@neetru/cli 1.0.1 → 2.1.0

package/dist/commands/deploy.js

@@ -1,196 +1,549 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.deployCommand = deployCommand;
-const commander_1 = require("commander");
-const chalk_1 = __importDefault(require("chalk"));
-const ora_1 = __importDefault(require("ora"));
-const config_1 = require("../config");
-async function prompt(questions) {
-    const { default: inquirer } = await Promise.resolve().then(() => __importStar(require('inquirer')));
-    return inquirer.prompt(questions);
+/**
+ * `neetru deploy` — pipeline interativo de deploy do produto.
+ *
+ * Sprint 3 (P1-1): substitui o stub vazio. Fluxo:
+ *  1. Resolve produto (lista via /api/v1/cli/catalog).
+ *  2. Detecta stack (product_config + fallback local).
+ *  3. Escolhe target (cloud-run | vm-existente | provisionar-nova).
+ *  4. Para target=vm: lista servers online (/api/v1/cli/servers) +
+ *     escolha capacity-aware.
+ *  5. Domínio + porta (auto-detect ou input).
+ *  6. Build (chama runBuild se artifact ausente).
+ *  7. Upload artifact (Sprint 1: usa file:// local — owner roda em VM com
+ *     acesso ao mesmo FS, OU define `NEETRU_ARTIFACT_BUCKET` e o CLI faz
+ *     upload via signed URL — Sprint 2.5).
+ *  8. POST /api/v1/cli/deploy → recebe deploymentId + statusUrl.
+ *  9. Polling /api/v1/cli/deploy/status até estado terminal.
+ *
+ * NÃO bloqueia em modo `--non-interactive` quando flags suficientes vieram.
+ */
+import * as fs from 'node:fs';
+import { promises as fsp } from 'node:fs';
+import * as path from 'node:path';
+import inquirer from 'inquirer';
+import chalk from 'chalk';
+import ora from 'ora';
+import { log } from '../utils/logger.js';
+import { apiRequest, CliApiError, CliNetworkError } from '../lib/api-client.js';
+import { runBuild } from './build.js';
+const TERMINAL_STATUSES = new Set(['success', 'failed', 'cancelled']);
+function fileExists(p) {
+    try {
+        fs.statSync(p);
+        return true;
+    }
+    catch {
+        return false;
+    }
 }
-function deployCommand() {
-    const cmd = new commander_1.Command('deploy');
-    cmd
-        .description('Dispara um deploy do workspace para o ambiente alvo')
-        .option('-e, --env <env>', 'Ambiente alvo: dev | staging | prod', 'dev')
-        .option('--branch <branch>', 'Branch a deployar (default: main)', 'main')
-        .option('--watch', 'Acompanhar progresso em tempo real')
-        .option('--yes', 'Pular confirmação')
-        .action(async (options) => {
-        let config;
+function isTty() {
+    return !!process.stdout.isTTY && !!process.stdin.isTTY;
+}
+function ensureNonInteractive(opts) {
+    return !!opts.nonInteractive || !isTty();
+}
+async function loadLocalConfig(cwd) {
+    for (const filename of ['neetru.config.json', '.neetru.json']) {
+        const full = path.join(cwd, filename);
+        if (!fileExists(full))
+            continue;
         try {
-            config = (0, config_1.requireConfig)();
+            return JSON.parse(await fsp.readFile(full, 'utf8'));
         }
-        catch (e) {
-            console.error(chalk_1.default.red(e.message));
-            process.exit(1);
+        catch {
+            return null;
         }
-        const global = (0, config_1.readGlobalConfig)();
-        const apiKey = global.clientSecret ?? process.env.NEETRU_CLI_API_KEY;
-        if (!apiKey) {
-            console.error(chalk_1.default.red('Não autenticado. Execute neetru login primeiro.'));
-            process.exit(1);
+    }
+    return null;
+}
+async function loadEnvFile(envFile) {
+    const content = await fsp.readFile(envFile, 'utf8');
+    const out = {};
+    for (const line of content.split(/\r?\n/)) {
+        const trimmed = line.trim();
+        if (!trimmed || trimmed.startsWith('#'))
+            continue;
+        const eq = trimmed.indexOf('=');
+        if (eq === -1)
+            continue;
+        const k = trimmed.slice(0, eq).trim();
+        let v = trimmed.slice(eq + 1).trim();
+        if ((v.startsWith('"') && v.endsWith('"')) || (v.startsWith("'") && v.endsWith("'"))) {
+            v = v.slice(1, -1);
         }
-        const env = options.env;
-        if (!['dev', 'staging', 'prod'].includes(env)) {
-            console.error(chalk_1.default.red(`Ambiente inválido: ${env}. Use dev | staging | prod.`));
-            process.exit(1);
+        if (k)
+            out[k] = v;
+    }
+    return out;
+}
+function handleApiError(error) {
+    if (error instanceof CliApiError) {
+        if (error.status === 401) {
+            log.error('Token inválido ou expirado. Execute: neetru login');
+            process.exit(2);
         }
-        // Confirmation for prod
-        if (env === 'prod' && !options.yes) {
-            const { confirm } = await prompt([{
-                    type: 'confirm',
-                    name: 'confirm',
-                    message: chalk_1.default.yellow.bold(`⚠ Deploy para PRODUÇÃO (branch: ${options.branch}). Continuar?`),
-                    default: false,
-                }]);
-            if (!confirm) {
-                console.log(chalk_1.default.dim('Cancelado.'));
-                return;
-            }
+        if (error.status === 403) {
+            log.error(`Permissão negada: ${error.message}`);
+            process.exit(3);
+        }
+        if (error.status === 501) {
+            log.error(`Recurso não implementado: ${error.message}`);
+            process.exit(5);
+        }
+        log.error(`Erro do servidor (${error.status}): ${error.message}`);
+        process.exit(4);
+    }
+    if (error instanceof CliNetworkError) {
+        log.error(error.message);
+        process.exit(4);
+    }
+    log.error(error.message);
+    process.exit(4);
+}
+async function pickProduct(opts, nonInteractive, cwd) {
+    if (opts.product)
+        return opts.product;
+    const local = await loadLocalConfig(cwd);
+    if (local?.slug)
+        return local.slug;
+    if (nonInteractive) {
+        log.error('--product <slug> é obrigatório em modo não interativo.');
+        process.exit(1);
+    }
+    const spinner = ora({ text: 'Buscando catálogo…', color: 'blue' }).start();
+    let catalog;
+    try {
+        catalog = await apiRequest('/api/v1/cli/catalog');
+        spinner.stop();
+    }
+    catch (err) {
+        spinner.fail('Não consegui buscar o catálogo.');
+        handleApiError(err);
+    }
+    if (catalog.products.length === 0) {
+        log.error('Nenhum produto público encontrado. Crie um via `neetru publish` antes.');
+        process.exit(1);
+    }
+    const { slug } = await inquirer.prompt([
+        {
+            type: 'list',
+            name: 'slug',
+            message: 'Produto a deployar:',
+            choices: catalog.products.map((p) => ({
+                name: `${p.name} ${chalk.dim('(' + p.slug + ')')} ${chalk.dim('· ' + p.status)}`,
+                value: p.slug,
+            })),
+        },
+    ]);
+    return slug;
+}
+async function pickTarget(opts, nonInteractive) {
+    if (opts.target)
+        return opts.target;
+    if (nonInteractive)
+        return 'vm';
+    // `cloud-run` é aceito via flag explícita `--target=cloud-run` (staff/forward-
+    // compat), mas NÃO aparece no menu interativo — runtime ainda não está pronto
+    // e não se anuncia feature incompleta pro dev.
+    const { target } = await inquirer.prompt([
+        {
+            type: 'list',
+            name: 'target',
+            message: 'Onde deployar?',
+            default: 'vm',
+            choices: [
+                { name: 'VM existente (custo fixo, sem cold start)', value: 'vm' },
+                { name: 'Workspace (runtime gerenciado per-tenant — Cloud Run privado)', value: 'workspace' },
+            ],
+        },
+    ]);
+    return target;
+}
+async function pickServer(opts, nonInteractive) {
+    const spinner = ora({ text: 'Buscando servidores online…', color: 'blue' }).start();
+    let resp;
+    try {
+        resp = await apiRequest('/api/cli/v1/servers?status=online&capacity=true');
+        spinner.stop();
+    }
+    catch (err) {
+        spinner.fail('Não consegui listar servers.');
+        handleApiError(err);
+    }
+    if (resp.servers.length === 0) {
+        log.error('Nenhum servidor online encontrado.');
+        log.dim('  Provisione um com: POST /api/v1/cli/servers/provision');
+        process.exit(1);
+    }
+    if (opts.server) {
+        const found = resp.servers.find((s) => s.id === opts.server || s.name === opts.server);
+        if (!found) {
+            log.error(`Server "${opts.server}" não encontrado entre os online.`);
+            process.exit(1);
         }
-        console.log('\n' + chalk_1.default.bold(`🚀 Deploy → ${chalk_1.default.cyan(env)}`));
-        console.log(chalk_1.default.dim(`  Branch: ${options.branch}`));
-        console.log(chalk_1.default.dim(`  Workspace: ${config.clientId}\n`));
-        const spinner = (0, ora_1.default)('Disparando deploy...').start();
-        let deployResp;
+        return found;
+    }
+    if (nonInteractive) {
+        log.error('--server <id> é obrigatório em modo não interativo.');
+        process.exit(1);
+    }
+    const { serverId } = await inquirer.prompt([
+        {
+            type: 'list',
+            name: 'serverId',
+            message: 'Server alvo:',
+            choices: resp.servers.map((s) => {
+                const ramFree = s.availableRamMb !== null && s.availableRamMb !== undefined
+                    ? `${s.availableRamMb}MB livres`
+                    : 'capacidade desconhecida';
+                return {
+                    name: `${s.name ?? s.id} ${chalk.dim('(' + (s.provider ?? '?') + '/' + (s.region ?? '?') + ')')} · ${ramFree}`,
+                    value: s.id,
+                };
+            }),
+        },
+    ]);
+    return resp.servers.find((s) => s.id === serverId);
+}
+async function pickDomainPort(opts, nonInteractive, productSlug) {
+    let domain = opts.domain;
+    let port = opts.port;
+    if (nonInteractive)
+        return { domain, port };
+    if (!domain) {
+        const { d } = await inquirer.prompt([
+            {
+                type: 'input',
+                name: 'd',
+                message: `Domínio (vazio = sem vhost):`,
+                default: `${productSlug}.neetru.com`,
+            },
+        ]);
+        domain = d.trim() || undefined;
+    }
+    if (!port) {
+        const { p } = await inquirer.prompt([
+            {
+                type: 'input',
+                name: 'p',
+                message: 'Porta interna do app:',
+                default: '3000',
+                validate: (v) => {
+                    const n = Number.parseInt(v, 10);
+                    if (Number.isNaN(n) || n < 1 || n > 65535)
+                        return 'Porta inválida (1-65535).';
+                    return true;
+                },
+            },
+        ]);
+        port = Number.parseInt(p, 10);
+    }
+    return { domain, port };
+}
+/**
+ * F-11 (2026-05-16): determina se devemos manter o artifactUrl como `file://`
+ * em vez de fazer upload pra GCS. Default = false (upload é o caminho normal).
+ *
+ * Razões pra retornar true:
+ *   - `--local-artifact` explícito (dev sabe o que está fazendo).
+ *   - `NEETRU_DEV_LOCAL_ARTIFACT=true` no env.
+ *   - `--artifact-url` já é `file://` (caller forçou — não fazemos upload de
+ *     um path que não controlamos).
+ *   - `--artifact-url` já é `gs://` ou `https://` (caller fez upload sozinho).
+ */
+function shouldKeepLocalArtifact(opts) {
+    if (opts.localArtifact)
+        return true;
+    if (process.env.NEETRU_DEV_LOCAL_ARTIFACT === 'true')
+        return true;
+    return false;
+}
+/**
+ * F-11: sobe o tarball local pra GCS via signed URL V4. 1 retry em caso de
+ * falha de rede; falha persistente aborta com mensagem clara.
+ *
+ * @returns `gs://...` canônico pra usar como artifactUrl no POST de deploy.
+ */
+async function uploadArtifactToGcs(tarballAbs, productSlug, envName, sizeBytes) {
+    const filename = path.basename(tarballAbs);
+    // Pede signed URL ao Core.
+    const signSpinner = ora({
+        text: `Solicitando signed URL pra ${filename}…`,
+        color: 'blue',
+    }).start();
+    let signed;
+    try {
+        signed = await apiRequest('/api/cli/v1/deploy/upload-url', {
+            method: 'POST',
+            body: {
+                productId: productSlug,
+                env: envName,
+                filename,
+                contentLength: sizeBytes,
+                contentType: 'application/gzip',
+            },
+        });
+        signSpinner.succeed(`Signed URL emitida (expira em ${signed.expiresAt}). deployId=${chalk.bold(signed.deployId)}`);
+    }
+    catch (err) {
+        signSpinner.fail('Falha ao obter signed URL.');
+        handleApiError(err);
+    }
+    // PUT direto pro GCS com 1 retry. global.fetch nativo (Node 18+) aceita
+    // ReadableStream e respeita Content-Length quando duplex='half'.
+    const attempt = async (attemptNumber) => {
+        const stream = fs.createReadStream(tarballAbs);
+        const uploadSpinner = ora({
+            text: attemptNumber === 1
+                ? `Subindo ${(sizeBytes / 1024 / 1024).toFixed(2)} MB pra GCS…`
+                : `Retry upload (${attemptNumber}/2)…`,
+            color: 'blue',
+        }).start();
         try {
-            const res = await fetch(`${config.coreUrl}/api/v1/cli/deploy`, {
-                method: 'POST',
+            const resp = await fetch(signed.uploadUrl, {
+                method: 'PUT',
+                body: stream,
                 headers: {
-                    Authorization: `Bearer ${apiKey}`,
-                    'Content-Type': 'application/json',
+                    'Content-Type': signed.contentType,
+                    'Content-Length': String(sizeBytes),
                 },
-                body: JSON.stringify({
-                    clientId: config.clientId,
-                    environment: env,
-                    branch: options.branch,
-                }),
-                signal: AbortSignal.timeout(15000),
+                // Node fetch exige duplex='half' quando o body é stream legível.
+                // O TS lib.dom não conhece o campo; cast tipado.
+                ...{ duplex: 'half' },
             });
-            if (!res.ok) {
-                const body = await res.json().catch(() => ({}));
-                spinner.fail(`HTTP ${res.status}: ${body.error ?? 'Erro desconhecido'}`);
-                process.exit(1);
+            if (!resp.ok) {
+                const text = await resp.text().catch(() => '');
+                throw new Error(`HTTP ${resp.status}${text ? ` — ${text.slice(0, 200)}` : ''}`);
             }
-            deployResp = await res.json();
-            spinner.succeed(`Deploy iniciado: ${chalk_1.default.cyan(deployResp.deploymentId)}`);
+            uploadSpinner.succeed(`Upload concluído (${signed.gcsPath}).`);
+        }
+        catch (err) {
+            uploadSpinner.fail(`Upload falhou: ${err.message}`);
+            throw err;
+        }
+    };
+    try {
+        await attempt(1);
+    }
+    catch {
+        try {
+            await attempt(2);
+        }
+        catch (err) {
+            log.error(`Upload do artifact falhou após 2 tentativas: ${err.message}. ` +
+                'Verifique conectividade com storage.googleapis.com ou rode com --local-artifact ' +
+                'se o agente está na mesma máquina.');
+            process.exit(4);
         }
-        catch (e) {
-            spinner.fail(`Erro: ${e.message}`);
+    }
+    return { artifactUrl: signed.gcsPath, deployId: signed.deployId };
+}
+/**
+ * F-11 (2026-05-16): resolve o artifact pra o POST de deploy.
+ *
+ * Cascata:
+ *   1. `--artifact-url` + `--artifact-sha256` → usa direto (caller fez upload).
+ *   2. `--artifact` (arquivo local) → calcula sha256 e parte pra (4).
+ *   3. Sem artifact → procura manifest, senão roda `neetru build`. Parte pra (4).
+ *   4. Default: faz upload pra GCS via signed URL e devolve `gs://…`.
+ *      Override: `--local-artifact` ou `NEETRU_DEV_LOCAL_ARTIFACT=true` mantém
+ *      `file://` (dev em mesma máquina do agent — modo legacy).
+ *
+ * BUG-008 fix continua válido no backend: `file://` é rejeitado pelo POST de
+ * deploy a não ser que o agent rode no mesmo FS. O caminho default agora é gs://.
+ */
+async function resolveArtifact(opts, productSlug, envName, cwd) {
+    // Caso 1: caller já fez upload e passou URL+sha pronta.
+    if (opts.artifactUrl && opts.artifactSha256) {
+        return { artifactUrl: opts.artifactUrl, artifactSha256: opts.artifactSha256 };
+    }
+    // Decide se vamos fazer upload pra GCS ou manter file://.
+    const keepLocal = shouldKeepLocalArtifact(opts);
+    // Caso 2: --artifact <file> local.
+    if (opts.artifact) {
+        const abs = path.resolve(cwd, opts.artifact);
+        if (!fileExists(abs)) {
+            log.error(`Artifact não encontrado: ${abs}`);
             process.exit(1);
         }
-        if (!options.watch) {
-            console.log('');
-            console.log(chalk_1.default.dim('Acompanhe em:'));
-            console.log(chalk_1.default.cyan(`  ${config.coreUrl}/deployments/${deployResp.deploymentId}`));
-            console.log(chalk_1.default.dim(`Ou use: neetru deploy --watch`));
-            console.log('');
-            return;
-        }
-        // Watch mode — poll status every 3s
-        console.log('');
-        const watchSpinner = (0, ora_1.default)('Aguardando steps...').start();
-        const seenSteps = new Set();
-        let attempts = 0;
-        const maxAttempts = 200; // 10min timeout
-        const poll = async () => {
-            attempts++;
-            try {
-                const res = await fetch(`${config.coreUrl}/api/v1/cli/deployments/${deployResp.deploymentId}`, {
-                    headers: { Authorization: `Bearer ${apiKey}` },
-                    signal: AbortSignal.timeout(8000),
-                });
-                if (!res.ok)
-                    return false;
-                const status = await res.json();
-                for (const step of status.steps) {
-                    const key = `${step.name}:${step.status}`;
-                    if (seenSteps.has(key))
-                        continue;
-                    seenSteps.add(key);
-                    const icon = step.status === 'success' ? chalk_1.default.green('✓')
-                        : step.status === 'failed' ? chalk_1.default.red('✗')
-                            : step.status === 'running' ? chalk_1.default.yellow('●')
-                                : chalk_1.default.dim('○');
-                    const label = step.status === 'pending' ? chalk_1.default.dim(step.name) : step.name;
-                    if (step.status !== 'pending') {
-                        watchSpinner.stop();
-                        console.log(`  ${icon} ${label} ${chalk_1.default.dim(`(${step.status})`)}`);
-                        if (status.steps.some((s) => s.status === 'pending' || s.status === 'running')) {
-                            watchSpinner.start('Aguardando próximo step...');
-                        }
-                    }
-                }
-                if (['success', 'failed', 'rolled_back'].includes(status.status)) {
-                    watchSpinner.stop();
-                    if (status.status === 'success') {
-                        console.log('\n' + chalk_1.default.green.bold('✓ Deploy concluído com sucesso'));
-                        if (status.url)
-                            console.log(chalk_1.default.cyan(`  → ${status.url}`));
-                    }
-                    else {
-                        console.log('\n' + chalk_1.default.red.bold(`✗ Deploy falhou (${status.status})`));
-                        if (status.error)
-                            console.log(chalk_1.default.dim(`  ${status.error}`));
-                    }
-                    console.log('');
-                    return true;
-                }
-                return false;
-            }
-            catch {
-                return false;
-            }
+        const { createHash } = await import('node:crypto');
+        const hash = createHash('sha256');
+        const stream = fs.createReadStream(abs);
+        for await (const chunk of stream)
+            hash.update(chunk);
+        const stat = await fsp.stat(abs);
+        const sha256 = hash.digest('hex');
+        if (keepLocal) {
+            log.warn('Modo --local-artifact: mandando file:// pro Core. Só funciona se o agent compartilha FS com este CLI.');
+            return {
+                artifactUrl: `file://${abs.replace(/\\/g, '/')}`,
+                artifactSha256: sha256,
+                artifactSizeBytes: stat.size,
+            };
+        }
+        const uploaded = await uploadArtifactToGcs(abs, productSlug, envName, stat.size);
+        return {
+            artifactUrl: uploaded.artifactUrl,
+            artifactSha256: sha256,
+            artifactSizeBytes: stat.size,
+            deployId: uploaded.deployId,
+        };
+    }
+    // Caso 3: procura manifest existente, senão chama runBuild.
+    const manifestPath = path.join(cwd, '.neetru-build', 'manifest.json');
+    let manifest = null;
+    if (fileExists(manifestPath)) {
+        try {
+            manifest = JSON.parse(await fsp.readFile(manifestPath, 'utf8'));
+            if (manifest.slug !== productSlug)
+                manifest = null;
+        }
+        catch {
+            manifest = null;
+        }
+    }
+    if (!manifest) {
+        log.info('Nenhum artifact encontrado. Rodando `neetru build`…');
+        manifest = await runBuild({ product: productSlug, version: opts.version });
+    }
+    const tarAbs = path.resolve(cwd, manifest.tarball);
+    if (keepLocal) {
+        log.warn('Modo --local-artifact: mandando file:// pro Core. Só funciona se o agent compartilha FS com este CLI.');
+        return {
+            artifactUrl: `file://${tarAbs.replace(/\\/g, '/')}`,
+            artifactSha256: manifest.sha256,
+            artifactSizeBytes: manifest.sizeBytes,
+            manifest,
         };
-        const interval = setInterval(async () => {
-            const done = await poll();
-            if (done || attempts >= maxAttempts) {
-                clearInterval(interval);
-                if (attempts >= maxAttempts) {
-                    watchSpinner.fail('Timeout (10min). Verifique no painel.');
-                    process.exit(1);
-                }
+    }
+    const uploaded = await uploadArtifactToGcs(tarAbs, productSlug, envName, manifest.sizeBytes);
+    return {
+        artifactUrl: uploaded.artifactUrl,
+        artifactSha256: manifest.sha256,
+        artifactSizeBytes: manifest.sizeBytes,
+        manifest,
+        deployId: uploaded.deployId,
+    };
+}
+async function pollDeploymentStatus(deploymentId) {
+    const start = Date.now();
+    const timeoutMs = 20 * 60 * 1000; // 20min
+    let lastStatus = '';
+    const spinner = ora({ text: 'Aguardando agente…', color: 'blue' }).start();
+    while (Date.now() - start < timeoutMs) {
+        let resp;
+        try {
+            resp = await apiRequest(`/api/v1/cli/deploy/status?id=${encodeURIComponent(deploymentId)}`);
+        }
+        catch (err) {
+            // transient — segue tentando.
+            if (err instanceof CliNetworkError) {
+                await new Promise((r) => setTimeout(r, 3000));
+                continue;
             }
-        }, 3000);
-    });
-    return cmd;
+            spinner.fail('Falha ao consultar status.');
+            handleApiError(err);
+        }
+        if (resp.status !== lastStatus) {
+            spinner.text = `Status: ${chalk.bold(resp.status)} · ${resp.steps
+                .map((s) => `${s.name}=${s.status}`)
+                .join(', ')}`;
+            lastStatus = resp.status;
+        }
+        if (TERMINAL_STATUSES.has(resp.status)) {
+            if (resp.status === 'success')
+                spinner.succeed(`Deploy ${chalk.bold('success')}.`);
+            else
+                spinner.fail(`Deploy ${chalk.bold(resp.status)}.`);
+            return resp;
+        }
+        await new Promise((r) => setTimeout(r, 4000));
+    }
+    spinner.fail('Timeout aguardando deploy.');
+    throw new Error('deploy_timeout');
+}
+export async function runDeploy(opts) {
+    log.banner();
+    const cwd = process.cwd();
+    const nonInteractive = ensureNonInteractive(opts);
+    const productSlug = await pickProduct(opts, nonInteractive, cwd);
+    const target = await pickTarget(opts, nonInteractive);
+    let serverChoice = null;
+    if (target === 'vm') {
+        serverChoice = await pickServer(opts, nonInteractive);
+    }
+    // target='workspace' não exige server — backend resolve runtime per-tenant.
+    const { domain, port } = await pickDomainPort(opts, nonInteractive, productSlug);
+    // F-11: env name pra GCS path (`gs://neetru-deploy-artifacts/<product>/<env>/…`).
+    // Default 'dev' quando não definido — alinhado com o middleware OAuth.
+    const envName = (opts.env ?? 'dev').toLowerCase();
+    // Build / artifact (default: faz upload pra GCS via signed URL).
+    const artifact = await resolveArtifact(opts, productSlug, envName, cwd);
+    // EnvVars.
+    let envVars;
+    if (opts.envFile) {
+        envVars = await loadEnvFile(path.resolve(cwd, opts.envFile));
+    }
+    // Confirmação interativa.
+    if (!nonInteractive) {
+        log.heading('Resumo');
+        log.dim(`  produto:  ${productSlug}`);
+        log.dim(`  versão:   ${artifact.manifest?.version ?? opts.version ?? '(detectada no build)'}`);
+        log.dim(`  stack:    ${opts.stack ?? artifact.manifest?.stack ?? '(detectada no build)'}`);
+        log.dim(`  target:   ${target}`);
+        if (serverChoice)
+            log.dim(`  server:   ${serverChoice.name ?? serverChoice.id}`);
+        if (domain)
+            log.dim(`  domain:   ${domain}`);
+        if (port)
+            log.dim(`  port:     ${port}`);
+        log.dim(`  artifact: ${artifact.artifactUrl}`);
+        log.dim(`  sha256:   ${artifact.artifactSha256.slice(0, 16)}…`);
+        const { ok } = await inquirer.prompt([
+            { type: 'confirm', name: 'ok', message: 'Confirmar deploy?', default: true },
+        ]);
+        if (!ok) {
+            log.warn('Deploy cancelado.');
+            process.exit(0);
+        }
+    }
+    const body = {
+        productSlug,
+        version: artifact.manifest?.version ?? opts.version ?? '0.0.0',
+        stack: opts.stack ?? artifact.manifest?.stack ?? 'node',
+        target,
+        artifactUrl: artifact.artifactUrl,
+        artifactSha256: artifact.artifactSha256,
+        artifactSizeBytes: artifact.artifactSizeBytes,
+    };
+    if (target === 'vm') {
+        body.serverId = serverChoice.id;
+        body.port = port;
+    }
+    if (domain)
+        body.domain = domain;
+    if (envVars && Object.keys(envVars).length > 0)
+        body.envVars = envVars;
+    let deploy;
+    const dispatchSpinner = ora({ text: 'Enviando comando ao Core…', color: 'blue' }).start();
+    try {
+        deploy = await apiRequest('/api/v1/cli/deploy', {
+            method: 'POST',
+            body,
+        });
+        dispatchSpinner.succeed(`Deploy criado: ${chalk.bold(deploy.deploymentId)}`);
+    }
+    catch (err) {
+        dispatchSpinner.fail('Falha ao criar deploy.');
+        handleApiError(err);
+    }
+    const final = await pollDeploymentStatus(deploy.deploymentId);
+    if (final.status !== 'success') {
+        log.error(final.lastError ?? `Deploy terminou com status ${final.status}`);
+        process.exit(1);
+    }
+    if (final.domain)
+        log.success(`Live em https://${final.domain}`);
+    process.exit(0);
 }
 //# sourceMappingURL=deploy.js.map