@optima-chat/dev-skills 0.7.14 → 0.7.16

package/.claude/commands/query-db.md

@@ -192,7 +192,7 @@ print(f\"COMMERCE_DB_PASSWORD={secrets['COMMERCE_DB_PASSWORD']}\")
 " > /tmp/stage_db_config.sh && source /tmp/stage_db_config.sh
 
 # 4. 建立 SSH 隧道到 Shared EC2，通过隧道访问 Stage RDS
-ssh -i ~/.ssh/optima-ec2-key -f -N -L 15432:optima-stage-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com:5432 ec2-user@13.251.46.219
+ssh -i ~/.ssh/optima-ec2-key -f -N -L 15432:optima-stage-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com:5432 ec2-user@3.0.210.113
 
 # 5. 通过本地端口 15432 连接到 RDS
 PGPASSWORD="${COMMERCE_DB_PASSWORD}" psql -h localhost -p 15432 -U "${COMMERCE_DB_USER}" -d optima_commerce -c "SELECT COUNT(*) FROM products"
@@ -249,7 +249,7 @@ pkill -f "ssh.*15432:${DATABASE_HOST}:5432"
 - Infisical 配置从 GitHub Variables 获取
 - 数据库密钥从 Infisical 动态获取（项目: optima-secrets-v2, 环境: staging, 路径: /shared-secrets/database-users）
 - Stage RDS: `optima-stage-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com`
-- Shared EC2 IP: `13.251.46.219`
+- Shared EC2 IP: `3.0.210.113`
 - SSH 隧道: 本地端口 `15432` → Shared EC2 → Stage RDS `5432`
 - Stage 和 Prod 有独立的 RDS 实例
 - ⚠️ session-gateway 数据库名: Stage 用 `optima_shell`, Prod 用 `optima_ai_shell`
@@ -290,7 +290,7 @@ print(f\"COMMERCE_DB_PASSWORD={secrets['COMMERCE_DB_PASSWORD']}\")
 " > /tmp/prod_db_config.sh && source /tmp/prod_db_config.sh
 
 # 4. 建立 SSH 隧道到 Shared EC2，通过隧道访问 Prod RDS
-ssh -i ~/.ssh/optima-ec2-key -f -N -L 15433:optima-prod-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com:5432 ec2-user@13.251.46.219
+ssh -i ~/.ssh/optima-ec2-key -f -N -L 15433:optima-prod-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com:5432 ec2-user@3.0.210.113
 
 # 5. 通过本地端口 15433 连接到 RDS
 PGPASSWORD="${COMMERCE_DB_PASSWORD}" psql -h localhost -p 15433 -U "${COMMERCE_DB_USER}" -d optima_commerce -c "SELECT COUNT(*) FROM products"
@@ -347,7 +347,7 @@ pkill -f "ssh.*15433:${DATABASE_HOST}:5432"
 - Infisical 配置从 GitHub Variables 获取
 - 数据库密钥从 Infisical 动态获取（项目: optima-secrets-v2, 环境: prod, 路径: /shared-secrets/database-users）
 - Prod RDS: `optima-prod-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com`
-- Shared EC2 IP: `13.251.46.219`
+- Shared EC2 IP: `3.0.210.113`
 - SSH 隧道: 本地端口 `15433` → Shared EC2 → Prod RDS `5432`
 - Stage 用端口 `15432`，Prod 用端口 `15433`
 - Stage 和 Prod 有独立的 RDS 实例

package/.claude/skills/query-db/SKILL.md

@@ -203,7 +203,7 @@ optima-query-db commerce-backend "SELECT status, COUNT(*) FROM orders GROUP BY s
 | Stage | `optima-stage-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com` | 15432 |
 | Prod | `optima-prod-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com` | 15433 |
 
-**跳板机**: `13.251.46.219` (Shared EC2)
+**跳板机**: `3.0.210.113` (Shared EC2)
 
 ## 🔗 相关命令
 

package/.claude/skills/show-env/SKILL.md

@@ -0,0 +1,185 @@
+---
+name: "show-env"
+description: "当用户请求查看环境变量、查看配置、查看服务配置、环境变量是什么、env 变量、服务环境变量、查看 Infisical 配置时，使用此技能。支持查看当前 shell 环境变量，以及 Stage、Prod 环境的服务配置。"
+allowed-tools: ["Bash", "SlashCommand"]
+---
+
+# 查看环境变量
+
+当你需要查看环境变量或服务配置时，使用这个场景。
+
+## 适用情况
+
+- 查看当前 shell 的环境变量
+- 查看服务的环境变量配置（从 Infisical）
+- 排查环境配置问题
+- 确认某个环境变量是否设置正确
+- 对比不同环境的配置差异
+
+## 快速操作
+
+### 1. 查看当前 shell 环境变量
+
+```bash
+# 查看所有环境变量
+env
+
+# 查看特定环境变量
+echo $OPTIMA_TOKEN
+echo $OPTIMA_ENV
+
+# 搜索包含特定关键字的环境变量
+env | grep -i optima
+env | grep -i aws
+env | grep -i database
+```
+
+### 2. 查看 Infisical 中的服务配置
+
+使用 `optima-show-env` CLI 工具查看存储在 Infisical 中的服务配置：
+
+```bash
+# 查看 Stage 环境的 commerce-backend 配置
+optima-show-env commerce-backend stage
+
+# 查看 Prod 环境的 user-auth 配置
+optima-show-env user-auth prod
+
+# 查看 Stage 环境的 agentic-chat 配置
+optima-show-env agentic-chat stage
+```
+
+**支持的服务**：
+- `commerce-backend` - 电商后端 API
+- `user-auth` - 用户认证服务
+- `agentic-chat` - AI 聊天服务
+- `bi` - BI 后端
+- `session-gateway` - AI Shell 网关
+- `optima-store` - 商城前端
+- `optima-scout` - 产品研究工具
+- `mcp-host` - MCP 主机
+
+**支持的环境**：
+- `stage` - Stage 预发布环境
+- `prod` - Prod 生产环境
+
+### 3. 使用过滤和选项
+
+```bash
+# 只查看数据库相关配置
+optima-show-env commerce-backend stage --filter DATABASE
+
+# 只查看 STRIPE 相关配置
+optima-show-env commerce-backend stage --filter STRIPE
+
+# 只显示变量名（不显示值）
+optima-show-env user-auth prod --keys-only
+```
+
+## 常见场景
+
+### 场景 1：确认环境变量是否设置
+
+**用户请求**："帮我看看 OPTIMA_TOKEN 环境变量设置了没有"
+
+**步骤**：
+```bash
+# 检查是否设置
+if [ -n "$OPTIMA_TOKEN" ]; then
+  echo "OPTIMA_TOKEN 已设置"
+  echo "长度: ${#OPTIMA_TOKEN} 字符"
+else
+  echo "OPTIMA_TOKEN 未设置"
+fi
+```
+
+### 场景 2：排查服务配置问题
+
+**用户请求**："commerce-backend 连接不上数据库，帮我看看配置"
+
+**步骤**：
+1. 查看数据库相关配置：
+   ```bash
+   optima-show-env commerce-backend stage --filter DATABASE
+   ```
+2. 确认连接字符串格式
+3. 检查密码是否包含特殊字符需要转义
+
+### 场景 3：对比不同环境配置
+
+**用户请求**："对比一下 Stage 和 Prod 环境的配置差异"
+
+**步骤**：
+```bash
+# 导出两个环境的配置（只看变量名）
+optima-show-env commerce-backend stage --keys-only > /tmp/env-stage.txt
+optima-show-env commerce-backend prod --keys-only > /tmp/env-prod.txt
+
+# 对比差异
+diff /tmp/env-stage.txt /tmp/env-prod.txt
+```
+
+### 场景 4：查看特定类型配置
+
+**用户请求**："帮我看看 Stripe 相关配置"
+
+**步骤**：
+```bash
+optima-show-env commerce-backend stage --filter STRIPE
+optima-show-env commerce-backend prod --filter STRIPE
+```
+
+## 环境变量分类
+
+### 常见环境变量类型
+
+| 类型 | 示例变量 | 说明 |
+|------|----------|------|
+| 数据库 | `DATABASE_URL`, `DB_HOST`, `DB_PASSWORD` | 数据库连接配置 |
+| Redis | `REDIS_URL`, `REDIS_HOST`, `REDIS_DB` | 缓存配置 |
+| AWS/S3 | `MINIO_ACCESS_KEY`, `MINIO_SECRET_KEY`, `MINIO_BUCKET` | 对象存储配置 |
+| Auth | `JWT_SECRET_KEY`, `OAUTH_CLIENT_ID`, `SECRET_KEY` | 认证相关配置 |
+| Stripe | `STRIPE_SECRET_KEY`, `STRIPE_WEBHOOK_SECRET` | 支付配置 |
+| 应用 | `DEBUG`, `LOG_LEVEL`, `NODE_ENV` | 应用运行配置 |
+
+## CLI 选项说明
+
+| 选项 | 说明 |
+|------|------|
+| `--filter <pattern>` | 按变量名过滤（不区分大小写） |
+| `--keys-only` | 只显示变量名，不显示值 |
+| `--help` | 显示帮助信息 |
+
+## 故障排查
+
+### 问题 1：optima-show-env 命令不存在
+
+**解决方案**：
+```bash
+# 安装或更新工具
+npm install -g @optima-chat/dev-skills@latest
+```
+
+### 问题 2：无法访问 Infisical
+
+**可能原因**：
+- GitHub CLI 未登录
+- 无权访问 Optima-Chat/optima-dev-skills 仓库的 Variables
+
+**解决方案**：
+- 运行 `gh auth login` 登录 GitHub
+- 确认有仓库访问权限
+
+### 问题 3：服务不存在
+
+**错误信息**: "Unknown service 'xxx'"
+
+**解决方案**：
+- 检查服务名称拼写
+- 运行 `optima-show-env --help` 查看支持的服务列表
+
+## 相关命令
+
+- `/show-env` - 查看环境变量
+- `/logs` - 查看服务日志
+- `/query-db` - 查询数据库

package/bin/helpers/query-db.ts

@@ -51,8 +51,8 @@ const RDS_HOSTS = {
   prod: 'optima-prod-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com'
 };
 
-// 统一使用 Shared EC2 作为跳板机
-const EC2_HOST = '13.251.46.219';
+// 统一使用 BI Data ARM Host 作为跳板机
+const EC2_HOST = '3.0.210.113';
 
 function getGitHubVariable(name: string): string {
   return execSync(`gh variable get ${name} -R Optima-Chat/optima-dev-skills`, { encoding: 'utf-8' }).trim();

package/bin/helpers/show-env.ts

@@ -0,0 +1,183 @@
+#!/usr/bin/env node
+
+import { execSync } from 'child_process';
+
+interface InfisicalConfig {
+  url: string;
+  clientId: string;
+  clientSecret: string;
+  projectId: string;
+}
+
+// 支持的服务列表（Infisical 路径为 /services/<service-name>）
+const SUPPORTED_SERVICES = [
+  'commerce-backend',
+  'user-auth',
+  'agentic-chat',
+  'bi',
+  'session-gateway',
+  'optima-store',
+  'optima-scout',
+  'mcp-host'
+];
+
+// 环境到 Infisical environment 的映射
+const ENV_MAP: Record<string, string> = {
+  stage: 'staging',
+  prod: 'prod'
+};
+
+function getGitHubVariable(name: string): string {
+  return execSync(`gh variable get ${name} -R Optima-Chat/optima-dev-skills`, { encoding: 'utf-8' }).trim();
+}
+
+function getInfisicalConfig(): InfisicalConfig {
+  return {
+    url: getGitHubVariable('INFISICAL_URL'),
+    clientId: getGitHubVariable('INFISICAL_CLIENT_ID'),
+    clientSecret: getGitHubVariable('INFISICAL_CLIENT_SECRET'),
+    projectId: getGitHubVariable('INFISICAL_PROJECT_ID')
+  };
+}
+
+function getInfisicalToken(config: InfisicalConfig): string {
+  const response = execSync(
+    `curl -s -X POST "${config.url}/api/v1/auth/universal-auth/login" -H "Content-Type: application/json" -d '{"clientId": "${config.clientId}", "clientSecret": "${config.clientSecret}"}'`,
+    { encoding: 'utf-8' }
+  );
+  return JSON.parse(response).accessToken;
+}
+
+function getInfisicalSecrets(config: InfisicalConfig, token: string, environment: string, secretPath: string): Record<string, string> {
+  const response = execSync(
+    `curl -s "${config.url}/api/v3/secrets/raw?workspaceId=${config.projectId}&environment=${environment}&secretPath=${encodeURIComponent(secretPath)}" -H "Authorization: Bearer ${token}"`,
+    { encoding: 'utf-8' }
+  );
+  const data = JSON.parse(response);
+  const secrets: Record<string, string> = {};
+  for (const secret of data.secrets || []) {
+    secrets[secret.secretKey] = secret.secretValue;
+  }
+  return secrets;
+}
+
+
+function printHelp() {
+  console.log(`
+Usage: optima-show-env <service> <environment> [options]
+
+Arguments:
+  service      Service name (${SUPPORTED_SERVICES.join(', ')})
+  environment  Environment (stage, prod)
+
+Options:
+  --filter     Filter by key pattern (e.g., --filter DATABASE)
+  --keys-only  Show only key names, not values
+  --help       Show this help message
+
+Examples:
+  optima-show-env commerce-backend stage
+  optima-show-env user-auth prod --filter DATABASE
+  optima-show-env bi stage --keys-only
+`);
+}
+
+async function main() {
+  const args = process.argv.slice(2);
+
+  if (args.includes('--help') || args.includes('-h')) {
+    printHelp();
+    process.exit(0);
+  }
+
+  // 解析参数
+  const positionalArgs: string[] = [];
+  let filter = '';
+  let keysOnly = false;
+
+  for (let i = 0; i < args.length; i++) {
+    if (args[i] === '--filter' && args[i + 1]) {
+      filter = args[i + 1];
+      i++;
+    } else if (args[i] === '--keys-only') {
+      keysOnly = true;
+    } else if (!args[i].startsWith('-')) {
+      positionalArgs.push(args[i]);
+    }
+  }
+
+  if (positionalArgs.length < 2) {
+    console.error('Error: Missing required arguments');
+    printHelp();
+    process.exit(1);
+  }
+
+  const [service, environment] = positionalArgs;
+
+  // 验证服务
+  if (!SUPPORTED_SERVICES.includes(service)) {
+    console.error(`Error: Unknown service '${service}'`);
+    console.error('Available services:', SUPPORTED_SERVICES.join(', '));
+    process.exit(1);
+  }
+
+  // 验证环境
+  if (!ENV_MAP[environment]) {
+    console.error(`Error: Unknown environment '${environment}'`);
+    console.error('Available environments: stage, prod');
+    process.exit(1);
+  }
+
+  // Infisical 路径为 /services/<service-name>
+  const secretPath = `/services/${service}`;
+
+  console.log(`\n🔍 Fetching environment variables for ${service} (${environment.toUpperCase()})...\n`);
+
+  try {
+    const infisicalConfig = getInfisicalConfig();
+    console.log('✓ Loaded Infisical config from GitHub Variables');
+
+    const token = getInfisicalToken(infisicalConfig);
+    console.log('✓ Obtained Infisical access token');
+
+    const infisicalEnv = ENV_MAP[environment];
+    const secrets = getInfisicalSecrets(infisicalConfig, token, infisicalEnv, secretPath);
+    console.log(`✓ Retrieved secrets from Infisical (path: ${secretPath})\n`);
+
+    const keys = Object.keys(secrets).sort();
+
+    if (keys.length === 0) {
+      console.log('No environment variables found.');
+      return;
+    }
+
+    // 过滤
+    const filteredKeys = filter
+      ? keys.filter(key => key.toUpperCase().includes(filter.toUpperCase()))
+      : keys;
+
+    if (filteredKeys.length === 0) {
+      console.log(`No environment variables matching '${filter}' found.`);
+      return;
+    }
+
+    console.log(`📋 Environment Variables (${filteredKeys.length} items):\n`);
+    console.log('─'.repeat(60));
+
+    for (const key of filteredKeys) {
+      if (keysOnly) {
+        console.log(key);
+      } else {
+        console.log(`${key}=${secrets[key]}`);
+      }
+    }
+
+    console.log('─'.repeat(60));
+
+  } catch (error: any) {
+    console.error('\n❌ Error:', error.message);
+    process.exit(1);
+  }
+}
+
+main();

package/dist/bin/helpers/query-db.js

@@ -68,8 +68,8 @@ const RDS_HOSTS = {
     stage: 'optima-stage-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com',
     prod: 'optima-prod-postgres.ctg866o0ehac.ap-southeast-1.rds.amazonaws.com'
 };
-// 统一使用 Shared EC2 作为跳板机
-const EC2_HOST = '13.251.46.219';
+// 统一使用 BI Data ARM Host 作为跳板机
+const EC2_HOST = '3.0.210.113';
 function getGitHubVariable(name) {
     return (0, child_process_1.execSync)(`gh variable get ${name} -R Optima-Chat/optima-dev-skills`, { encoding: 'utf-8' }).trim();
 }

package/dist/bin/helpers/show-env.js

@@ -0,0 +1,145 @@
+#!/usr/bin/env node
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const child_process_1 = require("child_process");
+// 支持的服务列表（Infisical 路径为 /services/<service-name>）
+const SUPPORTED_SERVICES = [
+    'commerce-backend',
+    'user-auth',
+    'agentic-chat',
+    'bi',
+    'session-gateway',
+    'optima-store',
+    'optima-scout',
+    'mcp-host'
+];
+// 环境到 Infisical environment 的映射
+const ENV_MAP = {
+    stage: 'staging',
+    prod: 'prod'
+};
+function getGitHubVariable(name) {
+    return (0, child_process_1.execSync)(`gh variable get ${name} -R Optima-Chat/optima-dev-skills`, { encoding: 'utf-8' }).trim();
+}
+function getInfisicalConfig() {
+    return {
+        url: getGitHubVariable('INFISICAL_URL'),
+        clientId: getGitHubVariable('INFISICAL_CLIENT_ID'),
+        clientSecret: getGitHubVariable('INFISICAL_CLIENT_SECRET'),
+        projectId: getGitHubVariable('INFISICAL_PROJECT_ID')
+    };
+}
+function getInfisicalToken(config) {
+    const response = (0, child_process_1.execSync)(`curl -s -X POST "${config.url}/api/v1/auth/universal-auth/login" -H "Content-Type: application/json" -d '{"clientId": "${config.clientId}", "clientSecret": "${config.clientSecret}"}'`, { encoding: 'utf-8' });
+    return JSON.parse(response).accessToken;
+}
+function getInfisicalSecrets(config, token, environment, secretPath) {
+    const response = (0, child_process_1.execSync)(`curl -s "${config.url}/api/v3/secrets/raw?workspaceId=${config.projectId}&environment=${environment}&secretPath=${encodeURIComponent(secretPath)}" -H "Authorization: Bearer ${token}"`, { encoding: 'utf-8' });
+    const data = JSON.parse(response);
+    const secrets = {};
+    for (const secret of data.secrets || []) {
+        secrets[secret.secretKey] = secret.secretValue;
+    }
+    return secrets;
+}
+function printHelp() {
+    console.log(`
+Usage: optima-show-env <service> <environment> [options]
+
+Arguments:
+  service      Service name (${SUPPORTED_SERVICES.join(', ')})
+  environment  Environment (stage, prod)
+
+Options:
+  --filter     Filter by key pattern (e.g., --filter DATABASE)
+  --keys-only  Show only key names, not values
+  --help       Show this help message
+
+Examples:
+  optima-show-env commerce-backend stage
+  optima-show-env user-auth prod --filter DATABASE
+  optima-show-env bi stage --keys-only
+`);
+}
+async function main() {
+    const args = process.argv.slice(2);
+    if (args.includes('--help') || args.includes('-h')) {
+        printHelp();
+        process.exit(0);
+    }
+    // 解析参数
+    const positionalArgs = [];
+    let filter = '';
+    let keysOnly = false;
+    for (let i = 0; i < args.length; i++) {
+        if (args[i] === '--filter' && args[i + 1]) {
+            filter = args[i + 1];
+            i++;
+        }
+        else if (args[i] === '--keys-only') {
+            keysOnly = true;
+        }
+        else if (!args[i].startsWith('-')) {
+            positionalArgs.push(args[i]);
+        }
+    }
+    if (positionalArgs.length < 2) {
+        console.error('Error: Missing required arguments');
+        printHelp();
+        process.exit(1);
+    }
+    const [service, environment] = positionalArgs;
+    // 验证服务
+    if (!SUPPORTED_SERVICES.includes(service)) {
+        console.error(`Error: Unknown service '${service}'`);
+        console.error('Available services:', SUPPORTED_SERVICES.join(', '));
+        process.exit(1);
+    }
+    // 验证环境
+    if (!ENV_MAP[environment]) {
+        console.error(`Error: Unknown environment '${environment}'`);
+        console.error('Available environments: stage, prod');
+        process.exit(1);
+    }
+    // Infisical 路径为 /services/<service-name>
+    const secretPath = `/services/${service}`;
+    console.log(`\n🔍 Fetching environment variables for ${service} (${environment.toUpperCase()})...\n`);
+    try {
+        const infisicalConfig = getInfisicalConfig();
+        console.log('✓ Loaded Infisical config from GitHub Variables');
+        const token = getInfisicalToken(infisicalConfig);
+        console.log('✓ Obtained Infisical access token');
+        const infisicalEnv = ENV_MAP[environment];
+        const secrets = getInfisicalSecrets(infisicalConfig, token, infisicalEnv, secretPath);
+        console.log(`✓ Retrieved secrets from Infisical (path: ${secretPath})\n`);
+        const keys = Object.keys(secrets).sort();
+        if (keys.length === 0) {
+            console.log('No environment variables found.');
+            return;
+        }
+        // 过滤
+        const filteredKeys = filter
+            ? keys.filter(key => key.toUpperCase().includes(filter.toUpperCase()))
+            : keys;
+        if (filteredKeys.length === 0) {
+            console.log(`No environment variables matching '${filter}' found.`);
+            return;
+        }
+        console.log(`📋 Environment Variables (${filteredKeys.length} items):\n`);
+        console.log('─'.repeat(60));
+        for (const key of filteredKeys) {
+            if (keysOnly) {
+                console.log(key);
+            }
+            else {
+                console.log(`${key}=${secrets[key]}`);
+            }
+        }
+        console.log('─'.repeat(60));
+    }
+    catch (error) {
+        console.error('\n❌ Error:', error.message);
+        process.exit(1);
+    }
+}
+main();

package/package.json

@@ -1,12 +1,13 @@
 {
   "name": "@optima-chat/dev-skills",
-  "version": "0.7.14",
+  "version": "0.7.16",
   "description": "Claude Code Skills for Optima development team - cross-environment collaboration tools",
   "main": "index.js",
   "bin": {
     "optima-dev-skills": "./bin/cli.js",
     "optima-query-db": "./dist/bin/helpers/query-db.js",
-    "optima-generate-test-token": "./dist/bin/helpers/generate-test-token.js"
+    "optima-generate-test-token": "./dist/bin/helpers/generate-test-token.js",
+    "optima-show-env": "./dist/bin/helpers/show-env.js"
   },
   "scripts": {
     "postinstall": "node scripts/install.js",