npm - @novaluna/onboard - Versions diffs - 1.0.0 - Mend

@novaluna/onboard 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/cli.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ #!/usr/bin/env node
2	+ export {};

package/dist/cli.js ADDED Viewed

@@ -0,0 +1,210 @@
+#!/usr/bin/env node
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+/**
+ * novaluna-onboard CLI
+ *
+ * Usage (interactive):
+ *   npx @novaluna/onboard
+ *
+ * Usage (non-interactive / CI):
+ *   npx @novaluna/onboard provision \
+ *     --org "Acme Capital" \
+ *     --email admin@acmecapital.com \
+ *     --realm acme-capital
+ */
+const commander_1 = require("commander");
+const chalk_1 = __importDefault(require("chalk"));
+const ora_1 = __importDefault(require("ora"));
+const promises_1 = require("readline/promises");
+const db = __importStar(require("./db"));
+const keycloak = __importStar(require("./keycloak"));
+const gateway = __importStar(require("./gateway"));
+const db_1 = require("./db");
+const WORKBENCH_URL = 'https://workbench.novaluna.ai';
+const program = new commander_1.Command()
+    .name('novaluna-onboard')
+    .description('Provision a new Novaluna client org')
+    .version('1.0.0');
+// ---------------------------------------------------------------------------
+// provision command — full onboarding flow
+// ---------------------------------------------------------------------------
+program
+    .command('provision', { isDefault: true })
+    .description('Interactively provision a new client org (default command)')
+    .option('--org <name>', 'Organisation name')
+    .option('--email <email>', 'Admin email')
+    .option('--realm <id>', 'Keycloak realm ID (lowercase, no spaces)')
+    .option('--token-name <n>', 'Agent token name', 'default')
+    .action(async (opts) => {
+    console.log(chalk_1.default.bold('\nNovaluna Client Onboarding'));
+    console.log(chalk_1.default.dim('─'.repeat(40)));
+    // Gather inputs interactively if not provided as flags
+    const rl = (0, promises_1.createInterface)({ input: process.stdin, output: process.stdout });
+    const ask = (q) => rl.question(chalk_1.default.cyan('? ') + q + ' ');
+    const orgName = opts.org ?? (await ask('Organisation name:')).trim();
+    const email = opts.email ?? (await ask('Admin email:')).trim();
+    const defaultRealm = orgName.toLowerCase().replace(/\s+/g, '-');
+    const realmInput = opts.realm ?? (await ask(`Keycloak realm ID [${defaultRealm}]: `)).trim();
+    const realmId = realmInput || defaultRealm;
+    rl.close();
+    const tokenName = opts.tokenName;
+    let orgId;
+    // 1. Create org in MySQL (idempotent)
+    {
+        const spinner = (0, ora_1.default)('Creating org in database...').start();
+        try {
+            const existing = await db.getOrgByName(orgName);
+            if (existing) {
+                orgId = existing.id;
+                spinner.info(`Org already exists (id=${orgId})`);
+            }
+            else {
+                orgId = await db.createOrg(orgName, email);
+                spinner.succeed(`Org created (id=${orgId})`);
+            }
+        }
+        catch (err) {
+            spinner.fail(`DB error: ${err.message}`);
+            process.exit(1);
+        }
+    }
+    // 2. Create Keycloak realm (idempotent)
+    {
+        const spinner = (0, ora_1.default)('Provisioning Keycloak realm...').start();
+        try {
+            if (await keycloak.realmExists(realmId)) {
+                spinner.info(`Realm already exists: ${realmId}`);
+            }
+            else {
+                await keycloak.createRealm(realmId, orgName);
+                await keycloak.createClient(realmId, 'novaluna-workbench', WORKBENCH_URL);
+                spinner.succeed(`Realm created: ${realmId}`);
+            }
+        }
+        catch (err) {
+            spinner.fail(`Keycloak error: ${err.message}`);
+            process.exit(1);
+        }
+    }
+    // 3. Generate agent registration token
+    let agentToken;
+    {
+        const spinner = (0, ora_1.default)('Generating agent token...').start();
+        try {
+            agentToken = await gateway.createAgentToken(orgId, tokenName, email);
+            spinner.succeed('Agent token generated');
+        }
+        catch (err) {
+            spinner.fail(`Gateway error: ${err.message}`);
+            process.exit(1);
+        }
+    }
+    await (0, db_1.close)();
+    // 4. Print summary
+    console.log('\n' + chalk_1.default.bold.green('✓ Onboarding complete'));
+    console.log(chalk_1.default.dim('─'.repeat(40)));
+    console.log(`  Organisation   ${chalk_1.default.cyan(orgName)}  (id=${orgId})`);
+    console.log(`  Keycloak realm ${chalk_1.default.cyan(realmId)}`);
+    console.log(`  Admin email    ${chalk_1.default.cyan(email)}`);
+    console.log('');
+    console.log(chalk_1.default.bold('Agent install command for your team:'));
+    console.log('');
+    console.log(chalk_1.default.bgBlack.white(`  npx @novaluna/agent start --token ${agentToken}`));
+    console.log('');
+    console.log(chalk_1.default.dim('  Share this token securely with the client.'));
+    console.log(chalk_1.default.dim(`  Workbench: ${WORKBENCH_URL}\n`));
+});
+// ---------------------------------------------------------------------------
+// token command — generate an additional token for an existing org
+// ---------------------------------------------------------------------------
+program
+    .command('token')
+    .description('Generate an additional agent token for an existing org')
+    .requiredOption('--org <name>', 'Organisation name')
+    .option('--name <label>', 'Token label', 'additional')
+    .option('--by <email>', 'Created by', 'admin')
+    .action(async (opts) => {
+    const spinner = (0, ora_1.default)(`Looking up org: ${opts.org}`).start();
+    const org = await db.getOrgByName(opts.org);
+    if (!org) {
+        spinner.fail(`Org not found: ${opts.org}`);
+        process.exit(1);
+    }
+    spinner.succeed(`Org found (id=${org.id})`);
+    const tokenSpinner = (0, ora_1.default)('Generating token...').start();
+    try {
+        const raw = await gateway.createAgentToken(org.id, opts.name, opts.by);
+        tokenSpinner.succeed('Token generated');
+        console.log('');
+        console.log(chalk_1.default.bgBlack.white(`  npx @novaluna/agent start --token ${raw}`));
+        console.log('');
+    }
+    catch (err) {
+        tokenSpinner.fail(err.message);
+    }
+    await (0, db_1.close)();
+});
+// ---------------------------------------------------------------------------
+// status command — show connected agents for an org
+// ---------------------------------------------------------------------------
+program
+    .command('status')
+    .description('Show connected agents for an org')
+    .requiredOption('--org <name>', 'Organisation name')
+    .action(async (opts) => {
+    const org = await db.getOrgByName(opts.org);
+    if (!org) {
+        console.error(chalk_1.default.red(`Org not found: ${opts.org}`));
+        process.exit(1);
+    }
+    const agents = await gateway.listAgents(org.id);
+    if (agents.length === 0) {
+        console.log(chalk_1.default.yellow('No agents connected.'));
+    }
+    else {
+        console.log(chalk_1.default.bold(`\nConnected agents for ${opts.org}:\n`));
+        for (const a of agents) {
+            const dot = a.connected ? chalk_1.default.green('●') : chalk_1.default.grey('○');
+            console.log(`  ${dot}  ${a.agent_id}  MCPs: ${(a.mcp_ids ?? []).join(', ') || 'none'}`);
+        }
+    }
+    await (0, db_1.close)();
+});
+program.parse(process.argv);

package/dist/config.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+export declare const config: {
+    db: {
+        host: string;
+        port: number;
+        database: string;
+        user: string;
+        password: string;
+    };
+    keycloak: {
+        url: string;
+        realm: string;
+        adminUser: string;
+        adminPass: string;
+        clientId: string;
+    };
+    gateway: {
+        url: string;
+        internalSecret: string;
+    };
+};

package/dist/config.js ADDED Viewed

@@ -0,0 +1,58 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.config = void 0;
+const dotenv = __importStar(require("dotenv"));
+dotenv.config();
+exports.config = {
+    db: {
+        host: process.env.DB_HOST ?? 'localhost',
+        port: Number(process.env.DB_PORT ?? 3306),
+        database: process.env.DB_NAME ?? 'novaluna',
+        user: process.env.DB_USER ?? 'novaluna',
+        password: process.env.DB_PASSWORD ?? '',
+    },
+    keycloak: {
+        url: process.env.KEYCLOAK_URL ?? 'https://auth.novaluna.ai',
+        realm: process.env.KEYCLOAK_ADMIN_REALM ?? 'master',
+        adminUser: process.env.KEYCLOAK_ADMIN_USER ?? 'admin',
+        adminPass: process.env.KEYCLOAK_ADMIN_PASS ?? '',
+        clientId: process.env.KEYCLOAK_ADMIN_CLIENT ?? 'admin-cli',
+    },
+    gateway: {
+        url: process.env.GATEWAY_URL ?? 'https://agents.novaluna.ai',
+        internalSecret: process.env.GATEWAY_INTERNAL_SECRET ?? '',
+    },
+};

package/dist/db.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import mysql from 'mysql2/promise';
+export declare function getConn(): Promise<mysql.Connection>;
+export declare function close(): Promise<void>;
+export declare function orgExists(name: string): Promise<boolean>;
+export declare function createOrg(name: string, adminEmail: string): Promise<number>;
+export declare function getOrgByName(name: string): Promise<{
+    id: number;
+} | null>;

package/dist/db.js ADDED Viewed

@@ -0,0 +1,38 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getConn = getConn;
+exports.close = close;
+exports.orgExists = orgExists;
+exports.createOrg = createOrg;
+exports.getOrgByName = getOrgByName;
+const promise_1 = __importDefault(require("mysql2/promise"));
+const config_1 = require("./config");
+let _conn = null;
+async function getConn() {
+    if (!_conn) {
+        _conn = await promise_1.default.createConnection(config_1.config.db);
+    }
+    return _conn;
+}
+async function close() {
+    await _conn?.end();
+}
+async function orgExists(name) {
+    const conn = await getConn();
+    // organisations are stored in the novaluna core DB — adjust table name if different
+    const [rows] = await conn.query('SELECT id FROM organisation WHERE name = ? LIMIT 1', [name]);
+    return rows.length > 0;
+}
+async function createOrg(name, adminEmail) {
+    const conn = await getConn();
+    const [result] = await conn.query('INSERT INTO organisation (name, admin_email, created_at) VALUES (?, ?, NOW())', [name, adminEmail]);
+    return result.insertId;
+}
+async function getOrgByName(name) {
+    const conn = await getConn();
+    const [rows] = await conn.query('SELECT id FROM organisation WHERE name = ? LIMIT 1', [name]);
+    return rows.length ? rows[0] : null;
+}

package/dist/gateway.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export declare function createAgentToken(orgId: number, name: string, createdBy: string): Promise<string>;
2	+ export declare function listAgents(orgId: number): Promise<unknown[]>;

package/dist/gateway.js ADDED Viewed

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAgentToken = createAgentToken;
+exports.listAgents = listAgents;
+/**
+ * Gateway API client — calls agent-gateway REST endpoints.
+ */
+const config_1 = require("./config");
+function headers() {
+    return {
+        'Content-Type': 'application/json',
+        'x-internal-secret': config_1.config.gateway.internalSecret,
+    };
+}
+async function createAgentToken(orgId, name, createdBy) {
+    const res = await fetch(`${config_1.config.gateway.url}/internal/tokens`, {
+        method: 'POST',
+        headers: headers(),
+        body: JSON.stringify({ org_id: orgId, name, created_by: createdBy }),
+    });
+    if (!res.ok)
+        throw new Error(`Token creation failed: ${res.status} ${await res.text()}`);
+    const data = (await res.json());
+    return data.token;
+}
+async function listAgents(orgId) {
+    const res = await fetch(`${config_1.config.gateway.url}/internal/orgs/${orgId}/agents`, {
+        headers: headers(),
+    });
+    if (!res.ok)
+        throw new Error(`List agents failed: ${res.status}`);
+    const data = (await res.json());
+    return data.agents;
+}

package/dist/keycloak.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export declare function realmExists(realmId: string): Promise<boolean>;
+export declare function createRealm(realmId: string, displayName: string): Promise<void>;
+export declare function createClient(realmId: string, clientId: string, rootUrl: string): Promise<void>;

package/dist/keycloak.js ADDED Viewed

@@ -0,0 +1,78 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.realmExists = realmExists;
+exports.createRealm = createRealm;
+exports.createClient = createClient;
+/**
+ * Keycloak admin operations via REST API.
+ * Creates a new realm + client for each onboarded org.
+ */
+const config_1 = require("./config");
+let _adminToken = null;
+async function getAdminToken() {
+    if (_adminToken)
+        return _adminToken;
+    const { url, realm, adminUser, adminPass, clientId } = config_1.config.keycloak;
+    const res = await fetch(`${url}/realms/${realm}/protocol/openid-connect/token`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: new URLSearchParams({
+            grant_type: 'password',
+            client_id: clientId,
+            username: adminUser,
+            password: adminPass,
+        }),
+    });
+    if (!res.ok)
+        throw new Error(`Keycloak admin login failed: ${res.status} ${await res.text()}`);
+    const data = (await res.json());
+    _adminToken = data.access_token;
+    return _adminToken;
+}
+async function adminFetch(path, opts = {}) {
+    const token = await getAdminToken();
+    return fetch(`${config_1.config.keycloak.url}${path}`, {
+        ...opts,
+        headers: {
+            Authorization: `Bearer ${token}`,
+            'Content-Type': 'application/json',
+            ...(opts.headers ?? {}),
+        },
+    });
+}
+async function realmExists(realmId) {
+    const res = await adminFetch(`/admin/realms/${realmId}`);
+    return res.ok;
+}
+async function createRealm(realmId, displayName) {
+    const res = await adminFetch('/admin/realms', {
+        method: 'POST',
+        body: JSON.stringify({
+            realm: realmId,
+            displayName,
+            enabled: true,
+            sslRequired: 'external',
+            registrationAllowed: false,
+        }),
+    });
+    if (!res.ok && res.status !== 409) {
+        throw new Error(`Create realm failed: ${res.status} ${await res.text()}`);
+    }
+}
+async function createClient(realmId, clientId, rootUrl) {
+    const res = await adminFetch(`/admin/realms/${realmId}/clients`, {
+        method: 'POST',
+        body: JSON.stringify({
+            clientId,
+            rootUrl,
+            redirectUris: [`${rootUrl}/*`],
+            webOrigins: [rootUrl],
+            publicClient: true,
+            standardFlowEnabled: true,
+            directAccessGrantsEnabled: false,
+        }),
+    });
+    if (!res.ok && res.status !== 409) {
+        throw new Error(`Create client failed: ${res.status} ${await res.text()}`);
+    }
+}

package/package.json ADDED Viewed

@@ -0,0 +1,46 @@
+{
+  "name": "@novaluna/onboard",
+  "version": "1.0.0",
+  "description": "Novaluna client onboarding CLI — provisions orgs, Keycloak realms, and agent tokens",
+  "main": "dist/index.js",
+  "bin": {
+    "novaluna-onboard": "dist/cli.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "ts-node src/cli.ts",
+    "prepublishOnly": "npm run build"
+  },
+  "files": [
+    "dist/",
+    "README.md"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "keywords": [
+    "novaluna",
+    "onboarding",
+    "cli"
+  ],
+  "license": "UNLICENSED",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/novaluna-ai/novaluna-agent.git"
+  },
+  "homepage": "https://workbench.novaluna.ai",
+  "dependencies": {
+    "commander": "^12.1.0",
+    "chalk": "^4.1.2",
+    "ora": "^5.4.1",
+    "mysql2": "^3.11.0",
+    "dotenv": "^16.4.5"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "typescript": "^5.6.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}