -562,6 +562,12 @@ async function runUp(program, registry, opts) {
       fs.writeFileSync(envPath, envContent);
       console.log(chalk.dim(`  FOUNDATION_PUBLIC_URL=${publicUrl} written to .env`));
     }
+    // Derive and set ENVIRONMENT_NAME from URL (e.g. https://staging.meshx.app → Staging)
+    const envName = publicUrl.replace(/https?:\/\//, "").split(".")[0] || "Local";
+    const environmentName = envName.charAt(0).toUpperCase() + envName.slice(1);
+    envContent = envContent.replace(/^ENVIRONMENT_NAME=.*\n?/m, "");
+    envContent = envContent.trimEnd() + `\nENVIRONMENT_NAME=${environmentName}\n`;
+    fs.writeFileSync(envPath, envContent);
   } else {
     // Local: only inject localhost fallback if not already set
     if (!/^FOUNDATION_PUBLIC_URL=/m.test(envContent)) {
@@ -577,6 +583,7 @@ async function runUp(program, registry, opts) {
   const envProfiles = (process.env.COMPOSE_PROFILES || "").split(",").map(s => s.trim()).filter(Boolean);
   const activeProfiles = new Set(envProfiles);
   if (opts.k3s) activeProfiles.add("k3s");
+  activeProfiles.add("loki");
   if (publicUrl) {
     if (opts.traefik) activeProfiles.add("traefik");
     try {

package/src/plugins/builtins/docker-compose.js

@@ -486,60 +486,42 @@ You manage Docker Compose stacks: inspect containers, read logs, restart service
 ## Role
 You investigate alerts, diagnose service failures, and suggest fixes. You have direct access to Docker containers, logs, and system metrics. You are called by the Glue bot when monitoring alerts fire.
 
-## CRITICAL: Always Use Tools — Never Guess
-You MUST use your tools to investigate. NEVER give generic checklists or ask the user to check things manually.
-- Don't say "check the logs for X" — run compose_logs and find X yourself.
-- Don't say "verify auth config" — run compose_inspect or compose_exec to read the actual config.
-- Don't say "correlate with metrics" — run compose_stats and report the numbers.
-- If you need to grep logs, use compose_exec with grep/jq inside the container.
-- Every finding in your response must be backed by tool output, not speculation.
-
 ## Tools Available
 - **compose_ps**: List all containers and their status (start here)
-- **compose_logs**: Read container logs (check for errors, crashes, OOM). Use the tail parameter to get recent logs, and grep for specific patterns.
+- **compose_logs**: Read container logs (check for errors, crashes, OOM)
 - **compose_inspect**: Get container details (health checks, env vars, mounts, restarts)
 - **compose_stats**: CPU/memory/network usage per container
-- **compose_exec**: Run commands inside containers (e.g. grep logs, check disk, curl endpoints, read config files, test connectivity)
+- **compose_exec**: Run commands inside containers (e.g. check disk, network, processes)
 - **compose_images**: List images and versions
-- **compose_restart**: Restart specific services (only after diagnosing the issue)
+- **compose_restart**: Restart specific services
 - **embeddings_search**: Search docs, configs, and past knowledge for context
 
 ## Investigation Approach
 1. **Triage**: Run compose_ps to see overall stack health. Identify unhealthy/restarting containers.
-2. **Deep dive**: For each affected container, use MULTIPLE tools:
-   - compose_logs with tail=200 to find errors, then grep for specific patterns (4xx, 5xx, OOM, connection refused, timeout)
-   - compose_exec to grep logs for specific status codes: e.g. grep -c "HTTP/1.1 4" or check config files
-   - compose_inspect for health check failures, restart count, resource limits, env vars
-   - compose_stats for CPU/memory — report actual numbers (e.g. "backend: 450MB/512MB, 85% memory")
-3. **Correlate**: If you see errors, trace them to the root service. Check dependencies (postgres, kafka, storage-engine).
-4. **Root cause**: State the specific cause with evidence from tool output.
-5. **Fix**: Take action if safe (restart a crashed container) or give a specific command to run.
+2. **Diagnose**: For each affected container:
+   - compose_logs to find errors, exceptions, OOM kills, crash traces
+   - compose_inspect for health check failures, restart count, resource limits
+   - compose_stats for CPU/memory spikes
+3. **Context**: Use embeddings_search to find relevant docs or known issues.
+4. **Root cause**: Correlate findings — is it a code bug, resource exhaustion, dependency failure, config issue?
+5. **Fix**: Suggest specific actions (restart, config change, scale, rollback).
 
 ## Output Format
-Structure your response with blank lines between each section:
-
-**Status:** One-line summary (e.g. "Processor container restarting due to OOM")
-
-**Findings:** Specific evidence from tools (include actual log lines, numbers, status codes)
-
-**Root Cause:** Most likely cause, backed by evidence
-
-**Actions:** Specific steps to fix (commands, not vague suggestions)
-
-**Prevention:** How to avoid this in the future
+Structure your response as:
+- **Status**: One-line summary (e.g. "Processor container restarting due to OOM")
+- **Findings**: What you discovered from each tool
+- **Root Cause**: Most likely cause
+- **Actions**: Specific steps to fix
+- **Prevention**: How to avoid this in the future
 
 ## Rules
 - Always check compose_ps first.
-- USE TOOLS AGGRESSIVELY. Run 5-10 tool calls per investigation, not 1-2.
 - Check logs BEFORE suggesting restarts.
-- When investigating HTTP errors: grep the actual logs for status codes and show the top error endpoints.
-- When investigating performance: show actual CPU/memory numbers from compose_stats.
 - Look for patterns: repeated restarts, OOM kills, connection refused, timeout errors.
 - If a dependency is down (postgres, kafka), flag it — fixing the dependency fixes the dependent.
 - Be concise — this output goes into a Glue chat thread.
 - Never suggest 'docker compose down' — prefer targeted restarts.
-- After restarting, verify with compose_ps.
-- IMPORTANT: Always put a blank line between sections in your response so they render as separate paragraphs.`,
+- After restarting, verify with compose_ps.`,
     });
 
     // ── Doctor check: Trivy ───────────────────────────────────────────

package/src/plugins/bundled/fops-plugin-azure/lib/azure-openai.js

@@ -55,9 +55,6 @@ async function ensureAzAuth(execa, { subscription } = {}) {
 /** Resolve Foundation project root (directory with docker-compose). Exported for use by azure agent sync. */
 export function findProjectRoot() {
   const cwd = process.cwd();
-  if (process.env.FOUNDATION_ROOT && fs.existsSync(process.env.FOUNDATION_ROOT)) {
-    return path.resolve(process.env.FOUNDATION_ROOT);
-  }
   try {
     const cfgPath = path.join(process.env.HOME || process.env.USERPROFILE || "", ".fops.json");
     if (fs.existsSync(cfgPath)) {

package/src/plugins/bundled/fops-plugin-azure/lib/commands/vm-cmds.js

@@ -263,7 +263,7 @@ export function registerVmCommands(azure, api, registry) {
       if (opts.dai) opts.k3s = true;
       const {
         lazyExeca, ensureAzCli, ensureAzAuth, resolveGithubToken, verifyGithubToken,
-        reconcileVm, DEFAULTS,
+        reconcileVm, DEFAULTS, buildDefaultUrl,
       } = await import("../azure.js");
       const { resolveCfToken } = await import("../cloudflare.js");
       const { readVmState, writeVmState } = await import("../azure-state.js");
@@ -279,7 +279,10 @@ export function registerVmCommands(azure, api, registry) {
         process.exit(1);
       }
       const rg = tracked.resourceGroup;
-      const desiredUrl = opts.url || tracked.publicUrl;
+      const storedUrl = tracked.publicUrl;
+      // If the stored URL is IP-based, prefer the default domain-based URL
+      const isIpUrl = storedUrl && /^https?:\/\/\d+\.\d+\.\d+\.\d+/.test(storedUrl);
+      const desiredUrl = opts.url || (isIpUrl ? buildDefaultUrl(name) : storedUrl);
       const cfToken = resolveCfToken(opts.cfToken);
       const { publicIp, publicUrl, rg: actualRg } = await reconcileVm(execa, {
         vmName: name, rg, sub, subId, location: tracked.location || DEFAULTS.location,

package/src/plugins/bundled/fops-plugin-cloud/api.js

@@ -333,6 +333,20 @@ export function createCloudApi(registry) {
     return c.json(providers);
   });
 
+  // ── VM Sizes ────────────────────────────────────────────
+
+  app.get("/vm-sizes", (c) => {
+    return c.json([
+      "Standard_D4s_v5",
+      "Standard_D8s_v5",
+      "Standard_D16s_v5",
+      "Standard_D32s_v5",
+      "Standard_D48s_v5",
+      "Standard_D64s_v5",
+      "Standard_D96s_v5",
+    ]);
+  });
+
   // ── Resources ───────────────────────────────────────────
 
   app.get("/resources", async (c) => {

package/src/project.js

@@ -32,8 +32,8 @@ function saveProjectRoot(root) {
   const configPath = path.join(os.homedir(), ".fops.json");
   let config = {};
   try { config = JSON.parse(fs.readFileSync(configPath, "utf8")); } catch {}
-  if (config.projectRoot === root) return; // already saved
-  config.projectRoot = root;
+  if (config.foundationRoot === root || config.projectRoot === root) return; // already saved
+  config.foundationRoot = root;
   try {
     fs.mkdirSync(path.dirname(configPath), { recursive: true });
     fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
@@ -41,14 +41,19 @@ function saveProjectRoot(root) {
 }
 
 export function rootDir(cwd = process.cwd()) {
+
+  // Check FOUNDATION_ROOT env var first (explicit override)
   const envRoot = process.env.FOUNDATION_ROOT;
-  if (envRoot && fs.existsSync(envRoot)) return path.resolve(envRoot);
+  if (envRoot && isFoundationRoot(envRoot)) {
+    return path.resolve(envRoot);
+  }
 
-  // Check ~/.fops.json for saved project root
+  // Check ~/.fops.json for saved project root (projectRoot or foundationRoot)
   try {
     const fopsConfig = JSON.parse(fs.readFileSync(path.join(os.homedir(), ".fops.json"), "utf8"));
-    if (fopsConfig.projectRoot && isFoundationRoot(fopsConfig.projectRoot)) {
-      return path.resolve(fopsConfig.projectRoot);
+    const configRoot = fopsConfig.foundationRoot || fopsConfig.projectRoot;
+    if (configRoot && isFoundationRoot(configRoot)) {
+      return path.resolve(configRoot);
     }
   } catch {}
 
@@ -104,7 +109,7 @@ export function requireRoot(program) {
     console.error(
       chalk.red("Not a Foundation project (no docker-compose + Makefile).")
     );
-    console.error(chalk.dim("  Run `fops init` to set up, or set FOUNDATION_ROOT."));
+    console.error(chalk.dim("  Run `fops init` to set up, or run from the foundation-compose directory."));
     program.error("", { exitCode: 1 });
   }
   return r;

package/src/plugins/bundled/fops-plugin-cloud/ui/postcss.config.cjs

@@ -1,5 +0,0 @@
-module.exports = {
-  plugins: {
-    "@tailwindcss/postcss": {},
-  },
-};

package/src/plugins/bundled/fops-plugin-cloud/ui/src/App.jsx

@@ -1,32 +0,0 @@
-import React, { useEffect } from "react";
-import { Routes, Route, useLocation } from "react-router-dom";
-
-import "./css/style.css";
-
-import Resources from "./pages/Resources";
-import CreateResource from "./pages/CreateResource";
-import Fleet from "./pages/Fleet";
-import Costs from "./pages/Costs";
-import Audit from "./pages/Audit";
-
-function App() {
-  const location = useLocation();
-
-  useEffect(() => {
-    document.querySelector("html").style.scrollBehavior = "auto";
-    window.scroll({ top: 0 });
-    document.querySelector("html").style.scrollBehavior = "";
-  }, [location.pathname]);
-
-  return (
-    <Routes>
-      <Route exact path="/" element={<Resources />} />
-      <Route path="/resources/new" element={<CreateResource />} />
-      <Route path="/fleet" element={<Fleet />} />
-      <Route path="/costs" element={<Costs />} />
-      <Route path="/audit" element={<Audit />} />
-    </Routes>
-  );
-}
-
-export default App;

package/src/plugins/bundled/fops-plugin-cloud/ui/src/api/client.js

@@ -1,114 +0,0 @@
-const BASE = "/cloud/api";
-
-// Token getter — set by AuthContext once Auth0 is initialized
-let _getToken = null;
-
-export function setTokenGetter(fn) {
-  _getToken = fn;
-}
-
-async function authHeaders(extra = {}) {
-  if (!_getToken) return extra;
-  try {
-    const token = await _getToken();
-    return { ...extra, Authorization: `Bearer ${token}` };
-  } catch {
-    return extra;
-  }
-}
-
-export async function apiFetch(path, opts = {}) {
-  const headers = await authHeaders({ "Content-Type": "application/json", ...opts.headers });
-  const res = await fetch(`${BASE}${path}`, { ...opts, headers });
-  if (!res.ok) {
-    const body = await res.json().catch(() => ({}));
-    throw new Error(body.error || `HTTP ${res.status}`);
-  }
-  return res.json();
-}
-
-/**
- * Make a streaming POST/DELETE request and call onLine for each SSE event.
- * Returns the final result from the "done" event, or throws on "error".
- */
-export async function apiStream(path, { method = "POST", body, onLine, onJobId } = {}) {
-  const headers = await authHeaders({ "Content-Type": "application/json" });
-  const res = await fetch(`${BASE}${path}`, {
-    method,
-    headers,
-    body: body ? JSON.stringify(body) : undefined,
-  });
-
-  if (!res.ok) {
-    const err = await res.json().catch(() => ({}));
-    throw new Error(err.error || `HTTP ${res.status}`);
-  }
-
-  const reader = res.body.getReader();
-  const decoder = new TextDecoder();
-  let buffer = "";
-  let finalResult = null;
-  let finalError = null;
-
-  while (true) {
-    const { done, value } = await reader.read();
-    if (done) break;
-    buffer += decoder.decode(value, { stream: true });
-
-    const lines = buffer.split("\n");
-    buffer = lines.pop();
-
-    for (const line of lines) {
-      if (!line.startsWith("data: ")) continue;
-      try {
-        const evt = JSON.parse(line.slice(6));
-        if (evt.type === "job") {
-          onJobId?.(evt.jobId);
-        } else if (evt.type === "done") {
-          finalResult = evt.result;
-          onLine?.("\u2713 Operation complete", "done");
-        } else if (evt.type === "error" && !evt.text?.startsWith("  ")) {
-          finalError = evt.text;
-        } else if (evt.type === "log" || evt.type === "error") {
-          onLine?.(evt.text, evt.type);
-        }
-      } catch { /* ignore */ }
-    }
-  }
-
-  if (finalError) throw new Error(finalError);
-  return finalResult;
-}
-
-/**
- * Poll a job's buffered logs for reconnection after page reload.
- */
-export async function pollJob(jobId, onLine) {
-  let offset = 0;
-
-  while (true) {
-    const headers = await authHeaders();
-    const res = await fetch(`${BASE}/jobs/${jobId}?since=${offset}`, { headers });
-    if (!res.ok) {
-      if (res.status === 404) throw new Error("Job not found \u2014 it may have expired");
-      throw new Error(`HTTP ${res.status}`);
-    }
-
-    const data = await res.json();
-
-    for (const log of data.logs) {
-      onLine?.(log.text, log.type);
-    }
-    offset = data.offset + data.logs.length;
-
-    if (data.status === "done") {
-      onLine?.("\u2713 Operation complete", "done");
-      return { status: "done", result: data.result };
-    }
-    if (data.status === "error") {
-      return { status: "error", error: data.error };
-    }
-
-    await new Promise((r) => setTimeout(r, 1000));
-  }
-}

package/src/plugins/bundled/fops-plugin-cloud/ui/src/api/queries.js

@@ -1,111 +0,0 @@
-import { useQuery, useMutation, useQueryClient } from "@tanstack/react-query";
-import { apiFetch, apiStream } from "./client";
-
-export function useResources() {
-  return useQuery({ queryKey: ["resources"], queryFn: () => apiFetch("/resources") });
-}
-
-export function useHealth() {
-  return useQuery({ queryKey: ["health"], queryFn: () => apiFetch("/health") });
-}
-
-export function useCosts(days = 30) {
-  return useQuery({
-    queryKey: ["costs", days],
-    queryFn: () => apiFetch(`/costs?days=${days}`),
-    staleTime: 5 * 60 * 1000, // cache for 5 minutes — cost queries are slow
-  });
-}
-
-export function useFleet() {
-  return useQuery({ queryKey: ["fleet"], queryFn: () => apiFetch("/fleet") });
-}
-
-export function useAudit() {
-  return useQuery({ queryKey: ["audit"], queryFn: () => apiFetch("/audit"), staleTime: 300_000 });
-}
-
-/**
- * Streaming mutations — accept an onLine callback to show live output.
- */
-
-export function useSyncResources() {
-  const qc = useQueryClient();
-  return useMutation({
-    mutationFn: ({ onLine } = {}) =>
-      apiStream("/sync", { onLine }),
-    onSuccess: () => {
-      qc.invalidateQueries({ queryKey: ["resources"] });
-      qc.invalidateQueries({ queryKey: ["fleet"] });
-      qc.invalidateQueries({ queryKey: ["health"] });
-    },
-  });
-}
-
-export function useResourceAction() {
-  const qc = useQueryClient();
-  return useMutation({
-    mutationFn: ({ type, name, action, onLine }) =>
-      apiStream(`/resources/${type}/${name}/${action}`, { onLine }),
-    onSuccess: () => qc.invalidateQueries({ queryKey: ["resources"] }),
-  });
-}
-
-export function useDeleteResource() {
-  const qc = useQueryClient();
-  return useMutation({
-    mutationFn: ({ type, name, onLine }) =>
-      apiStream(`/resources/${type}/${name}`, { method: "DELETE", onLine }),
-    onSuccess: () => qc.invalidateQueries({ queryKey: ["resources"] }),
-  });
-}
-
-export function useFeatureFlags(vmName) {
-  return useQuery({
-    queryKey: ["flags", vmName],
-    queryFn: () => apiFetch(`/flags/${vmName}`),
-    enabled: !!vmName,
-  });
-}
-
-export function useSetFeatureFlags() {
-  const qc = useQueryClient();
-  return useMutation({
-    mutationFn: ({ vmName, flags, onLine }) =>
-      apiStream(`/flags/${vmName}`, { body: { flags }, onLine }),
-    onSuccess: () => qc.invalidateQueries({ queryKey: ["flags"] }),
-  });
-}
-
-export function useDeploy() {
-  const qc = useQueryClient();
-  return useMutation({
-    mutationFn: ({ vmName, opts = {}, onLine }) =>
-      apiStream(`/deploy/${vmName}`, { body: opts, onLine }),
-    onSuccess: () => {
-      qc.invalidateQueries({ queryKey: ["resources"] });
-      qc.invalidateQueries({ queryKey: ["fleet"] });
-    },
-  });
-}
-
-export function useGrantAdmin() {
-  const qc = useQueryClient();
-  return useMutation({
-    mutationFn: ({ vmName, username, onLine }) =>
-      apiStream(`/resources/vm/${vmName}/grant-admin`, {
-        body: username ? { username } : {},
-        onLine,
-      }),
-    onSuccess: () => qc.invalidateQueries({ queryKey: ["fleet"] }),
-  });
-}
-
-export function useCreateResource() {
-  const qc = useQueryClient();
-  return useMutation({
-    mutationFn: ({ body, onLine, onJobId }) =>
-      apiStream(`/resources/${body.type}`, { body, onLine, onJobId }),
-    onSuccess: () => qc.invalidateQueries({ queryKey: ["resources"] }),
-  });
-}