@quiltdata/benchling-webhook 0.6.3-20251104T170954Z → 0.7.1-20251106T100426Z

package/dist/bin/commands/setup-wizard.js

@@ -1,10 +1,16 @@
+#!/usr/bin/env node
 "use strict";
 /**
- * Setup Wizard Command
+ * Interactive Configuration Wizard (v0.7.0)
  *
- * Launches the interactive setup wizard when npx is run without arguments.
- * This provides a guided experience for first-time users to configure and
- * deploy the Benchling webhook integration.
+ * Complete setup wizard that orchestrates:
+ * 1. Quilt configuration inference
+ * 2. Interactive configuration prompts
+ * 3. Configuration validation
+ * 4. Profile persistence via XDGConfig
+ *
+ * Consolidated from scripts/install-wizard.ts, scripts/config/wizard.ts,
+ * and scripts/config/validator.ts.
  *
  * @module commands/setup-wizard
  */
@@ -46,58 +52,608 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.setupWizardCommand = setupWizardCommand;
-const chalk_1 = __importDefault(require("chalk"));
-const install_wizard_1 = require("../../scripts/install-wizard");
+const https = __importStar(require("https"));
+const inquirer_1 = __importDefault(require("inquirer"));
+const client_s3_1 = require("@aws-sdk/client-s3");
+const xdg_config_1 = require("../../lib/xdg-config");
+const infer_quilt_config_1 = require("../commands/infer-quilt-config");
+const sqs_1 = require("../../lib/utils/sqs");
+// =============================================================================
+// VALIDATION FUNCTIONS (from scripts/config/validator.ts)
+// =============================================================================
 /**
- * Setup wizard command handler
- *
- * Provides guided setup experience:
- * 1. Welcome message and prerequisites check
- * 2. Configuration collection via install-wizard
- * 3. Automatic deployment (optional)
- * 4. Integration testing (optional)
- *
- * @returns Promise that resolves when wizard completes
+ * Validates Benchling tenant accessibility
+ */
+async function validateBenchlingTenant(tenant) {
+    const result = {
+        isValid: false,
+        errors: [],
+        warnings: [],
+    };
+    if (!tenant || tenant.trim().length === 0) {
+        result.errors.push("Tenant name cannot be empty");
+        return result;
+    }
+    // Basic format validation
+    if (!/^[a-zA-Z0-9-_]+$/.test(tenant)) {
+        result.errors.push("Tenant name contains invalid characters (only alphanumeric, dash, underscore allowed)");
+        return result;
+    }
+    // Test tenant URL accessibility
+    const tenantUrl = `https://${tenant}.benchling.com`;
+    return new Promise((resolve) => {
+        https
+            .get(tenantUrl, { timeout: 5000 }, (res) => {
+            if (res.statusCode === 200 || res.statusCode === 302 || res.statusCode === 301) {
+                result.isValid = true;
+                console.log(`  ✓ Tenant URL accessible: ${tenantUrl}`);
+            }
+            else {
+                if (!result.warnings)
+                    result.warnings = [];
+                result.warnings.push(`Tenant URL returned status ${res.statusCode}`);
+                result.isValid = true; // Consider this a warning, not an error
+            }
+            resolve(result);
+        })
+            .on("error", (error) => {
+            if (!result.warnings)
+                result.warnings = [];
+            result.warnings.push(`Could not verify tenant URL: ${error.message}`);
+            result.isValid = true; // Allow proceeding with warning
+            resolve(result);
+        });
+    });
+}
+/**
+ * Validates Benchling OAuth credentials
  */
-async function setupWizardCommand() {
-    console.log(chalk_1.default.bold.cyan("\n🚀 Benchling Webhook Setup Wizard\n"));
-    console.log("This wizard will guide you through:");
-    console.log("  1. Collecting configuration (Benchling credentials, AWS settings)");
-    console.log("  2. Validating credentials and access");
-    console.log("  3. Saving configuration for deployment");
-    console.log("  4. Deploying to AWS (optional)\n");
-    console.log(chalk_1.default.dim("Press Ctrl+C at any time to exit\n"));
-    // Run the existing install wizard
-    await (0, install_wizard_1.runInstallWizard)({
-        nonInteractive: false,
-        skipValidation: false,
+async function validateBenchlingCredentials(tenant, clientId, clientSecret) {
+    const result = {
+        isValid: false,
+        errors: [],
+        warnings: [],
+    };
+    if (!clientId || clientId.trim().length === 0) {
+        result.errors.push("Client ID cannot be empty");
+    }
+    if (!clientSecret || clientSecret.trim().length === 0) {
+        result.errors.push("Client secret cannot be empty");
+    }
+    if (result.errors.length > 0) {
+        return result;
+    }
+    // Test OAuth token endpoint
+    const tokenUrl = `https://${tenant}.benchling.com/api/v2/token`;
+    const authString = Buffer.from(`${clientId}:${clientSecret}`).toString("base64");
+    return new Promise((resolve) => {
+        const postData = "grant_type=client_credentials";
+        const options = {
+            method: "POST",
+            headers: {
+                "Authorization": `Basic ${authString}`,
+                "Content-Type": "application/x-www-form-urlencoded",
+                "Content-Length": postData.length,
+            },
+            timeout: 10000,
+        };
+        const req = https.request(tokenUrl, options, (res) => {
+            let data = "";
+            res.on("data", (chunk) => {
+                data += chunk;
+            });
+            res.on("end", () => {
+                if (res.statusCode === 200) {
+                    result.isValid = true;
+                    console.log("  ✓ OAuth credentials validated successfully");
+                }
+                else {
+                    result.errors.push(`OAuth validation failed with status ${res.statusCode}: ${data.substring(0, 100)}`);
+                }
+                resolve(result);
+            });
+        });
+        req.on("error", (error) => {
+            if (!result.warnings)
+                result.warnings = [];
+            result.warnings.push(`Could not validate OAuth credentials: ${error.message}`);
+            result.isValid = true; // Allow proceeding with warning
+            resolve(result);
+        });
+        req.write(postData);
+        req.end();
     });
-    console.log(chalk_1.default.green.bold("\n✓ Setup complete!\n"));
-    // Ask if user wants to deploy now
-    const inquirer = (await Promise.resolve().then(() => __importStar(require("inquirer")))).default;
-    const { shouldDeploy } = await inquirer.prompt([
+}
+/**
+ * Validates S3 bucket access
+ */
+async function validateS3BucketAccess(bucketName, region, awsProfile) {
+    const result = {
+        isValid: false,
+        errors: [],
+        warnings: [],
+    };
+    if (!bucketName || bucketName.trim().length === 0) {
+        result.errors.push("Bucket name cannot be empty");
+        return result;
+    }
+    try {
+        const clientConfig = { region };
+        if (awsProfile) {
+            const { fromIni } = await Promise.resolve().then(() => __importStar(require("@aws-sdk/credential-providers")));
+            clientConfig.credentials = fromIni({ profile: awsProfile });
+        }
+        const s3Client = new client_s3_1.S3Client(clientConfig);
+        // Test HeadBucket (verify bucket exists and we have access)
+        const headCommand = new client_s3_1.HeadBucketCommand({ Bucket: bucketName });
+        await s3Client.send(headCommand);
+        console.log(`  ✓ S3 bucket accessible: ${bucketName}`);
+        // Test ListObjects (verify we can list objects)
+        const listCommand = new client_s3_1.ListObjectsV2Command({
+            Bucket: bucketName,
+            MaxKeys: 1,
+        });
+        await s3Client.send(listCommand);
+        console.log("  ✓ S3 bucket list permission confirmed");
+        result.isValid = true;
+    }
+    catch (error) {
+        const err = error;
+        result.errors.push(`S3 bucket validation failed: ${err.message}`);
+    }
+    return result;
+}
+/**
+ * Validates complete ProfileConfig
+ */
+async function validateConfig(config, options = {}) {
+    const result = {
+        isValid: true,
+        errors: [],
+        warnings: [],
+    };
+    if (options.skipValidation) {
+        return result;
+    }
+    // Validate Benchling tenant
+    const tenantValidation = await validateBenchlingTenant(config.benchling.tenant);
+    if (!tenantValidation.isValid) {
+        result.isValid = false;
+        result.errors.push(...tenantValidation.errors);
+    }
+    if (tenantValidation.warnings && tenantValidation.warnings.length > 0) {
+        if (!result.warnings)
+            result.warnings = [];
+        result.warnings.push(...tenantValidation.warnings);
+    }
+    // Validate OAuth credentials (if secret is provided)
+    if (config.benchling.clientSecret) {
+        const credValidation = await validateBenchlingCredentials(config.benchling.tenant, config.benchling.clientId, config.benchling.clientSecret);
+        if (!credValidation.isValid) {
+            result.isValid = false;
+            result.errors.push(...credValidation.errors);
+        }
+        if (credValidation.warnings && credValidation.warnings.length > 0) {
+            if (!result.warnings)
+                result.warnings = [];
+            result.warnings.push(...credValidation.warnings);
+        }
+    }
+    // Validate S3 bucket access
+    const bucketValidation = await validateS3BucketAccess(config.packages.bucket, config.deployment.region, options.awsProfile);
+    if (!bucketValidation.isValid) {
+        result.isValid = false;
+        result.errors.push(...bucketValidation.errors);
+    }
+    if (bucketValidation.warnings && bucketValidation.warnings.length > 0) {
+        if (!result.warnings)
+            result.warnings = [];
+        result.warnings.push(...bucketValidation.warnings);
+    }
+    return result;
+}
+/**
+ * Runs interactive configuration wizard
+ */
+async function runConfigWizard(options = {}) {
+    const { existingConfig = {}, nonInteractive = false, inheritFrom } = options;
+    console.log("╔═══════════════════════════════════════════════════════════╗");
+    console.log("║   Benchling Webhook Configuration Wizard                 ║");
+    console.log("╚═══════════════════════════════════════════════════════════╝\n");
+    if (inheritFrom) {
+        console.log(`Creating profile inheriting from: ${inheritFrom}\n`);
+    }
+    const config = { ...existingConfig };
+    let awsAccountId;
+    // If non-interactive, validate that all required fields are present
+    if (nonInteractive) {
+        if (!config.benchling?.tenant || !config.benchling?.clientId || !config.benchling?.clientSecret) {
+            throw new Error("Non-interactive mode requires benchlingTenant, benchlingClientId, and benchlingClientSecret to be already configured");
+        }
+        // Add metadata and inheritance marker before returning
+        const now = new Date().toISOString();
+        const finalConfig = config;
+        finalConfig._metadata = {
+            version: "0.7.0",
+            createdAt: config._metadata?.createdAt || now,
+            updatedAt: now,
+            source: "wizard",
+        };
+        if (inheritFrom) {
+            finalConfig._inherits = inheritFrom;
+        }
+        return finalConfig;
+    }
+    // Prompt for Quilt configuration (if not inherited)
+    if (!inheritFrom) {
+        console.log("Step 1: Quilt Configuration\n");
+        const quiltAnswers = await inquirer_1.default.prompt([
+            {
+                type: "input",
+                name: "stackArn",
+                message: "Quilt Stack ARN:",
+                default: config.quilt?.stackArn,
+                validate: (input) => input.trim().length > 0 && input.startsWith("arn:aws:cloudformation:") ||
+                    "Stack ARN is required and must start with arn:aws:cloudformation:",
+            },
+            {
+                type: "input",
+                name: "catalog",
+                message: "Quilt Catalog URL (domain or full URL):",
+                default: config.quilt?.catalog,
+                validate: (input) => {
+                    const trimmed = input.trim();
+                    if (trimmed.length === 0) {
+                        return "Catalog URL is required";
+                    }
+                    return true;
+                },
+                filter: (input) => {
+                    // Strip protocol if present, store only domain
+                    return input.trim().replace(/^https?:\/\//, "").replace(/\/$/, "");
+                },
+            },
+            {
+                type: "input",
+                name: "database",
+                message: "Quilt Athena Database:",
+                default: config.quilt?.database || "quilt_catalog",
+                validate: (input) => input.trim().length > 0 || "Database name is required",
+            },
+            {
+                type: "input",
+                name: "queueUrl",
+                message: "SQS Queue URL:",
+                default: config.quilt?.queueUrl,
+                validate: (input) => {
+                    return (0, sqs_1.isQueueUrl)(input) ||
+                        "Queue URL is required and must look like https://sqs.<region>.amazonaws.com/<account>/<queue>";
+                },
+            },
+        ]);
+        // Extract region and account ID from stack ARN
+        // ARN format: arn:aws:cloudformation:REGION:ACCOUNT_ID:stack/STACK_NAME/STACK_ID
+        const arnMatch = quiltAnswers.stackArn.match(/^arn:aws:cloudformation:([^:]+):(\d{12}):/);
+        const quiltRegion = arnMatch ? arnMatch[1] : "us-east-1";
+        awsAccountId = arnMatch ? arnMatch[2] : undefined;
+        config.quilt = {
+            stackArn: quiltAnswers.stackArn,
+            catalog: quiltAnswers.catalog,
+            database: quiltAnswers.database,
+            queueUrl: quiltAnswers.queueUrl,
+            region: quiltRegion,
+        };
+    }
+    // Prompt for Benchling configuration
+    console.log("\nStep 2: Benchling Configuration\n");
+    const benchlingAnswers = await inquirer_1.default.prompt([
+        {
+            type: "input",
+            name: "tenant",
+            message: "Benchling Tenant:",
+            default: config.benchling?.tenant,
+            validate: (input) => input.trim().length > 0 || "Tenant is required",
+        },
+        {
+            type: "input",
+            name: "clientId",
+            message: "Benchling OAuth Client ID:",
+            default: config.benchling?.clientId,
+            validate: (input) => input.trim().length > 0 || "Client ID is required",
+        },
         {
-            type: "confirm",
-            name: "shouldDeploy",
-            message: "Would you like to deploy to AWS now?",
-            default: true,
+            type: "password",
+            name: "clientSecret",
+            message: config.benchling?.clientSecret
+                ? "Benchling OAuth Client Secret (press Enter to keep existing):"
+                : "Benchling OAuth Client Secret:",
+            validate: (input) => {
+                // If there's an existing secret and input is empty, we'll keep the existing one
+                if (config.benchling?.clientSecret && input.trim().length === 0) {
+                    return true;
+                }
+                return input.trim().length > 0 || "Client secret is required";
+            },
+        },
+        {
+            type: "input",
+            name: "appDefinitionId",
+            message: "Benchling App Definition ID:",
+            default: config.benchling?.appDefinitionId,
+            validate: (input) => input.trim().length > 0 || "App definition ID is required",
+        },
+        {
+            type: "input",
+            name: "testEntryId",
+            message: "Benchling Test Entry ID (optional):",
+            default: config.benchling?.testEntryId || "",
+        },
+    ]);
+    // Handle empty password input - keep existing secret if user pressed Enter
+    if (benchlingAnswers.clientSecret.trim().length === 0 && config.benchling?.clientSecret) {
+        benchlingAnswers.clientSecret = config.benchling.clientSecret;
+    }
+    config.benchling = {
+        tenant: benchlingAnswers.tenant,
+        clientId: benchlingAnswers.clientId,
+        clientSecret: benchlingAnswers.clientSecret,
+        appDefinitionId: benchlingAnswers.appDefinitionId,
+    };
+    if (benchlingAnswers.testEntryId && benchlingAnswers.testEntryId.trim() !== "") {
+        config.benchling.testEntryId = benchlingAnswers.testEntryId;
+    }
+    // Prompt for package configuration
+    console.log("\nStep 3: Package Configuration\n");
+    const packageAnswers = await inquirer_1.default.prompt([
+        {
+            type: "input",
+            name: "bucket",
+            message: "Package S3 Bucket:",
+            default: config.packages?.bucket,
+            validate: (input) => input.trim().length > 0 || "Bucket name is required",
+        },
+        {
+            type: "input",
+            name: "prefix",
+            message: "Package S3 prefix:",
+            default: config.packages?.prefix || "benchling",
+        },
+        {
+            type: "input",
+            name: "metadataKey",
+            message: "Package metadata key:",
+            default: config.packages?.metadataKey || "experiment_id",
+        },
+    ]);
+    config.packages = {
+        bucket: packageAnswers.bucket,
+        prefix: packageAnswers.prefix,
+        metadataKey: packageAnswers.metadataKey,
+    };
+    // Prompt for deployment configuration
+    console.log("\nStep 4: Deployment Configuration\n");
+    const deploymentAnswers = await inquirer_1.default.prompt([
+        {
+            type: "input",
+            name: "region",
+            message: "AWS Deployment Region:",
+            default: config.deployment?.region || config.quilt?.region || "us-east-1",
+        },
+        {
+            type: "input",
+            name: "account",
+            message: "AWS Account ID:",
+            default: config.deployment?.account || awsAccountId || config.quilt?.stackArn?.match(/:(\d{12}):/)?.[1],
+            validate: (input) => {
+                if (!input || input.trim().length === 0) {
+                    return "AWS Account ID is required";
+                }
+                if (!/^\d{12}$/.test(input.trim())) {
+                    return "AWS Account ID must be a 12-digit number";
+                }
+                return true;
+            },
+        },
+    ]);
+    config.deployment = {
+        region: deploymentAnswers.region,
+        account: deploymentAnswers.account,
+    };
+    // Optional: Logging configuration
+    console.log("\nStep 5: Optional Configuration\n");
+    const optionalAnswers = await inquirer_1.default.prompt([
+        {
+            type: "list",
+            name: "logLevel",
+            message: "Log level:",
+            choices: ["DEBUG", "INFO", "WARNING", "ERROR"],
+            default: config.logging?.level || "INFO",
+        },
+        {
+            type: "input",
+            name: "webhookAllowList",
+            message: "Webhook IP allowlist (comma-separated, empty for none):",
+            default: config.security?.webhookAllowList || "",
         },
     ]);
-    if (shouldDeploy) {
-        console.log(chalk_1.default.cyan("\n📦 Starting deployment...\n"));
-        const { deployCommand } = await Promise.resolve().then(() => __importStar(require("./deploy")));
-        await deployCommand({});
-        console.log(chalk_1.default.green.bold("\n✓ Deployment complete!\n"));
-        console.log("Next steps:");
-        console.log(chalk_1.default.cyan("  • Set webhook URL in Benchling app settings"));
-        console.log(chalk_1.default.cyan("  • Install the app in your Benchling tenant"));
-        console.log(chalk_1.default.cyan("  • Test integration: npx @quiltdata/benchling-webhook test"));
-    }
-    else {
-        console.log("\nNext steps:");
-        console.log(chalk_1.default.cyan("  • Run deployment: npx @quiltdata/benchling-webhook deploy"));
-        console.log(chalk_1.default.cyan("  • Test integration: npx @quiltdata/benchling-webhook test"));
-    }
-    console.log(chalk_1.default.dim("\nFor more information: https://github.com/quiltdata/benchling-webhook\n"));
+    config.logging = {
+        level: optionalAnswers.logLevel,
+    };
+    config.security = {
+        enableVerification: true,
+        webhookAllowList: optionalAnswers.webhookAllowList,
+    };
+    // Add metadata
+    const now = new Date().toISOString();
+    config._metadata = {
+        version: "0.7.0",
+        createdAt: config._metadata?.createdAt || now,
+        updatedAt: now,
+        source: "wizard",
+    };
+    // Add inheritance marker if specified
+    if (inheritFrom) {
+        config._inherits = inheritFrom;
+    }
+    return config;
+}
+/**
+ * Main install wizard function
+ *
+ * Orchestrates the complete configuration workflow:
+ * 1. Load existing configuration (if any)
+ * 2. Infer Quilt configuration from AWS
+ * 3. Run interactive prompts for missing fields
+ * 4. Validate configuration
+ * 5. Save to XDG config directory
+ */
+async function runInstallWizard(options = {}) {
+    const { profile = "default", inheritFrom, nonInteractive = false, skipValidation = false, awsProfile, awsRegion = "us-east-1", } = options;
+    const xdg = new xdg_config_1.XDGConfig();
+    console.log("\n╔═══════════════════════════════════════════════════════════╗");
+    console.log("║   Benchling Webhook Setup (v0.7.0)                        ║");
+    console.log("╚═══════════════════════════════════════════════════════════╝\n");
+    // Step 1: Load existing configuration (if profile exists)
+    let existingConfig;
+    // Determine if we should inherit from 'default' when profile is not 'default'
+    const shouldInheritFromDefault = profile !== "default" && !inheritFrom;
+    const effectiveInheritFrom = inheritFrom || (shouldInheritFromDefault ? "default" : undefined);
+    if (xdg.profileExists(profile)) {
+        console.log(`Loading existing configuration for profile: ${profile}\n`);
+        try {
+            existingConfig = effectiveInheritFrom
+                ? xdg.readProfileWithInheritance(profile, effectiveInheritFrom)
+                : xdg.readProfile(profile);
+        }
+        catch (error) {
+            console.warn(`Warning: Could not load existing config: ${error.message}`);
+        }
+    }
+    else if (effectiveInheritFrom) {
+        // If profile doesn't exist but we should inherit, load base profile
+        console.log(`Creating new profile '${profile}' inheriting from '${effectiveInheritFrom}'\n`);
+        try {
+            existingConfig = xdg.readProfile(effectiveInheritFrom);
+        }
+        catch (error) {
+            throw new Error(`Base profile '${effectiveInheritFrom}' not found: ${error.message}`);
+        }
+    }
+    // Step 2: Infer Quilt configuration (unless inheriting from another profile)
+    let quiltConfig = existingConfig?.quilt || {};
+    let inferredAccountId;
+    if (!effectiveInheritFrom || !existingConfig?.quilt) {
+        console.log("Step 1: Inferring Quilt configuration from AWS...\n");
+        try {
+            const inferenceResult = await (0, infer_quilt_config_1.inferQuiltConfig)({
+                region: awsRegion,
+                profile: awsProfile,
+                interactive: !nonInteractive,
+            });
+            quiltConfig = inferenceResult;
+            inferredAccountId = inferenceResult.account;
+            console.log("✓ Quilt configuration inferred\n");
+        }
+        catch (error) {
+            console.error(`Failed to infer Quilt configuration: ${error.message}`);
+            if (nonInteractive) {
+                throw error;
+            }
+            const { continueManually } = await inquirer_1.default.prompt([
+                {
+                    type: "confirm",
+                    name: "continueManually",
+                    message: "Continue and enter Quilt configuration manually?",
+                    default: true,
+                },
+            ]);
+            if (!continueManually) {
+                throw new Error("Setup aborted by user");
+            }
+        }
+    }
+    // Merge inferred Quilt config with existing config
+    const partialConfig = {
+        ...existingConfig,
+        quilt: {
+            ...existingConfig?.quilt,
+            ...quiltConfig,
+        },
+        // Pass through inferred account ID for deployment config
+        deployment: {
+            ...existingConfig?.deployment,
+            account: existingConfig?.deployment?.account || inferredAccountId,
+        },
+    };
+    // Step 3: Run interactive wizard for remaining configuration
+    const config = await runConfigWizard({
+        existingConfig: partialConfig,
+        nonInteractive,
+        inheritFrom: effectiveInheritFrom,
+    });
+    // Step 4: Validate configuration
+    if (!skipValidation) {
+        console.log("\nValidating configuration...\n");
+        const validation = await validateConfig(config, {
+            skipValidation,
+            awsProfile,
+        });
+        if (!validation.isValid) {
+            console.error("\n❌ Configuration validation failed:");
+            validation.errors.forEach((err) => console.error(`  - ${err}`));
+            if (nonInteractive) {
+                throw new Error("Configuration validation failed");
+            }
+            const { proceed } = await inquirer_1.default.prompt([
+                {
+                    type: "confirm",
+                    name: "proceed",
+                    message: "Save configuration anyway?",
+                    default: false,
+                },
+            ]);
+            if (!proceed) {
+                throw new Error("Setup aborted by user");
+            }
+        }
+        else {
+            console.log("✓ Configuration validated successfully\n");
+        }
+        if (validation.warnings && validation.warnings.length > 0) {
+            console.warn("\n⚠ Warnings:");
+            validation.warnings.forEach((warn) => console.warn(`  - ${warn}`));
+            console.log("");
+        }
+    }
+    // Step 5: Save configuration
+    console.log(`Saving configuration to profile: ${profile}...\n`);
+    try {
+        xdg.writeProfile(profile, config);
+        console.log(`✓ Configuration saved to: ~/.config/benchling-webhook/${profile}/config.json\n`);
+    }
+    catch (error) {
+        throw new Error(`Failed to save configuration: ${error.message}`);
+    }
+    // Step 6: Display next steps
+    console.log("╔═══════════════════════════════════════════════════════════╗");
+    console.log("║   Setup Complete!                                         ║");
+    console.log("╚═══════════════════════════════════════════════════════════╝\n");
+    console.log("Next steps:");
+    console.log("  1. Sync secrets to AWS: npm run setup:sync-secrets");
+    console.log("  2. Deploy to AWS: npm run deploy:dev");
+    console.log("  3. Test integration: npm run test:dev\n");
+    return config;
+}
+// =============================================================================
+// CLI COMMAND EXPORT
+// =============================================================================
+/**
+ * Setup wizard command handler
+ *
+ * @param options - Wizard options
+ * @returns Promise that resolves when wizard completes
+ */
+async function setupWizardCommand(options = {}) {
+    await runInstallWizard(options);
 }
 //# sourceMappingURL=setup-wizard.js.map