@quiltdata/benchling-webhook 0.5.4 → 0.6.1-20251104T043302Z

package/dist/scripts/install-wizard.js

@@ -0,0 +1,719 @@
+#!/usr/bin/env node
+"use strict";
+/**
+ * Interactive Configuration Wizard
+ *
+ * Guided configuration setup with comprehensive validation:
+ * - Benchling tenant and OAuth credentials
+ * - S3 bucket access verification
+ * - Quilt API connectivity testing
+ * - AWS Secrets Manager integration
+ *
+ * Supports both interactive and non-interactive (CI/CD) modes.
+ *
+ * @module scripts/install-wizard
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runInstallWizard = runInstallWizard;
+const inquirer_1 = __importDefault(require("inquirer"));
+const client_s3_1 = require("@aws-sdk/client-s3");
+const client_sts_1 = require("@aws-sdk/client-sts");
+const xdg_config_1 = require("../lib/xdg-config");
+const infer_quilt_config_1 = require("./infer-quilt-config");
+const sync_secrets_1 = require("./sync-secrets");
+const config_resolver_1 = require("../lib/utils/config-resolver");
+const client_cloudformation_1 = require("@aws-sdk/client-cloudformation");
+const https = __importStar(require("https"));
+/**
+ * Validates Benchling tenant accessibility
+ *
+ * @param tenant - Benchling tenant name
+ * @returns Validation result
+ */
+async function validateBenchlingTenant(tenant) {
+    const result = {
+        isValid: false,
+        errors: [],
+        warnings: [],
+    };
+    if (!tenant || tenant.trim().length === 0) {
+        result.errors.push("Tenant name cannot be empty");
+        return result;
+    }
+    // Basic format validation
+    if (!/^[a-zA-Z0-9-_]+$/.test(tenant)) {
+        result.errors.push("Tenant name contains invalid characters");
+        return result;
+    }
+    // Test tenant URL accessibility
+    const tenantUrl = `https://${tenant}.benchling.com`;
+    return new Promise((resolve) => {
+        https
+            .get(tenantUrl, { timeout: 5000 }, (res) => {
+            if (res.statusCode === 200 || res.statusCode === 302 || res.statusCode === 301) {
+                result.isValid = true;
+                console.log(`  ✓ Tenant URL accessible: ${tenantUrl}`);
+            }
+            else {
+                result.warnings.push(`Tenant URL returned status ${res.statusCode}`);
+                result.isValid = true; // Consider this a warning, not an error
+            }
+            resolve(result);
+        })
+            .on("error", (error) => {
+            result.warnings.push(`Could not verify tenant URL: ${error.message}`);
+            result.isValid = true; // Allow proceeding with warning
+            resolve(result);
+        });
+    });
+}
+/**
+ * Validates Benchling OAuth credentials
+ *
+ * @param tenant - Benchling tenant
+ * @param clientId - OAuth client ID
+ * @param clientSecret - OAuth client secret
+ * @returns Validation result
+ */
+async function validateBenchlingCredentials(tenant, clientId, clientSecret) {
+    const result = {
+        isValid: false,
+        errors: [],
+        warnings: [],
+    };
+    if (!clientId || clientId.trim().length === 0) {
+        result.errors.push("Client ID cannot be empty");
+    }
+    if (!clientSecret || clientSecret.trim().length === 0) {
+        result.errors.push("Client secret cannot be empty");
+    }
+    if (result.errors.length > 0) {
+        return result;
+    }
+    // Test OAuth token endpoint
+    const tokenUrl = `https://${tenant}.benchling.com/api/v2/token`;
+    const authString = Buffer.from(`${clientId}:${clientSecret}`).toString("base64");
+    return new Promise((resolve) => {
+        const postData = "grant_type=client_credentials";
+        const options = {
+            method: "POST",
+            headers: {
+                "Authorization": `Basic ${authString}`,
+                "Content-Type": "application/x-www-form-urlencoded",
+                "Content-Length": postData.length,
+            },
+            timeout: 10000,
+        };
+        const req = https.request(tokenUrl, options, (res) => {
+            let data = "";
+            res.on("data", (chunk) => {
+                data += chunk;
+            });
+            res.on("end", () => {
+                if (res.statusCode === 200) {
+                    result.isValid = true;
+                    console.log("  ✓ OAuth credentials validated successfully");
+                }
+                else {
+                    result.errors.push(`OAuth validation failed with status ${res.statusCode}: ${data.substring(0, 100)}`);
+                }
+                resolve(result);
+            });
+        });
+        req.on("error", (error) => {
+            result.warnings.push(`Could not validate OAuth credentials: ${error.message}`);
+            result.isValid = true; // Allow proceeding with warning
+            resolve(result);
+        });
+        req.write(postData);
+        req.end();
+    });
+}
+/**
+ * Validates S3 bucket access
+ *
+ * @param bucketName - S3 bucket name
+ * @param region - AWS region
+ * @param awsProfile - AWS profile to use
+ * @returns Validation result
+ */
+async function validateS3BucketAccess(bucketName, region, awsProfile) {
+    const result = {
+        isValid: false,
+        errors: [],
+        warnings: [],
+    };
+    if (!bucketName || bucketName.trim().length === 0) {
+        result.errors.push("Bucket name cannot be empty");
+        return result;
+    }
+    try {
+        const clientConfig = { region };
+        if (awsProfile) {
+            const { fromIni } = await Promise.resolve().then(() => __importStar(require("@aws-sdk/credential-providers")));
+            clientConfig.credentials = fromIni({ profile: awsProfile });
+        }
+        const s3Client = new client_s3_1.S3Client(clientConfig);
+        // Test HeadBucket (verify bucket exists and we have access)
+        const headCommand = new client_s3_1.HeadBucketCommand({ Bucket: bucketName });
+        await s3Client.send(headCommand);
+        console.log(`  ✓ S3 bucket accessible: ${bucketName}`);
+        // Test ListObjects (verify we can list objects)
+        const listCommand = new client_s3_1.ListObjectsV2Command({
+            Bucket: bucketName,
+            MaxKeys: 1,
+        });
+        await s3Client.send(listCommand);
+        console.log("  ✓ S3 bucket list permission confirmed");
+        result.isValid = true;
+    }
+    catch (error) {
+        const err = error;
+        result.errors.push(`S3 bucket validation failed: ${err.message}`);
+    }
+    return result;
+}
+/**
+ * Verifies CDK deployment account using AWS STS
+ *
+ * @param region - AWS region for STS client
+ * @param awsProfile - AWS profile to use (optional)
+ * @returns AWS account ID
+ */
+async function verifyCDKDeploymentAccount(region, awsProfile) {
+    try {
+        const clientConfig = { region };
+        if (awsProfile) {
+            const { fromIni } = await Promise.resolve().then(() => __importStar(require("@aws-sdk/credential-providers")));
+            clientConfig.credentials = fromIni({ profile: awsProfile });
+        }
+        const stsClient = new client_sts_1.STSClient(clientConfig);
+        const response = await stsClient.send(new client_sts_1.GetCallerIdentityCommand({}));
+        const accountId = response.Account;
+        console.log(`  ✓ CDK deployment account verified: ${accountId}`);
+        return accountId;
+    }
+    catch (error) {
+        throw new Error(`Failed to verify AWS account: ${error.message}`);
+    }
+}
+/**
+ * Finds catalog region by fetching config.json from QuiltWebHost
+ *
+ * @param catalogUrl - Quilt catalog URL (QuiltWebHost)
+ * @returns AWS region string or null if unable to determine
+ */
+async function findCatalogRegion(catalogUrl) {
+    if (!catalogUrl || catalogUrl.trim().length === 0) {
+        return null;
+    }
+    // Validate URL format
+    try {
+        new URL(catalogUrl);
+    }
+    catch {
+        console.warn(`  ⚠ Invalid catalog URL format: ${catalogUrl}`);
+        return null;
+    }
+    // Fetch config.json from QuiltWebHost
+    const configUrl = `${catalogUrl}/config.json`;
+    return new Promise((resolve) => {
+        https
+            .get(configUrl, { timeout: 10000 }, (res) => {
+            let data = "";
+            res.on("data", (chunk) => {
+                data += chunk;
+            });
+            res.on("end", () => {
+                if (res.statusCode === 200) {
+                    try {
+                        const config = JSON.parse(data);
+                        // Quilt config.json has direct "region" field
+                        const region = config.region;
+                        if (region && typeof region === "string") {
+                            console.log(`  ✓ Found catalog region: ${region}`);
+                            resolve(region);
+                        }
+                        else {
+                            console.warn("  ⚠ No region field in catalog config.json");
+                            resolve(null);
+                        }
+                    }
+                    catch (error) {
+                        console.warn(`  ⚠ Failed to parse catalog config.json: ${error.message}`);
+                        resolve(null);
+                    }
+                }
+                else {
+                    console.warn(`  ⚠ Catalog config.json returned status ${res.statusCode}`);
+                    resolve(null);
+                }
+            });
+        })
+            .on("error", (error) => {
+            console.warn(`  ⚠ Could not fetch catalog config: ${error.message}`);
+            resolve(null);
+        });
+    });
+}
+/**
+ * Runs the interactive configuration wizard
+ *
+ * @param options - Wizard options
+ * @returns Completed user configuration
+ */
+async function runInstallWizard(options = {}) {
+    const { profile = "default", nonInteractive = false, skipValidation = false, awsProfile, awsRegion = "us-east-1" } = options;
+    console.log("╔═══════════════════════════════════════════════════════════╗");
+    console.log("║   Benchling Webhook Configuration Wizard                 ║");
+    console.log("╚═══════════════════════════════════════════════════════════╝\n");
+    // Load existing configuration if available
+    const xdgConfig = new xdg_config_1.XDGConfig();
+    let existingConfig = {};
+    try {
+        existingConfig = xdgConfig.readProfileConfig("user", profile);
+        console.log("✓ Loaded existing configuration\n");
+    }
+    catch {
+        console.log("No existing configuration found, starting fresh\n");
+    }
+    const config = {
+        ...existingConfig, // Merge existing config as defaults
+        _metadata: {
+            source: "install-wizard",
+            savedAt: new Date().toISOString(),
+            version: "0.6.0",
+        },
+    };
+    // Step 1: Infer Quilt configuration
+    console.log("Step 1: Inferring Quilt configuration...\n");
+    // Step 1a: Try to get catalog URL from quilt3 CLI first
+    let catalogRegion = awsRegion;
+    try {
+        const { execSync } = await Promise.resolve().then(() => __importStar(require("child_process")));
+        const catalogUrl = execSync("quilt3 config", { encoding: "utf-8", stdio: ["pipe", "pipe", "ignore"] }).trim();
+        if (catalogUrl && catalogUrl.startsWith("http")) {
+            console.log(`Found quilt3 CLI catalog: ${catalogUrl}`);
+            // Fetch region from catalog config.json
+            const detectedRegion = await findCatalogRegion(catalogUrl);
+            if (detectedRegion) {
+                catalogRegion = detectedRegion;
+                console.log(`Using catalog region: ${catalogRegion}`);
+            }
+        }
+    }
+    catch {
+        // quilt3 not available or failed, continue with default region
+        console.log(`No quilt3 CLI found, using default region: ${catalogRegion}`);
+    }
+    const inferenceResult = await (0, infer_quilt_config_1.inferQuiltConfig)({
+        region: catalogRegion,
+        profile: awsProfile,
+        interactive: !nonInteractive,
+    });
+    const derivedConfig = (0, infer_quilt_config_1.inferenceResultToDerivedConfig)(inferenceResult);
+    // Merge inferred config
+    Object.assign(config, derivedConfig);
+    console.log("\n✓ Quilt configuration inferred");
+    // Step 2: Display and confirm Quilt stack configuration
+    if (!nonInteractive) {
+        console.log("\nStep 2: Verify Quilt Stack Configuration\n");
+        console.log("Detected Quilt stack:");
+        // Use parseStackArn and extractStackOutputs to get complete stack info
+        if (config.quiltStackArn) {
+            try {
+                const parsedArn = (0, config_resolver_1.parseStackArn)(config.quiltStackArn);
+                console.log(`  Stack Name: ${parsedArn.stackName}`);
+                console.log(`  Stack ARN: ${config.quiltStackArn}`);
+                console.log(`  Region: ${parsedArn.region}`);
+                console.log(`  Account: ${parsedArn.account}`);
+                // Fetch stack outputs using the config-resolver module
+                try {
+                    const clientConfig = {
+                        region: parsedArn.region,
+                    };
+                    if (config.awsProfile || awsProfile) {
+                        const { fromIni } = await Promise.resolve().then(() => __importStar(require("@aws-sdk/credential-providers")));
+                        clientConfig.credentials = fromIni({ profile: config.awsProfile || awsProfile });
+                    }
+                    const cfClient = new client_cloudformation_1.CloudFormationClient(clientConfig);
+                    const outputs = await (0, config_resolver_1.extractStackOutputs)(cfClient, parsedArn.stackName);
+                    console.log(`  Catalog URL: ${outputs.QuiltWebHost || "Not found"}`);
+                    console.log(`  User Database: ${outputs.UserAthenaDatabaseName || outputs.AthenaDatabase || "Not found"}`);
+                    console.log(`  Queue ARN: ${outputs.PackagerQueueArn || outputs.QueueArn || "Not found"}`);
+                }
+                catch (outputError) {
+                    console.warn(`  ⚠ Could not fetch stack outputs: ${outputError.message}`);
+                    console.log(`  Catalog URL: ${config.quiltCatalog || "Not found"}`);
+                    console.log(`  Queue ARN: ${config.queueArn || "Not found"}`);
+                }
+            }
+            catch {
+                // Fall back to simple display if parsing fails
+                console.log(`  Stack ARN: ${config.quiltStackArn}`);
+                console.log(`  Region: ${config.quiltRegion || awsRegion}`);
+                console.log(`  Catalog URL: ${config.quiltCatalog || "Not found"}`);
+                console.log(`  Queue ARN: ${config.queueArn || "Not found"}`);
+            }
+        }
+        else {
+            console.log("  Stack ARN: Not found");
+            console.log(`  Region: ${config.quiltRegion || awsRegion}`);
+        }
+        const { confirmStack } = await inquirer_1.default.prompt([
+            {
+                type: "confirm",
+                name: "confirmStack",
+                message: "Is this the correct Quilt stack?",
+                default: true,
+            },
+        ]);
+        if (!confirmStack) {
+            console.log("\nPlease run the wizard again and select the correct stack.");
+            process.exit(0);
+        }
+    }
+    // Step 3: Benchling configuration
+    console.log("\nStep 3: Benchling configuration\n");
+    if (!nonInteractive) {
+        const benchlingAnswers = await inquirer_1.default.prompt([
+            {
+                type: "input",
+                name: "benchlingTenant",
+                message: "Benchling Tenant:",
+                default: config.benchlingTenant,
+                validate: (input) => input.trim().length > 0 || "Tenant is required",
+            },
+            {
+                type: "input",
+                name: "benchlingClientId",
+                message: "Benchling OAuth Client ID:",
+                default: config.benchlingClientId,
+                validate: (input) => input.trim().length > 0 || "Client ID is required",
+            },
+            {
+                type: "password",
+                name: "benchlingClientSecret",
+                message: config.benchlingClientSecret
+                    ? "Benchling OAuth Client Secret (press Enter to keep existing):"
+                    : "Benchling OAuth Client Secret:",
+                validate: (input) => {
+                    // If there's an existing secret and input is empty, we'll keep the existing one
+                    if (config.benchlingClientSecret && input.trim().length === 0) {
+                        return true;
+                    }
+                    return input.trim().length > 0 || "Client secret is required";
+                },
+            },
+            {
+                type: "input",
+                name: "benchlingAppDefinitionId",
+                message: "Benchling App Definition ID:",
+                default: config.benchlingAppDefinitionId,
+                validate: (input) => input.trim().length > 0 || "App definition ID is required",
+            },
+            {
+                type: "input",
+                name: "benchlingPkgBucket",
+                message: "Benchling Package S3 Bucket:",
+                default: config.benchlingPkgBucket || config.quiltUserBucket,
+                validate: (input) => input.trim().length > 0 || "Bucket name is required",
+            },
+        ]);
+        // Handle empty password input - keep existing secret if user pressed Enter
+        if (benchlingAnswers.benchlingClientSecret.trim().length === 0 && config.benchlingClientSecret) {
+            benchlingAnswers.benchlingClientSecret = config.benchlingClientSecret;
+        }
+        Object.assign(config, benchlingAnswers);
+        // Validate Benchling configuration
+        if (!skipValidation && config.benchlingTenant) {
+            const tenantValidation = await validateBenchlingTenant(config.benchlingTenant);
+            if (!tenantValidation.isValid) {
+                console.error("\n❌ Benchling tenant validation failed:");
+                tenantValidation.errors.forEach((err) => console.error(`  - ${err}`));
+                const { proceed } = await inquirer_1.default.prompt([
+                    {
+                        type: "confirm",
+                        name: "proceed",
+                        message: "Continue anyway?",
+                        default: false,
+                    },
+                ]);
+                if (!proceed) {
+                    throw new Error("Configuration aborted by user");
+                }
+            }
+            if (tenantValidation.warnings.length > 0) {
+                console.warn("\n⚠ Warnings:");
+                tenantValidation.warnings.forEach((warn) => console.warn(`  - ${warn}`));
+            }
+            // Validate OAuth credentials
+            if (config.benchlingClientId && config.benchlingClientSecret) {
+                const credValidation = await validateBenchlingCredentials(config.benchlingTenant, config.benchlingClientId, config.benchlingClientSecret);
+                if (!credValidation.isValid) {
+                    console.error("\n❌ Benchling OAuth credential validation failed:");
+                    credValidation.errors.forEach((err) => console.error(`  - ${err}`));
+                    const { proceed } = await inquirer_1.default.prompt([
+                        {
+                            type: "confirm",
+                            name: "proceed",
+                            message: "Continue anyway?",
+                            default: false,
+                        },
+                    ]);
+                    if (!proceed) {
+                        throw new Error("Configuration aborted by user");
+                    }
+                }
+                if (credValidation.warnings.length > 0) {
+                    console.warn("\n⚠ Warnings:");
+                    credValidation.warnings.forEach((warn) => console.warn(`  - ${warn}`));
+                }
+            }
+            // Validate Benchling package bucket
+            if (config.benchlingPkgBucket) {
+                const bucketValidation = await validateS3BucketAccess(config.benchlingPkgBucket, config.quiltRegion || awsRegion, awsProfile);
+                if (!bucketValidation.isValid) {
+                    console.error("\n❌ Benchling package bucket validation failed:");
+                    bucketValidation.errors.forEach((err) => console.error(`  - ${err}`));
+                    const { proceed } = await inquirer_1.default.prompt([
+                        {
+                            type: "confirm",
+                            name: "proceed",
+                            message: "Continue anyway?",
+                            default: false,
+                        },
+                    ]);
+                    if (!proceed) {
+                        throw new Error("Configuration aborted by user");
+                    }
+                }
+            }
+        }
+    }
+    else {
+        // Non-interactive mode: use existing config values
+        // Required fields must already be set in XDG config
+        if (!config.benchlingTenant || !config.benchlingClientId || !config.benchlingClientSecret) {
+            throw new Error("Non-interactive mode requires benchlingTenant, benchlingClientId, and benchlingClientSecret to be already configured in XDG config. Run 'npm run setup' interactively first.");
+        }
+        // Set default bucket if not specified
+        if (!config.benchlingPkgBucket) {
+            config.benchlingPkgBucket = config.quiltUserBucket;
+        }
+    }
+    // Step 4: AWS configuration
+    console.log("\nStep 4: AWS configuration\n");
+    if (!nonInteractive) {
+        const awsAnswers = await inquirer_1.default.prompt([
+            {
+                type: "input",
+                name: "awsProfile",
+                message: "AWS Profile (optional, leave empty for default):",
+                default: awsProfile || "",
+            },
+            {
+                type: "input",
+                name: "cdkRegion",
+                message: "CDK Deployment Region:",
+                default: config.quiltRegion || awsRegion,
+            },
+        ]);
+        if (awsAnswers.awsProfile) {
+            config.awsProfile = awsAnswers.awsProfile;
+        }
+        config.cdkRegion = awsAnswers.cdkRegion;
+        // Verify CDK deployment account
+        console.log("\nVerifying CDK deployment account...");
+        try {
+            const accountId = await verifyCDKDeploymentAccount(awsAnswers.cdkRegion, config.awsProfile);
+            config.cdkAccount = accountId;
+        }
+        catch (error) {
+            console.error(`\n❌ Failed to verify AWS account: ${error.message}`);
+            const { proceed } = await inquirer_1.default.prompt([
+                {
+                    type: "confirm",
+                    name: "proceed",
+                    message: "Continue anyway?",
+                    default: false,
+                },
+            ]);
+            if (!proceed) {
+                throw new Error("Configuration aborted by user");
+            }
+        }
+    }
+    else {
+        // Non-interactive mode: use existing config or default region
+        if (!config.cdkRegion) {
+            config.cdkRegion = config.quiltRegion || awsRegion;
+        }
+    }
+    // Step 5: Optional configuration
+    console.log("\nStep 5: Optional configuration\n");
+    if (!nonInteractive) {
+        const optionalAnswers = await inquirer_1.default.prompt([
+            {
+                type: "input",
+                name: "pkgPrefix",
+                message: "Package S3 prefix (default: benchling):",
+                default: "benchling",
+            },
+            {
+                type: "input",
+                name: "pkgKey",
+                message: "Package metadata key (default: experiment_id):",
+                default: "experiment_id",
+            },
+            {
+                type: "list",
+                name: "logLevel",
+                message: "Log level:",
+                choices: ["DEBUG", "INFO", "WARNING", "ERROR"],
+                default: "INFO",
+            },
+            {
+                type: "input",
+                name: "benchlingTestEntry",
+                message: "Benchling Test Entry ID (optional, for validation):",
+                default: config.benchlingTestEntry || "",
+            },
+        ]);
+        Object.assign(config, optionalAnswers);
+        // Remove empty benchlingTestEntry if not provided
+        if (!config.benchlingTestEntry || config.benchlingTestEntry.trim() === "") {
+            delete config.benchlingTestEntry;
+        }
+    }
+    else {
+        // Non-interactive mode: use existing config or defaults
+        if (!config.pkgPrefix) {
+            config.pkgPrefix = "benchling";
+        }
+        if (!config.pkgKey) {
+            config.pkgKey = "experiment_id";
+        }
+        if (!config.logLevel) {
+            config.logLevel = "INFO";
+        }
+        // benchlingTestEntry is optional, keep existing value if present
+    }
+    // Step 6: Save configuration
+    console.log("\nStep 6: Saving configuration...\n");
+    xdgConfig.ensureProfileDirectories(profile);
+    xdgConfig.writeProfileConfig("user", config, profile);
+    console.log(`✓ Configuration saved to profile: ${profile}`);
+    // Step 7: Sync secrets to AWS Secrets Manager
+    if (!nonInteractive) {
+        const { syncSecrets } = await inquirer_1.default.prompt([
+            {
+                type: "confirm",
+                name: "syncSecrets",
+                message: "Sync secrets to AWS Secrets Manager?",
+                default: true,
+            },
+        ]);
+        if (syncSecrets) {
+            console.log("\nSyncing secrets to AWS Secrets Manager...\n");
+            await (0, sync_secrets_1.syncSecretsToAWS)({
+                profile,
+                awsProfile: config.awsProfile,
+                region: config.cdkRegion || awsRegion,
+            });
+            console.log("\n✓ Secrets synced successfully");
+        }
+    }
+    console.log("\n╔═══════════════════════════════════════════════════════════╗");
+    console.log("║   Configuration Complete!                                 ║");
+    console.log("╚═══════════════════════════════════════════════════════════╝\n");
+    return config;
+}
+/**
+ * Main execution for CLI usage
+ */
+async function main() {
+    const args = process.argv.slice(2);
+    const options = {};
+    // Parse command line arguments
+    for (let i = 0; i < args.length; i++) {
+        if (args[i] === "--profile" && i + 1 < args.length) {
+            options.profile = args[i + 1];
+            i++;
+        }
+        else if (args[i] === "--non-interactive") {
+            options.nonInteractive = true;
+        }
+        else if (args[i] === "--skip-validation") {
+            options.skipValidation = true;
+        }
+        else if (args[i] === "--aws-profile" && i + 1 < args.length) {
+            options.awsProfile = args[i + 1];
+            i++;
+        }
+        else if (args[i] === "--aws-region" && i + 1 < args.length) {
+            options.awsRegion = args[i + 1];
+            i++;
+        }
+        else if (args[i] === "--help") {
+            console.log("Usage: install-wizard [options]");
+            console.log("\nOptions:");
+            console.log("  --profile <name>          Configuration profile name (default: default)");
+            console.log("  --non-interactive         Run in non-interactive mode (CI/CD)");
+            console.log("  --skip-validation         Skip validation checks");
+            console.log("  --aws-profile <profile>   AWS profile to use");
+            console.log("  --aws-region <region>     AWS region (default: us-east-1)");
+            console.log("  --help                    Show this help message");
+            process.exit(0);
+        }
+    }
+    try {
+        await runInstallWizard(options);
+        process.exit(0);
+    }
+    catch (error) {
+        console.error("\n❌ Configuration failed:", error.message);
+        process.exit(1);
+    }
+}
+// Run main if executed directly
+if (require.main === module) {
+    main();
+}
+//# sourceMappingURL=install-wizard.js.map