@nocobase/cli 2.1.0-alpha.4 → 2.1.0-alpha.40

package/dist/commands/env/add.js

@@ -0,0 +1,366 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+import { Args, Command, Flags } from '@oclif/core';
+import { setCurrentEnv, upsertEnv } from '../../lib/auth-store.js';
+import { resolveDefaultConfigScope } from '../../lib/cli-home.js';
+import { buildStoredEnvConfig, } from '../../lib/env-config.js';
+import { runPromptCatalog, } from '../../lib/prompt-catalog.js';
+import { applyCliLocale, CLI_LOCALE_FLAG_DESCRIPTION, CLI_LOCALE_FLAG_OPTIONS, localeText, } from '../../lib/cli-locale.js';
+import { validateApiBaseUrl } from '../../lib/prompt-validators.js';
+import { printInfo, printStage, printSuccess, printVerbose, setVerboseMode } from '../../lib/ui.js';
+const ENV_RUNTIME_FLAG_MAP = {
+    source: 'source',
+    'download-version': 'downloadVersion',
+    'docker-registry': 'dockerRegistry',
+    'docker-platform': 'dockerPlatform',
+    'git-url': 'gitUrl',
+    'npm-registry': 'npmRegistry',
+    'app-root-path': 'appRootPath',
+    'storage-path': 'storagePath',
+    'app-port': 'appPort',
+    'app-key': 'appKey',
+    timezone: 'timezone',
+    'db-dialect': 'dbDialect',
+    'builtin-db-image': 'builtinDbImage',
+    'db-host': 'dbHost',
+    'db-port': 'dbPort',
+    'db-database': 'dbDatabase',
+    'db-user': 'dbUser',
+    'db-password': 'dbPassword',
+    'db-schema': 'dbSchema',
+    'db-table-prefix': 'dbTablePrefix',
+    'root-username': 'rootUsername',
+    'root-email': 'rootEmail',
+    'root-password': 'rootPassword',
+    'root-nickname': 'rootNickname',
+};
+const ENV_BOOLEAN_RUNTIME_FLAG_MAP = {
+    'builtin-db': 'builtinDb',
+    'dev-dependencies': 'devDependencies',
+    build: 'build',
+    'build-dts': 'buildDts',
+    'db-underscored': 'dbUnderscored',
+};
+const envAddText = (key, values) => localeText(`commands.envAdd.${key}`, values);
+const envAddAccessTokenPrompt = {
+    type: 'text',
+    message: envAddText('prompts.accessToken.message'),
+    required: true,
+    hidden: (values) => values.authType !== 'token' || values.skipAuth === true,
+};
+function formatDeferredAuthMessage(envName, authType) {
+    const normalizedAuthType = String(authType ?? '').trim();
+    const nextStep = `Authentication was skipped for env "${envName}". Run \`nb env auth ${envName}\` to finish setup.`;
+    if (normalizedAuthType === 'token') {
+        return `${nextStep} You will be prompted for an access token.`;
+    }
+    if (normalizedAuthType === 'oauth') {
+        return `${nextStep} A browser sign-in flow will be started.`;
+    }
+    return nextStep;
+}
+export default class EnvAdd extends Command {
+    static summary = 'Save a named NocoBase API endpoint (token or OAuth), then switch the CLI to use it';
+    static examples = [
+        '<%= config.bin %> <%= command.id %>',
+        '<%= config.bin %> <%= command.id %> local',
+        '<%= config.bin %> <%= command.id %> local --api-base-url http://localhost:13000/api --auth-type oauth',
+    ];
+    static args = {
+        name: Args.string({
+            description: 'Environment name to save (optional first argument; in a TTY, prompted when omitted; required when not using a TTY)',
+            required: false,
+        }),
+    };
+    static flags = {
+        env: Flags.string({
+            char: 'e',
+            hidden: true,
+            deprecated: true,
+            description: 'Environment name (same as the optional positional argument; for compatibility with -e/--env on other commands)',
+        }),
+        verbose: Flags.boolean({
+            description: 'Print detailed progress while writing config',
+            default: false,
+        }),
+        locale: Flags.string({
+            description: CLI_LOCALE_FLAG_DESCRIPTION,
+            options: CLI_LOCALE_FLAG_OPTIONS,
+        }),
+        'no-intro': Flags.boolean({
+            hidden: true,
+            description: 'Skip command intro when invoked by another CLI command',
+            default: false,
+        }),
+        'default-api-base-url': Flags.string({
+            char: 'd',
+            hidden: true,
+            description: 'Default API base URL for HTTP API calls, including the /api prefix (e.g. http://localhost:13000/api); prompted in a TTY when omitted',
+        }),
+        'api-base-url': Flags.string({
+            char: 'u',
+            description: 'Root URL for HTTP API calls, including the /api prefix (e.g. http://localhost:13000/api); prompted in a TTY when omitted',
+        }),
+        'auth-type': Flags.string({
+            char: 'a',
+            description: 'Authentication: token (API key) or oauth (browser login via `nb env auth`); prompted in a TTY when omitted',
+            options: ['token', 'oauth'],
+        }),
+        'access-token': Flags.string({
+            char: 't',
+            aliases: ['token'],
+            description: 'API key or access token when using --auth-type token (prompted in a TTY when omitted)',
+        }),
+        'skip-auth': Flags.boolean({
+            description: 'Save the env now and finish authentication later with `nb env auth`',
+            default: false,
+        }),
+        source: Flags.string({
+            hidden: true,
+            description: 'Application source saved with this env',
+        }),
+        'download-version': Flags.string({
+            hidden: true,
+            description: 'Downloaded app version saved with this env',
+        }),
+        'docker-registry': Flags.string({
+            hidden: true,
+            description: 'Docker registry saved with this env',
+        }),
+        'docker-platform': Flags.string({
+            hidden: true,
+            description: 'Docker image platform saved with this env',
+        }),
+        'git-url': Flags.string({
+            hidden: true,
+            description: 'Git repository URL saved with this env',
+        }),
+        'npm-registry': Flags.string({
+            hidden: true,
+            description: 'npm registry saved with this env',
+        }),
+        'dev-dependencies': Flags.boolean({
+            allowNo: true,
+            hidden: true,
+            description: 'Whether development dependencies were installed for this env',
+        }),
+        build: Flags.boolean({
+            allowNo: true,
+            hidden: true,
+            description: 'Whether the app was built after download for this env',
+        }),
+        'build-dts': Flags.boolean({
+            allowNo: true,
+            hidden: true,
+            description: 'Whether declaration files were emitted during build for this env',
+        }),
+        'app-root-path': Flags.string({
+            hidden: true,
+            description: 'Application root path saved with this env',
+        }),
+        'storage-path': Flags.string({
+            hidden: true,
+            description: 'Storage path saved with this env',
+        }),
+        'app-port': Flags.string({
+            hidden: true,
+            description: 'Application HTTP port saved with this env',
+        }),
+        'app-key': Flags.string({
+            hidden: true,
+            description: 'Application secret key saved with this env',
+        }),
+        timezone: Flags.string({
+            hidden: true,
+            description: 'Application timezone saved with this env',
+        }),
+        'builtin-db': Flags.boolean({
+            allowNo: true,
+            hidden: true,
+            description: 'Whether this env uses a CLI-managed built-in database',
+        }),
+        'db-dialect': Flags.string({
+            hidden: true,
+            description: 'Database dialect saved with this env',
+        }),
+        'builtin-db-image': Flags.string({
+            hidden: true,
+            description: 'Built-in database image saved with this env',
+        }),
+        'db-host': Flags.string({
+            hidden: true,
+            description: 'Database host saved with this env',
+        }),
+        'db-port': Flags.string({
+            hidden: true,
+            description: 'Database port saved with this env',
+        }),
+        'db-database': Flags.string({
+            hidden: true,
+            description: 'Database name saved with this env',
+        }),
+        'db-user': Flags.string({
+            hidden: true,
+            description: 'Database user saved with this env',
+        }),
+        'db-password': Flags.string({
+            hidden: true,
+            description: 'Database password saved with this env',
+        }),
+        'db-schema': Flags.string({
+            hidden: true,
+            description: 'Database schema saved with this env',
+        }),
+        'db-table-prefix': Flags.string({
+            hidden: true,
+            description: 'Database table prefix saved with this env',
+        }),
+        'db-underscored': Flags.boolean({
+            allowNo: true,
+            hidden: true,
+            description: 'Whether this env uses underscored database naming',
+        }),
+        'root-username': Flags.string({
+            hidden: true,
+            description: 'Initial root username saved with this env',
+        }),
+        'root-email': Flags.string({
+            hidden: true,
+            description: 'Initial root email saved with this env',
+        }),
+        'root-password': Flags.string({
+            hidden: true,
+            description: 'Initial root password saved with this env',
+        }),
+        'root-nickname': Flags.string({
+            hidden: true,
+            description: 'Initial root nickname saved with this env',
+        }),
+    };
+    static prompts = {
+        name: {
+            type: 'text',
+            message: envAddText('prompts.name.message'),
+            placeholder: envAddText('prompts.name.placeholder'),
+            required: true,
+        },
+        apiBaseUrl: {
+            type: 'text',
+            message: envAddText('prompts.apiBaseUrl.message'),
+            placeholder: envAddText('prompts.apiBaseUrl.placeholder'),
+            required: true,
+            validate: validateApiBaseUrl,
+        },
+        authType: {
+            type: 'select',
+            message: envAddText('prompts.authType.message'),
+            options: [
+                {
+                    value: 'oauth',
+                    label: envAddText('prompts.authType.oauthLabel'),
+                    hint: envAddText('prompts.authType.oauthHint'),
+                },
+                { value: 'token', label: envAddText('prompts.authType.tokenLabel') },
+            ],
+            initialValue: 'oauth',
+            required: true,
+        },
+        accessToken: envAddAccessTokenPrompt,
+    };
+    buildPromptValues(nameArg, flags) {
+        const values = {};
+        const name = nameArg?.trim() || flags.env?.trim();
+        if (name) {
+            values.name = name;
+        }
+        const apiFromFlag = flags['api-base-url'];
+        if (typeof apiFromFlag === 'string' && apiFromFlag.trim() !== '') {
+            values.apiBaseUrl = apiFromFlag.trim();
+        }
+        if (flags['auth-type']) {
+            values.authType = flags['auth-type'];
+        }
+        if (flags['skip-auth']) {
+            values.skipAuth = true;
+        }
+        const token = flags['access-token'] ?? flags.token;
+        if (typeof token === 'string' && token !== '') {
+            values.accessToken = token;
+        }
+        return values;
+    }
+    buildPromptInitialValues(flags) {
+        const initialValues = {};
+        const defaultApiBaseUrl = flags['default-api-base-url']?.trim();
+        if (defaultApiBaseUrl) {
+            initialValues.apiBaseUrl = defaultApiBaseUrl;
+        }
+        return initialValues;
+    }
+    buildPromptCatalog(flags) {
+        if (!flags['skip-auth']) {
+            return EnvAdd.prompts;
+        }
+        return {
+            ...EnvAdd.prompts,
+            accessToken: {
+                ...envAddAccessTokenPrompt,
+                hidden: () => true,
+            },
+        };
+    }
+    buildEnvConfig(results, flags) {
+        const envConfigInput = {
+            apiBaseUrl: results.apiBaseUrl,
+            authType: results.authType,
+            accessToken: results.accessToken,
+        };
+        for (const [flagName, configKey] of Object.entries(ENV_RUNTIME_FLAG_MAP)) {
+            const value = flags[flagName];
+            envConfigInput[configKey] = value;
+        }
+        for (const [flagName, configKey] of Object.entries(ENV_BOOLEAN_RUNTIME_FLAG_MAP)) {
+            const value = flags[flagName];
+            envConfigInput[configKey] = value;
+        }
+        return buildStoredEnvConfig(envConfigInput);
+    }
+    async run() {
+        const { args, flags } = await this.parse(EnvAdd);
+        const parsedFlags = flags;
+        if (parsedFlags['skip-auth'] && (parsedFlags['access-token'] !== undefined || parsedFlags.token !== undefined)) {
+            this.error('--skip-auth cannot be used with --access-token or --token.');
+        }
+        applyCliLocale(parsedFlags.locale);
+        setVerboseMode(parsedFlags.verbose);
+        if (!parsedFlags['no-intro']) {
+            printStage('Connect to NocoBase');
+        }
+        const results = await runPromptCatalog(this.buildPromptCatalog(parsedFlags), {
+            values: this.buildPromptValues(args.name, parsedFlags),
+            initialValues: this.buildPromptInitialValues(parsedFlags),
+            command: this,
+        });
+        const envName = String(results.name);
+        const envConfig = this.buildEnvConfig(results, parsedFlags);
+        printVerbose(`Saving env "${envName}" globally.`);
+        await upsertEnv(envName, envConfig, { scope: resolveDefaultConfigScope() });
+        await setCurrentEnv(envName, { scope: resolveDefaultConfigScope() });
+        if (parsedFlags['skip-auth']) {
+            printSuccess(`✔ Env "${envName}" was saved.`);
+            printInfo(formatDeferredAuthMessage(envName, results.authType));
+            return;
+        }
+        if (results.authType === 'oauth') {
+            await this.config.runCommand('env:auth', [envName]);
+        }
+        await this.config.runCommand('env:update', [envName]);
+        printSuccess(`✔ Env "${envName}" is ready.`);
+    }
+}

package/dist/commands/env/auth.js

@@ -0,0 +1,130 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+import { Args, Command, Flags } from '@oclif/core';
+import { getCurrentEnvName, getEnv, resolveConfiguredAuthType, updateEnvConnection, } from '../../lib/auth-store.js';
+import { resolveDefaultConfigScope } from '../../lib/cli-home.js';
+import { authenticateEnvWithOauth } from '../../lib/env-auth.js';
+import { runPromptCatalog } from '../../lib/prompt-catalog.js';
+import { failTask, printStage, startTask, stopTask, succeedTask } from '../../lib/ui.js';
+import EnvAdd from "./add.js";
+const envAuthPrompts = {
+    authType: EnvAdd.prompts.authType,
+    accessToken: EnvAdd.prompts.accessToken,
+};
+function resolveExplicitAuthType(value) {
+    return value === 'token' || value === 'oauth' ? value : undefined;
+}
+function formatMissingEnvMessage(envName) {
+    return [
+        `Env "${envName}" is not configured.`,
+        `Run \`nb env add ${envName} --api-base-url <url>\` first.`,
+    ].join('\n');
+}
+export default class EnvAuth extends Command {
+    static summary = 'Authenticate a saved NocoBase environment with a token or OAuth';
+    static examples = [
+        '<%= config.bin %> <%= command.id %>',
+        '<%= config.bin %> <%= command.id %> prod',
+        '<%= config.bin %> <%= command.id %> prod --auth-type token --access-token <api-key>',
+    ];
+    static args = {
+        name: Args.string({
+            description: 'Configured environment name to sign in to. Defaults to the current env when omitted',
+            required: false,
+        }),
+    };
+    static flags = {
+        env: Flags.string({
+            char: 'e',
+            hidden: true,
+            deprecated: true,
+            description: 'Environment name (same as the optional positional argument; for compatibility with -e/--env on other commands)',
+        }),
+        'auth-type': Flags.string({
+            char: 'a',
+            description: 'Authentication: token (API key) or oauth (browser login)',
+            options: ['token', 'oauth'],
+        }),
+        'access-token': Flags.string({
+            char: 't',
+            description: 'API key or access token when using token authentication',
+        }),
+    };
+    async run() {
+        const { args, flags } = await this.parse(EnvAuth);
+        const nameArg = args.name?.trim();
+        const nameFlag = flags.env?.trim() || undefined;
+        if (nameArg && nameFlag && nameArg !== nameFlag) {
+            this.error(`Environment name was provided both as the argument ("${nameArg}") and as --env ("${nameFlag}"). Please use only one.`);
+        }
+        if (flags['auth-type'] === 'oauth' && flags['access-token'] !== undefined) {
+            this.error('--access-token cannot be used with --auth-type oauth.');
+        }
+        const envName = nameArg || nameFlag || (await getCurrentEnvName({ scope: resolveDefaultConfigScope() }));
+        const env = await getEnv(envName, { scope: resolveDefaultConfigScope() });
+        if (!env) {
+            this.error(formatMissingEnvMessage(envName));
+        }
+        const tokenFromFlags = flags['access-token'];
+        const tokenFlagProvided = tokenFromFlags !== undefined;
+        const tokenProvided = typeof tokenFromFlags === 'string' && tokenFromFlags !== '';
+        if (tokenFlagProvided && !tokenProvided) {
+            this.error('--access-token cannot be empty.');
+        }
+        const explicitAuthType = resolveExplicitAuthType(flags['auth-type']);
+        const savedAuthType = resolveConfiguredAuthType(env.config);
+        const resolvedAuthType = explicitAuthType ?? (tokenProvided ? 'token' : savedAuthType);
+        const prompted = (resolvedAuthType === 'oauth'
+            ? { authType: 'oauth' }
+            : resolvedAuthType === 'token' && tokenProvided
+                ? { authType: 'token', accessToken: tokenFromFlags }
+                : await runPromptCatalog(envAuthPrompts, {
+                    values: {
+                        ...(resolvedAuthType ? { authType: resolvedAuthType } : {}),
+                    },
+                    command: this,
+                })) ?? {};
+        const authType = resolveExplicitAuthType(prompted.authType ?? resolvedAuthType);
+        if (!authType) {
+            this.error('Choose an authentication type before continuing.');
+        }
+        printStage('Authenticating');
+        try {
+            if (authType === 'token') {
+                const accessToken = String(prompted.accessToken ?? tokenFromFlags ?? '');
+                if (accessToken.trim() === '') {
+                    this.error('--access-token cannot be empty.');
+                }
+                startTask(`Saving access token for "${envName}"...`);
+                await updateEnvConnection(envName, {
+                    authType: 'token',
+                    accessToken,
+                }, { scope: resolveDefaultConfigScope() });
+                stopTask();
+            }
+            else {
+                startTask(`Starting browser sign-in for "${envName}"...`);
+                await updateEnvConnection(envName, {
+                    authType: 'oauth',
+                }, { scope: resolveDefaultConfigScope() });
+                await authenticateEnvWithOauth({
+                    envName,
+                    scope: resolveDefaultConfigScope(),
+                });
+                stopTask();
+            }
+            await this.config.runCommand('env:update', [envName]);
+            succeedTask(`✔ Authenticated "${envName}".`);
+        }
+        catch (error) {
+            failTask(`Authentication failed for "${envName}".`);
+            throw error;
+        }
+    }
+}

package/dist/commands/env/current.js

@@ -0,0 +1,21 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+import { Command } from '@oclif/core';
+import { getCurrentEnvName } from '../../lib/auth-store.js';
+import { resolveDefaultConfigScope } from '../../lib/cli-home.js';
+export default class EnvCurrent extends Command {
+    static summary = 'Show the current environment name';
+    static examples = [
+        '<%= config.bin %> <%= command.id %>',
+    ];
+    async run() {
+        await this.parse(EnvCurrent);
+        this.log(await getCurrentEnvName({ scope: resolveDefaultConfigScope() }));
+    }
+}

package/dist/commands/env/info.js

@@ -0,0 +1,157 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+import { Args, Command, Flags } from '@oclif/core';
+import { formatMissingManagedAppEnvMessage, resolveManagedAppRuntime } from '../../lib/app-runtime.js';
+import { resolveBuiltinDbConnection } from '../../lib/builtin-db.js';
+import { renderTable } from '../../lib/ui.js';
+import { appRootPath, dbStatus, runtimeStatus, storagePath } from './shared.js';
+function normalizeJsonValue(value) {
+    if (value === undefined || value === null || value === '') {
+        return '-';
+    }
+    if (typeof value === 'boolean' || typeof value === 'number') {
+        return value;
+    }
+    return String(value);
+}
+function normalizeValue(value) {
+    if (value === undefined || value === null || value === '') {
+        return '-';
+    }
+    if (typeof value === 'boolean') {
+        return value ? 'true' : 'false';
+    }
+    return String(value);
+}
+function maskSecret(value, showSecrets) {
+    const normalized = normalizeValue(value);
+    if (normalized === '-') {
+        return normalized;
+    }
+    return showSecrets ? normalized : '********';
+}
+function createGroupTable(title, values) {
+    const rows = Object.entries(values).map(([field, value]) => [field, normalizeValue(value)]);
+    return `${title}\n${renderTable(['Field', 'Value'], rows)}`;
+}
+function serializeGroup(values) {
+    return Object.fromEntries(Object.entries(values).map(([field, value]) => [field, normalizeJsonValue(value)]));
+}
+export default class EnvInfo extends Command {
+    static hidden = false;
+    static description = 'Show grouped details for the selected NocoBase env, including app, database, API, and auth settings.';
+    static examples = [
+        '<%= config.bin %> <%= command.id %> app1',
+        '<%= config.bin %> <%= command.id %> app1 --json',
+        '<%= config.bin %> <%= command.id %> app1 --show-secrets',
+    ];
+    static args = {
+        name: Args.string({
+            description: 'Configured environment name to inspect. Defaults to the current env when omitted',
+            required: false,
+        }),
+    };
+    static flags = {
+        env: Flags.string({
+            char: 'e',
+            hidden: true,
+            deprecated: true,
+            description: 'Environment name (same as the optional positional argument; for compatibility with -e/--env on other commands)',
+        }),
+        json: Flags.boolean({
+            description: 'Output the result as JSON',
+            default: false,
+        }),
+        'show-secrets': Flags.boolean({
+            description: 'Show secret values in plain text',
+            default: false,
+        }),
+    };
+    async run() {
+        const { args, flags } = await this.parse(EnvInfo);
+        const envNameArg = args.name?.trim() || undefined;
+        const envNameFlag = flags.env?.trim() || undefined;
+        if (envNameArg && envNameFlag && envNameArg !== envNameFlag) {
+            this.error(`Environment name was provided both as the argument ("${envNameArg}") and as --env ("${envNameFlag}"). Please use only one.`);
+        }
+        const requestedEnv = envNameArg || envNameFlag;
+        const showSecrets = flags['show-secrets'];
+        const runtime = await resolveManagedAppRuntime(requestedEnv);
+        if (!runtime) {
+            this.error(formatMissingManagedAppEnvMessage(requestedEnv));
+        }
+        const auth = runtime.env.auth;
+        const builtinDbConnection = (runtime.kind === 'local' || runtime.kind === 'docker') && runtime.env.config.builtinDb
+            ? await resolveBuiltinDbConnection(runtime)
+            : undefined;
+        const appGroup = {
+            appRootPath: appRootPath(runtime),
+            storagePath: storagePath(runtime),
+            appPort: runtime.env.config.appPort,
+            appStatus: await runtimeStatus(runtime),
+            source: runtime.source,
+            downloadVersion: runtime.env.config.downloadVersion,
+            dockerRegistry: runtime.env.config.dockerRegistry,
+            dockerPlatform: runtime.env.config.dockerPlatform,
+            timezone: runtime.env.config.timezone,
+        };
+        const dbGroup = {
+            databaseStatus: await dbStatus(runtime),
+            builtinDb: runtime.env.config.builtinDb,
+            dbDialect: runtime.env.config.dbDialect,
+            builtinDbImage: runtime.env.config.builtinDbImage,
+            dbHost: builtinDbConnection?.dbHost ?? runtime.env.config.dbHost,
+            dbPort: builtinDbConnection?.dbPort ?? runtime.env.config.dbPort,
+            dbDatabase: runtime.env.config.dbDatabase,
+            dbUser: runtime.env.config.dbUser,
+            dbPassword: maskSecret(runtime.env.config.dbPassword, showSecrets),
+        };
+        const authGroup = {
+            type: auth?.type,
+            expiresAt: auth?.type === 'oauth' ? auth.expiresAt : undefined,
+            scope: auth?.type === 'oauth' ? auth.scope : undefined,
+            issuer: auth?.type === 'oauth' ? auth.issuer : undefined,
+            clientId: auth?.type === 'oauth' ? auth.clientId : undefined,
+            resource: auth?.type === 'oauth' ? auth.resource : undefined,
+            accessToken: maskSecret(auth?.accessToken, showSecrets),
+            refreshToken: maskSecret(auth?.type === 'oauth' ? auth.refreshToken : undefined, showSecrets),
+        };
+        const apiGroup = {
+            apiBaseUrl: runtime.env.apiBaseUrl,
+            'auth.type': authGroup.type,
+            'auth.expiresAt': authGroup.expiresAt,
+            'auth.scope': authGroup.scope,
+            'auth.issuer': authGroup.issuer,
+            'auth.clientId': authGroup.clientId,
+            'auth.resource': authGroup.resource,
+            'auth.accessToken': authGroup.accessToken,
+            'auth.refreshToken': authGroup.refreshToken,
+        };
+        const output = {
+            ok: true,
+            env: runtime.envName,
+            kind: runtime.kind,
+            app: serializeGroup(appGroup),
+            db: serializeGroup(dbGroup),
+            api: {
+                apiBaseUrl: normalizeJsonValue(runtime.env.apiBaseUrl),
+                auth: serializeGroup(authGroup),
+            },
+        };
+        if (flags.json) {
+            this.log(JSON.stringify(output, null, 2));
+            return;
+        }
+        this.log([
+            createGroupTable('App', appGroup),
+            createGroupTable('DB', dbGroup),
+            createGroupTable('API', apiGroup),
+        ].join('\n\n'));
+    }
+}