@replicated/portal-components 0.0.18 → 0.0.20

package/dist/actions/index.js

@@ -2,14 +2,127 @@
 
 var buffer = require('buffer');
 var react = require('react');
+var headers = require('next/headers');
+var cache = require('next/cache');
 
 /**
  * Enterprise Portal Components
  * This file is generated by tsup. Do not edit manually.
  */
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
+// datadog/tracer.ts
+var tracer_exports = {};
+__export(tracer_exports, {
+  default: () => tracer_default
+});
+var rawFlag, isEnabled, tracer, getRoutePattern, tracer_default;
+var init_tracer = __esm({
+  "datadog/tracer.ts"() {
+    rawFlag = String(process.env.USE_DATADOG_APM || "").toLowerCase();
+    isEnabled = rawFlag === "true";
+    process.env.DD_TRACE_ENABLED = isEnabled ? "1" : "0";
+    tracer = null;
+    if (isEnabled) {
+      const serviceName = process.env.DD_SERVICE || "enterprise-portal";
+      const environment = process.env.DD_ENV || process.env.NODE_ENV || "development";
+      const version = process.env.DD_VERSION || process.env.NEXT_PUBLIC_VERSION || "0.0.0-dev";
+      const agentHost = process.env.DD_AGENT_HOST || process.env.DATADOG_AGENT_HOST || "127.0.0.1";
+      const agentPort = process.env.DD_TRACE_AGENT_PORT || "8126";
+      process.env.DD_SERVICE = serviceName;
+      process.env.DD_ENV = environment;
+      {
+        process.env.DD_VERSION = version;
+      }
+      process.env.DD_AGENT_HOST = agentHost;
+      process.env.DD_TRACE_AGENT_PORT = agentPort;
+      const dbmPropagationMode = process.env.DD_DBM_PROPAGATION_MODE || "full";
+      process.env.DD_DBM_PROPAGATION_MODE = dbmPropagationMode;
+      try {
+        const ddTrace = __require("dd-trace");
+        tracer = ddTrace.init({
+          service: serviceName,
+          env: environment,
+          version,
+          logInjection: true,
+          runtimeMetrics: true,
+          appsec: false,
+          profiling: false,
+          startupLogs: true
+          // Enable for debugging
+        });
+        console.log(`[datadog] Tracer initialized: service=${serviceName}, env=${environment}, version=${version}, agent=${agentHost}:${agentPort}`);
+        tracer.use("dns", false);
+        tracer.use("net", false);
+        tracer.use("http", {
+          server: {
+            hooks: {
+              request: (span, req) => {
+                if (!span) return;
+                const url = req?.url || "";
+                const method = req?.method || "GET";
+                const path = url.split("?")[0];
+                if (path.startsWith("/_next/")) {
+                  span.context()._trace.isRecording = false;
+                  return;
+                }
+                const routePattern = getRoutePattern(path);
+                span.setTag("resource.name", `${method} ${routePattern}`);
+                span.setTag("http.route", routePattern);
+              }
+            }
+          }
+        });
+      } catch (err) {
+        console.error("[datadog] failed to initialize tracing", err);
+        tracer = null;
+      }
+    }
+    getRoutePattern = (path) => {
+      const routePatterns = [
+        // Update instance routes - normalize dynamic segments (capture suffix to preserve sub-routes)
+        { pattern: /^\/update\/instance\/[^/]+(.*)$/, replacement: "/update/instance/[instanceId]$1" }
+      ];
+      for (const { pattern, replacement } of routePatterns) {
+        if (pattern.test(path)) {
+          return path.replace(pattern, replacement);
+        }
+      }
+      return path;
+    };
+    tracer_default = tracer;
+  }
+});
 
 // src/utils/api-client.ts
+function isRedirectError(error) {
+  return typeof error === "object" && error !== null && "digest" in error && typeof error.digest === "string" && error.digest.startsWith("NEXT_REDIRECT");
+}
 async function authenticatedFetch(url, options = {}) {
   const { token, ...fetchOptions } = options;
   const headers = new Headers(fetchOptions.headers);
@@ -32,8 +145,17 @@ async function handle401() {
   const { redirect } = await import('next/navigation');
   return redirect("/?expired=1");
 }
+function isErrorPage(url) {
+  try {
+    const urlObj = new URL(url);
+    return urlObj.pathname === "/error";
+  } catch {
+    return url === "/error" || url.startsWith("/error?");
+  }
+}
 async function handleServerError(statusCode) {
   const { redirect } = await import('next/navigation');
+  const { cookies: cookies9 } = await import('next/headers');
   let sourceUrl;
   try {
     const { headers } = await import('next/headers');
@@ -41,12 +163,20 @@ async function handleServerError(statusCode) {
     const referer = headersList.get("referer");
     const host = headersList.get("host");
     const pathname = headersList.get("x-invoke-path") || headersList.get("x-forwarded-path");
-    if (referer) {
+    if (referer && !isErrorPage(referer)) {
       sourceUrl = referer;
     } else if (host && pathname) {
       const protocol = headersList.get("x-forwarded-proto") || "https";
       sourceUrl = `${protocol}://${host}${pathname}`;
     }
+    if (!sourceUrl || isErrorPage(sourceUrl)) {
+      const cookieStore = await cookies9();
+      const preservedSource = cookieStore.get("portal_error_source");
+      if (preservedSource?.value) {
+        sourceUrl = decodeURIComponent(preservedSource.value);
+        cookieStore.delete("portal_error_source");
+      }
+    }
   } catch (error) {
     console.debug("[portal-components] Could not determine source URL", error);
   }
@@ -57,6 +187,1039 @@ async function handleServerError(statusCode) {
   return redirect(`/error?${params.toString()}`);
 }
 
+// src/utils/observability/tracing.ts
+var tracerCache = void 0;
+function getTracer() {
+  if (tracerCache !== void 0) {
+    return tracerCache;
+  }
+  const rawFlag2 = String(process.env.USE_DATADOG_APM || "").toLowerCase();
+  const isEnabled2 = rawFlag2 === "true";
+  if (!isEnabled2) {
+    tracerCache = null;
+    return null;
+  }
+  try {
+    const tracerModule = (init_tracer(), __toCommonJS(tracer_exports));
+    const tracer2 = tracerModule.default || tracerModule;
+    if (tracer2 && typeof tracer2.trace === "function") {
+      tracerCache = tracer2;
+      return tracerCache;
+    }
+  } catch (err) {
+    console.warn("Failed to load tracer:", err);
+  }
+  tracerCache = null;
+  return null;
+}
+async function withTrace(name, fn) {
+  const activeTracer = getTracer();
+  if (!activeTracer) {
+    return fn(void 0);
+  }
+  return activeTracer.trace(name, async (span) => {
+    if (span) {
+      span.setTag("component", "application");
+    }
+    try {
+      const result = await fn(span);
+      return result;
+    } catch (error) {
+      if (span) {
+        span.setTag("error", error);
+      }
+      throw error;
+    }
+  });
+}
+function traceServerAction(name, fn) {
+  const spanName = name.startsWith("server.action.") ? name : `server.action.${name}`;
+  const traced = async (...args) => {
+    return withTrace(spanName, async (span) => {
+      if (span) {
+        span.setTag("component", "server-action");
+      }
+      const result = await fn(...args);
+      return result;
+    });
+  };
+  return traced;
+}
+var deriveInstallMethods = (licenseData) => {
+  const methods = [];
+  if (licenseData.isKotsInstallEnabled) {
+    methods.push("Replicated KOTS");
+  }
+  if (licenseData.isHelmInstallEnabled) {
+    methods.push("Helm");
+  }
+  if (licenseData.isHelmAirgapEnabled) {
+    methods.push("Helm Airgap");
+  }
+  if (licenseData.isEmbeddedClusterDownloadEnabled || licenseData.isEmbeddedClusterMultiNodeEnabled) {
+    methods.push("Embedded Cluster");
+  }
+  if (licenseData.isKurlInstallEnabled) {
+    methods.push("kURL");
+  }
+  if (licenseData.isGitopsSupported) {
+    methods.push("GitOps");
+  }
+  return Array.from(new Set(methods));
+};
+var convertEntitlementsToFields = (entitlementFields, entitlementValues) => {
+  const valuesMap = /* @__PURE__ */ new Map();
+  entitlementValues.forEach((ev) => {
+    valuesMap.set(ev.name, ev.value);
+  });
+  return entitlementFields.filter((field) => field.hidden === 0).map((field) => ({
+    key: field.name,
+    label: field.title || field.name,
+    value: valuesMap.get(field.name) || field.defaultVal || null,
+    isSecret: field.type === "Password"
+  }));
+};
+async function fetchLicenseCore() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  const token = session?.value;
+  if (!token) {
+    throw new Error("No session found - user must be authenticated");
+  }
+  const endpoint = `${getApiOrigin()}/enterprise-portal/license`;
+  if (process.env.NODE_ENV !== "production") {
+    console.debug("[portal-components] fetching license via %s (Enterprise Portal API)", endpoint);
+  }
+  const response = await authenticatedFetch(endpoint, {
+    method: "GET",
+    token,
+    headers: {
+      Accept: "application/json"
+    }
+  });
+  if (!response.ok) {
+    throw new Error(
+      `License request failed (${response.status} ${response.statusText})`
+    );
+  }
+  const envelope = await response.json();
+  const licenseData = envelope.data;
+  const license = {
+    ...licenseData,
+    // Alias fields for backward compatibility
+    expiresAt: licenseData.expireAt,
+    environment: licenseData.licenseType,
+    // Extract channel names from channels array
+    releaseChannels: (licenseData.channels || []).map((ch) => ch.channelName),
+    // Derive install methods from feature flags
+    installMethods: deriveInstallMethods(licenseData),
+    // Convert entitlements to fields format
+    fields: convertEntitlementsToFields(licenseData.entitlementFields || [], licenseData.entitlementValues || [])
+  };
+  return license;
+}
+var fetchLicenseImpl = react.cache(fetchLicenseCore);
+var fetchLicense = fetchLicenseImpl;
+
+// src/actions/install.ts
+async function fetchChannelReleases(input, context) {
+  const { token, channelId } = input;
+  if (!token || typeof token !== "string") {
+    throw new Error("fetchChannelReleases requires a session token");
+  }
+  const origin = getApiOrigin();
+  const url = new URL(`${origin}/enterprise-portal/channel-releases`);
+  if (channelId) {
+    url.searchParams.set("channel_id", channelId);
+  }
+  if (process.env.NODE_ENV !== "production") {
+    console.debug("[portal-components] fetching channel releases via %s (Enterprise Portal API)", url.toString());
+  }
+  const response = await authenticatedFetch(url.toString(), {
+    method: "GET",
+    token,
+    headers: {
+      accept: "application/json"
+    },
+    signal: context?.signal
+  });
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(
+      `Channel releases request failed (${response.status} ${response.statusText}): ${errorText}`
+    );
+  }
+  const envelope = await response.json();
+  const payload = envelope.data;
+  return {
+    channelReleases: payload?.channelReleases || []
+  };
+}
+async function createInstallOptions(input, context) {
+  const {
+    token,
+    installType,
+    instanceName,
+    serviceAccountId,
+    networkAvailability,
+    isMultiNode = false,
+    channelId,
+    channelReleaseSequence,
+    registryAvailability,
+    kubernetesDistribution
+  } = input;
+  if (!token || typeof token !== "string") {
+    throw new Error("createInstallOptions requires a session token");
+  }
+  if (!instanceName?.trim()) {
+    throw new Error("Instance name is required");
+  }
+  if (!serviceAccountId?.trim()) {
+    throw new Error("Service account ID is required");
+  }
+  const origin = getApiOrigin();
+  const endpoint = `${origin}/enterprise-portal/install-options?includeInstructions=true`;
+  const body = {
+    install_type: installType,
+    instance_name: instanceName.trim(),
+    service_account_id: serviceAccountId.trim(),
+    network_availability: networkAvailability,
+    is_multi_node: isMultiNode
+  };
+  if (channelId) {
+    body.channel_id = channelId;
+  }
+  if (channelReleaseSequence !== void 0) {
+    body.channel_release_sequence = channelReleaseSequence;
+  }
+  if (registryAvailability) {
+    body.registry_availability = registryAvailability;
+  }
+  if (kubernetesDistribution) {
+    body.kubernetes_distribution = kubernetesDistribution;
+  }
+  if (process.env.NODE_ENV !== "production") {
+    console.debug("[portal-components] creating install options via %s", endpoint);
+  }
+  const response = await authenticatedFetch(endpoint, {
+    method: "POST",
+    token,
+    headers: {
+      "content-type": "application/json",
+      accept: "application/json"
+    },
+    body: JSON.stringify(body),
+    signal: context?.signal
+  });
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(
+      `Create install options failed (${response.status} ${response.statusText}): ${errorText}`
+    );
+  }
+  return await response.json();
+}
+async function getInstallOptions(input, context) {
+  const {
+    token,
+    installOptionsId,
+    includeInstructions = true,
+    privateRegistryHostname,
+    proxyUrl
+  } = input;
+  if (!token || typeof token !== "string") {
+    throw new Error("getInstallOptions requires a session token");
+  }
+  if (!installOptionsId?.trim()) {
+    throw new Error("Install options ID is required");
+  }
+  const origin = getApiOrigin();
+  const url = new URL(`${origin}/enterprise-portal/install-options/${installOptionsId.trim()}`);
+  if (includeInstructions) {
+    url.searchParams.set("includeInstructions", "true");
+  }
+  if (privateRegistryHostname) {
+    url.searchParams.set("privateRegistryHostname", privateRegistryHostname);
+  }
+  if (proxyUrl) {
+    url.searchParams.set("proxyUrl", proxyUrl);
+  }
+  if (process.env.NODE_ENV !== "production") {
+    console.debug("[portal-components] fetching install options via %s (Enterprise Portal API)", url.toString());
+  }
+  const response = await authenticatedFetch(url.toString(), {
+    method: "GET",
+    token,
+    headers: {
+      accept: "application/json"
+    },
+    signal: context?.signal
+  });
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(
+      `Get install options failed (${response.status} ${response.statusText}): ${errorText}`
+    );
+  }
+  const envelope = await response.json();
+  return envelope.data;
+}
+async function updateInstallOptions(input, context) {
+  const {
+    token,
+    installOptionsId,
+    installType,
+    channelId,
+    channelReleaseSequence,
+    networkAvailability,
+    registryAvailability,
+    kubernetesDistribution,
+    isMultiNode,
+    serviceAccountId,
+    adminConsoleUrl,
+    status,
+    includeInstructions = true,
+    privateRegistryHostname,
+    proxyUrl
+  } = input;
+  if (!token || typeof token !== "string") {
+    throw new Error("updateInstallOptions requires a session token");
+  }
+  if (!installOptionsId?.trim()) {
+    throw new Error("Install options ID is required");
+  }
+  const origin = getApiOrigin();
+  const url = new URL(`${origin}/enterprise-portal/install-options/${installOptionsId.trim()}`);
+  if (includeInstructions) {
+    url.searchParams.set("includeInstructions", "true");
+  }
+  if (privateRegistryHostname) {
+    url.searchParams.set("privateRegistryHostname", privateRegistryHostname);
+  }
+  if (proxyUrl) {
+    url.searchParams.set("proxyUrl", proxyUrl);
+  }
+  const body = {};
+  if (installType !== void 0) {
+    body.install_type = installType;
+  }
+  if (channelId !== void 0) {
+    body.channel_id = channelId;
+  }
+  if (channelReleaseSequence !== void 0) {
+    body.channel_release_sequence = channelReleaseSequence;
+  }
+  if (networkAvailability !== void 0) {
+    body.network_availability = networkAvailability;
+  }
+  if (registryAvailability !== void 0) {
+    body.registry_availability = registryAvailability;
+  }
+  if (kubernetesDistribution !== void 0) {
+    body.kubernetes_distribution = kubernetesDistribution;
+  }
+  if (isMultiNode !== void 0) {
+    body.is_multi_node = isMultiNode;
+  }
+  if (serviceAccountId !== void 0) {
+    body.service_account_id = serviceAccountId;
+  }
+  if (adminConsoleUrl !== void 0) {
+    body.admin_console_url = adminConsoleUrl;
+  }
+  if (status !== void 0) {
+    body.status = status;
+  }
+  if (process.env.NODE_ENV !== "production") {
+    console.debug("[portal-components] updating install options via %s", url.toString());
+  }
+  const response = await authenticatedFetch(url.toString(), {
+    method: "PATCH",
+    token,
+    headers: {
+      "content-type": "application/json",
+      accept: "application/json"
+    },
+    body: JSON.stringify(body),
+    signal: context?.signal
+  });
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(
+      `Update install options failed (${response.status} ${response.statusText}): ${errorText}`
+    );
+  }
+  return await response.json();
+}
+async function fetchPendingInstallations(input, context) {
+  const { token } = input;
+  if (typeof token !== "string" || token.trim().length === 0) {
+    throw new Error("fetchPendingInstallations requires a non-empty token");
+  }
+  const origin = getApiOrigin();
+  const queryParams = new URLSearchParams();
+  queryParams.set("status", "in_progress");
+  queryParams.set("page_size", "5");
+  queryParams.set("order_by", "created_at");
+  queryParams.set("order_direction", "desc");
+  const endpoint = `${origin}/enterprise-portal/install-options?${queryParams.toString()}`;
+  if (process.env.NODE_ENV !== "production") {
+    console.debug("[portal-components] fetching pending installations via %s (Enterprise Portal API)", endpoint);
+  }
+  const response = await authenticatedFetch(endpoint, {
+    method: "GET",
+    token,
+    headers: {
+      accept: "application/json"
+    },
+    signal: context?.signal
+  });
+  if (!response.ok) {
+    throw new Error(
+      `Pending installations request failed (${response.status} ${response.statusText})`
+    );
+  }
+  const envelope = await response.json();
+  const payload = envelope.data;
+  const installArray = payload?.install_options || [];
+  const installations = installArray.map((item) => ({
+    id: String(item.id || ""),
+    name: String(item.instance_name || "Unknown"),
+    method: item.install_type === "helm" ? "helm" : "linux",
+    startedBy: String(item.service_account_email_address || "Unknown"),
+    startedAt: String(item.started_at || (/* @__PURE__ */ new Date()).toISOString())
+  }));
+  return {
+    installations
+  };
+}
+async function discardInstallation(input, context) {
+  const { token, installOptionsId } = input;
+  if (typeof token !== "string" || token.trim().length === 0) {
+    throw new Error("discardInstallation requires a non-empty token");
+  }
+  if (typeof installOptionsId !== "string" || installOptionsId.trim().length === 0) {
+    throw new Error("discardInstallation requires a non-empty installOptionsId");
+  }
+  const origin = getApiOrigin();
+  const response = await authenticatedFetch(
+    `${origin}/enterprise-portal/install-options/${installOptionsId.trim()}`,
+    {
+      method: "DELETE",
+      token,
+      headers: {
+        accept: "application/json"
+      },
+      signal: context?.signal
+    }
+  );
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(
+      `Discard install options failed (${response.status} ${response.statusText}): ${errorText}`
+    );
+  }
+  return {
+    success: true
+  };
+}
+
+// src/actions/install-actions.ts
+async function fetchPendingInstallationsActionImpl() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  const token = session?.value || "";
+  if (!token) {
+    return { installations: [] };
+  }
+  return fetchPendingInstallations({ token });
+}
+var fetchPendingInstallationsAction = traceServerAction("fetchPendingInstallationsAction", fetchPendingInstallationsActionImpl);
+async function fetchChannelReleasesActionImpl(token, channelId) {
+  return fetchChannelReleases({ token, channelId });
+}
+var fetchChannelReleasesAction = traceServerAction("fetchChannelReleasesAction", fetchChannelReleasesActionImpl);
+async function createInstallOptionsActionImpl(input) {
+  return createInstallOptions(input);
+}
+var createInstallOptionsAction = traceServerAction("createInstallOptionsAction", createInstallOptionsActionImpl);
+async function getInstallOptionsActionImpl(input) {
+  return getInstallOptions({
+    ...input,
+    includeInstructions: input.includeInstructions ?? true
+  });
+}
+var getInstallOptionsAction = traceServerAction("getInstallOptionsAction", getInstallOptionsActionImpl);
+async function updateInstallOptionsActionImpl(input) {
+  return updateInstallOptions({
+    ...input,
+    includeInstructions: input.includeInstructions ?? true
+  });
+}
+var updateInstallOptionsAction = traceServerAction("updateInstallOptionsAction", updateInstallOptionsActionImpl);
+async function discardInstallationActionImpl(installOptionsId) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  const token = session?.value || "";
+  if (!token) {
+    throw new Error("Authentication required");
+  }
+  return discardInstallation({ token, installOptionsId });
+}
+var discardInstallationAction = traceServerAction("discardInstallationAction", discardInstallationActionImpl);
+
+// src/actions/service-account.ts
+async function createServiceAccountActionImpl(name, token) {
+  return createServiceAccount.run({ name, token });
+}
+var createServiceAccountAction = traceServerAction("createServiceAccountAction", createServiceAccountActionImpl);
+async function fetchAppInfoImpl() {
+  let appName = "Application";
+  let channelName = "";
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  const token = session?.value;
+  if (!token) {
+    return { appName, channelName };
+  }
+  try {
+    const branding = await fetchCustomBranding();
+    if (branding?.brandingData) {
+      const decoded = buffer.Buffer.from(branding.brandingData, "base64").toString("utf-8");
+      const brandingObj = JSON.parse(decoded);
+      if (brandingObj.title) {
+        appName = brandingObj.title;
+      }
+    }
+  } catch (error) {
+    console.error("[fetch-app-info] fetchCustomBranding failed", error);
+  }
+  const license = await fetchLicense();
+  if (license?.releaseChannels && license.releaseChannels.length > 0) {
+    const channel = license.releaseChannels[0];
+    if (channel) {
+      channelName = channel;
+    }
+  }
+  return { appName, channelName };
+}
+var fetchAppInfo = traceServerAction("fetchAppInfo", fetchAppInfoImpl);
+async function fetchTeamUsersActionImpl(limit = 25, offset = 0) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await fetchTeamUsers.run({
+    token: session.value,
+    limit,
+    offset
+  });
+  let currentUserEmail;
+  try {
+    const payload = decodeJwtPayload(session.value);
+    currentUserEmail = payload?.email;
+  } catch {
+  }
+  return {
+    users: result.users,
+    total: result.total,
+    currentUserEmail
+  };
+}
+var fetchTeamUsersAction = traceServerAction("fetchTeamUsersAction", fetchTeamUsersActionImpl);
+async function inviteUserActionImpl(email) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  await inviteUser.run({
+    token: session.value,
+    email
+  });
+  cache.revalidatePath("/team-settings");
+  return { success: true };
+}
+var inviteUserAction = traceServerAction("inviteUserAction", inviteUserActionImpl);
+async function deleteUserActionImpl(id, isPendingInvite) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  await deleteUser.run({
+    token: session.value,
+    id,
+    isPendingInvite
+  });
+  cache.revalidatePath("/team-settings");
+  return { success: true };
+}
+var deleteUserAction = traceServerAction("deleteUserAction", deleteUserActionImpl);
+async function fetchServiceAccountsActionImpl(limit = 50, offset = 0, includeRevoked = false) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await fetchServiceAccounts.run({
+    token: session.value,
+    limit,
+    offset,
+    includeRevoked
+  });
+  return {
+    serviceAccounts: result.serviceAccounts,
+    total: result.total
+  };
+}
+var fetchServiceAccountsAction = traceServerAction("fetchServiceAccountsAction", fetchServiceAccountsActionImpl);
+async function createServiceAccountActionImpl2(name) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await createServiceAccount.run({
+    token: session.value,
+    name
+  });
+  cache.revalidatePath("/team-settings");
+  return {
+    serviceAccount: {
+      id: result.service_account.id,
+      accountName: result.service_account.accountName
+    },
+    token: result.token
+  };
+}
+traceServerAction("createServiceAccountAction", createServiceAccountActionImpl2);
+async function revokeServiceAccountActionImpl(accountId) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  await revokeServiceAccount.run({
+    token: session.value,
+    accountId
+  });
+  cache.revalidatePath("/team-settings");
+  return { success: true };
+}
+var revokeServiceAccountAction = traceServerAction("revokeServiceAccountAction", revokeServiceAccountActionImpl);
+async function rotateServiceAccountTokenActionImpl(accountId) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await rotateServiceAccountToken.run({
+    token: session.value,
+    accountId
+  });
+  cache.revalidatePath("/team-settings");
+  return result;
+}
+var rotateServiceAccountTokenAction = traceServerAction("rotateServiceAccountTokenAction", rotateServiceAccountTokenActionImpl);
+async function fetchInstancesActionImpl() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await fetchInstances.run({
+    token: session.value
+  });
+  return result.instances;
+}
+var fetchInstancesAction = traceServerAction("fetchInstancesAction", fetchInstancesActionImpl);
+async function fetchSamlConfigActionImpl() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await fetchSamlConfig.run({
+    token: session.value
+  });
+  return result.config;
+}
+var fetchSamlConfigAction = traceServerAction("fetchSamlConfigAction", fetchSamlConfigActionImpl);
+async function updateSamlConfigActionImpl(idpMetadataXml, idpPublicCert) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  await updateSamlConfig.run({
+    token: session.value,
+    idpMetadataXml,
+    idpPublicCert
+  });
+  cache.revalidatePath("/team-settings");
+  return { success: true };
+}
+var updateSamlConfigAction = traceServerAction("updateSamlConfigAction", updateSamlConfigActionImpl);
+async function toggleSamlEnabledActionImpl(enabled) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await toggleSamlEnabled.run({
+    token: session.value,
+    enabled
+  });
+  cache.revalidatePath("/team-settings");
+  return result;
+}
+var toggleSamlEnabledAction = traceServerAction("toggleSamlEnabledAction", toggleSamlEnabledActionImpl);
+async function deprovisionSamlActionImpl() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  await deprovisionSaml.run({
+    token: session.value
+  });
+  cache.revalidatePath("/team-settings");
+  return { success: true };
+}
+var deprovisionSamlAction = traceServerAction("deprovisionSamlAction", deprovisionSamlActionImpl);
+async function fetchAppFeaturesImpl() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  const appSlug = process.env.PORTAL_APP_SLUG;
+  if (!appSlug) {
+    throw new Error("PORTAL_APP_SLUG is not configured");
+  }
+  const params = new URLSearchParams({ app_slug: appSlug });
+  if (session?.value) {
+    try {
+      const payload = decodeJwtPayload(session.value);
+      const customerId = payload?.customer_id;
+      if (customerId) {
+        params.set("customer_id", customerId);
+      }
+    } catch {
+    }
+  }
+  const url = `${getApiOrigin()}/enterprise-portal/public/app-features?${params.toString()}`;
+  const response = await fetch(url, {
+    headers: {
+      Accept: "application/json"
+    }
+  });
+  if (!response.ok) {
+    throw new Error(`Failed to fetch app features: ${response.status} ${response.statusText}`);
+  }
+  const data = await response.json();
+  return {
+    epEnabled: data.ep_enabled ?? false,
+    trialSignupEnabled: data.trial_signup_enabled ?? false,
+    trialExpirationDays: data.trial_expiration_days ?? 30,
+    licenseType: data.license_type ?? "trial",
+    termsAndConditionsUrl: data.terms_and_conditions_url ?? "",
+    epSecurityCenterEnabled: data.ep_security_center_enabled ?? false,
+    epSamlAuthEnabled: data.ep_saml_auth_enabled ?? false,
+    epHideSupportBundleUploadEnabled: data.ep_hide_support_bundle_upload_enabled ?? false
+  };
+}
+var fetchAppFeatures = traceServerAction("fetchAppFeatures", fetchAppFeaturesImpl);
+async function fetchCurrentUserActionImpl() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await fetchCurrentUser.run({ token: session.value });
+  return result.user;
+}
+var fetchCurrentUserAction = traceServerAction("fetchCurrentUserAction", fetchCurrentUserActionImpl);
+async function updateUserActionImpl(data) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  await updateUser.run({
+    token: session.value,
+    firstName: data.firstName,
+    lastName: data.lastName
+  });
+  cache.revalidatePath("/user-settings");
+  return { success: true };
+}
+var updateUserAction = traceServerAction("updateUserAction", updateUserActionImpl);
+async function fetchNotificationsActionImpl(customerId) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await fetchNotifications.run({
+    token: session.value,
+    customerId
+  });
+  return result.notifications;
+}
+var fetchNotificationsAction = traceServerAction("fetchNotificationsAction", fetchNotificationsActionImpl);
+async function updateNotificationsActionImpl(customerId, notifications) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await updateNotifications.run({
+    token: session.value,
+    customerId,
+    notifications
+  });
+  return result.notifications;
+}
+var updateNotificationsAction = traceServerAction("updateNotificationsAction", updateNotificationsActionImpl);
+async function fetchTeamsForUserSettingsImpl() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    return { teams: [], currentCustomerId: void 0 };
+  }
+  const token = session.value;
+  const currentCustomerId = getCustomerIdFromToken(token);
+  try {
+    const result = await fetchCustomers.run({ token });
+    const payload = decodeJwtPayload(token);
+    const appId = payload?.app_id || "";
+    const appSlug = payload?.app_slug || process.env.PORTAL_APP_SLUG || "";
+    const appName = appSlug;
+    const teams = result.customers.map((c) => ({
+      id: c.id,
+      name: c.name,
+      appId,
+      appName,
+      appSlug
+    }));
+    return { teams, currentCustomerId };
+  } catch (error) {
+    console.error("[fetch-teams-for-user-settings] Failed to fetch teams:", error);
+    return { teams: [], currentCustomerId };
+  }
+}
+var fetchTeamsForUserSettings = traceServerAction("fetchTeamsForUserSettings", fetchTeamsForUserSettingsImpl);
+async function changeTeamActionImpl(customerId) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    throw new Error("No session found");
+  }
+  const result = await switchCustomer.run({
+    token: session.value,
+    customerId
+  });
+  sessionStore.delete("portal_session");
+  sessionStore.set("portal_session", result.token, {
+    httpOnly: true,
+    secure: process.env.NODE_ENV === "production",
+    sameSite: "lax",
+    path: "/"
+  });
+  cache.revalidatePath("/", "layout");
+}
+var changeTeamAction = traceServerAction("changeTeamAction", changeTeamActionImpl);
+async function fetchCustomersForMenuImpl() {
+  try {
+    const sessionStore = await headers.cookies();
+    const session = sessionStore.get("portal_session");
+    if (!session?.value) {
+      return { customers: [] };
+    }
+    const token = session.value;
+    const currentCustomerId = getCustomerIdFromToken(token);
+    const endpoint = `${getApiOrigin()}/enterprise-portal/user`;
+    const response = await authenticatedFetch(endpoint, {
+      method: "GET",
+      token,
+      headers: {
+        Accept: "application/json"
+      }
+    });
+    if (!response.ok) {
+      console.error("[fetch-customers-for-menu] Failed to fetch user data:", response.status);
+      return { customers: [], currentCustomerId };
+    }
+    const payload = await response.json();
+    const userData = payload.data;
+    const mappedCustomers = (userData?.customers || []).map((c) => ({
+      id: c.id,
+      name: c.name
+    }));
+    return {
+      customers: mappedCustomers,
+      currentCustomerId
+    };
+  } catch (error) {
+    if (isRedirectError(error)) {
+      throw error;
+    }
+    console.error("[fetch-customers-for-menu] Failed to fetch customers:", error);
+    return { customers: [] };
+  }
+}
+var fetchCustomersForMenu = traceServerAction("fetchCustomersForMenu", fetchCustomersForMenuImpl);
+async function downloadSupportBundleActionImpl(bundleId) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    return { success: false, error: "Not authenticated" };
+  }
+  try {
+    const result = await downloadSupportBundle.run({
+      token: session.value,
+      bundleId
+    });
+    return { success: true, signedUrl: result.signedUrl };
+  } catch (error) {
+    console.error("[support-bundles] download failed", error);
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : "Failed to download bundle"
+    };
+  }
+}
+var downloadSupportBundleAction = traceServerAction("downloadSupportBundleAction", downloadSupportBundleActionImpl);
+async function deleteSupportBundleActionImpl(bundleId) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    return { success: false, error: "Not authenticated" };
+  }
+  try {
+    await deleteSupportBundle.run({
+      token: session.value,
+      bundleId
+    });
+    return { success: true };
+  } catch (error) {
+    console.error("[support-bundles] delete failed", error);
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : "Failed to delete bundle"
+    };
+  }
+}
+var deleteSupportBundleAction = traceServerAction("deleteSupportBundleAction", deleteSupportBundleActionImpl);
+async function uploadSupportBundleActionImpl(formData) {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    return { success: false, error: "Not authenticated" };
+  }
+  const file = formData.get("file");
+  const appId = formData.get("appId");
+  if (!file) {
+    return { success: false, error: "No file provided" };
+  }
+  if (!appId) {
+    return { success: false, error: "No app ID provided" };
+  }
+  const MAX_FILE_SIZE = 500 * 1024 * 1024;
+  if (file.size > MAX_FILE_SIZE) {
+    return { success: false, error: "File size exceeds 500MB limit" };
+  }
+  try {
+    const endpoint = `${getApiOrigin()}/enterprise-portal/support-bundles/upload/${encodeURIComponent(appId)}`;
+    const response = await authenticatedFetch(endpoint, {
+      method: "POST",
+      token: session.value,
+      headers: {
+        "Content-Type": "application/gzip"
+      },
+      body: file,
+      // @ts-ignore - duplex is needed for streaming but not in TypeScript types yet
+      duplex: "half"
+    });
+    if (!response.ok) {
+      const errorText = await response.text().catch(() => "");
+      throw new Error(`Upload failed: ${response.status} ${response.statusText}${errorText ? `: ${errorText}` : ""}`);
+    }
+    const data = await response.json();
+    return {
+      success: true,
+      bundleId: data.bundleId,
+      bundleSlug: data.slug
+    };
+  } catch (error) {
+    console.error("[support-bundles] upload failed", error);
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : "Failed to upload support bundle"
+    };
+  }
+}
+var uploadSupportBundleAction = traceServerAction("uploadSupportBundleAction", uploadSupportBundleActionImpl);
+async function listSupportBundlesActionImpl() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  if (!session?.value) {
+    return { success: false, error: "Not authenticated" };
+  }
+  try {
+    const result = await listSupportBundles.run({
+      token: session.value
+    });
+    return {
+      success: true,
+      bundles: result.bundles,
+      totalCount: result.totalCount
+    };
+  } catch (error) {
+    console.error("[support-bundles] list failed", error);
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : "Failed to list bundles"
+    };
+  }
+}
+var listSupportBundlesAction = traceServerAction("listSupportBundlesAction", listSupportBundlesActionImpl);
+async function fetchUserCore() {
+  const sessionStore = await headers.cookies();
+  const session = sessionStore.get("portal_session");
+  const token = session?.value;
+  if (!token) {
+    return {};
+  }
+  try {
+    const endpoint = `${getApiOrigin()}/enterprise-portal/user`;
+    const response = await authenticatedFetch(endpoint, {
+      method: "GET",
+      token,
+      headers: {
+        Accept: "application/json"
+      }
+    });
+    if (!response.ok) {
+      console.error("[fetch-user] API request failed:", response.status);
+      return {};
+    }
+    const data = await response.json();
+    if (process.env.NODE_ENV !== "production") {
+      console.debug("[fetch-user] user data:", data);
+    }
+    return data;
+  } catch (error) {
+    if (isRedirectError(error)) {
+      throw error;
+    }
+    console.error("[fetch-user] Error fetching from API:", error);
+    return {};
+  }
+}
+var fetchUserImpl = traceServerAction("fetchUser", fetchUserCore);
+var fetchUser = react.cache(fetchUserImpl);
+
 // src/actions/index.ts
 var getApiOrigin = () => {
   return (process.env.REPLICATED_APP_ORIGIN || "https://replicated.app").replace(/\/+$/, "");
@@ -233,11 +1396,15 @@ var fetchCustomBrandingImpl = async () => {
   const payload = await response.json();
   const brandingObject = {
     logo: payload.logoUrl,
-    title: payload.appName,
-    customColor1: payload.primaryColor,
-    customColor2: payload.secondaryColor,
+    title: payload.title,
+    primaryColor: payload.primaryColor,
+    secondaryColor: payload.secondaryColor,
     favicon: payload.faviconUrl,
-    supportPortalLink: payload.supportPortalLink || ""
+    supportPortalLink: payload.supportPortalLink || "",
+    background: payload.background,
+    backgroundImage: payload.backgroundImage,
+    customColor1: payload.customColor1,
+    customColor2: payload.customColor2
   };
   const brandingData = buffer.Buffer.from(JSON.stringify(brandingObject)).toString("base64");
   return {
@@ -500,433 +1667,38 @@ var uploadSupportBundle = defineServerAction({
 var getSupportBundleUploadUrl = (appId) => {
   return `${getApiOrigin()}/enterprise-portal/support-bundles/upload/${encodeURIComponent(appId)}`;
 };
-var listReleases = defineServerAction({
-  id: "releases/list",
-  description: "Lists available releases for the authenticated customer.",
-  visibility: "customer",
-  tags: ["releases"],
-  async run({ token }, context) {
-    if (!token || typeof token !== "string") {
-      throw new Error("List releases requires a session token");
-    }
-    const endpoint = `${getApiOrigin()}/enterprise-portal/releases`;
-    if (process.env.NODE_ENV !== "production") {
-      console.debug("[portal-components] fetching releases via %s (Enterprise Portal API)", endpoint);
-    }
-    const response = await authenticatedFetch(endpoint, {
-      method: "GET",
-      token,
-      headers: {
-        accept: "application/json"
-      },
-      signal: context?.signal
-    });
-    const bodyText = await response.text().catch((error) => {
-      console.warn("[portal-components] listReleases read error", error);
-      return null;
-    });
-    if (!response.ok) {
-      throw new Error(
-        `List releases request failed (${response.status} ${response.statusText})`
-      );
-    }
-    return {
-      status: response.status,
-      body: bodyText
-    };
-  }
-});
-var asRecord = (value) => {
-  if (value && typeof value === "object") {
-    return value;
-  }
-  return void 0;
-};
-var getValue = (record, key) => record ? record[key] : void 0;
-var getString = (record, key) => {
-  const value = getValue(record, key);
-  return typeof value === "string" ? value : void 0;
-};
-var getBoolean = (record, key) => {
-  const value = getValue(record, key);
-  if (typeof value === "boolean") {
-    return value;
-  }
-  if (typeof value === "number") {
-    return value === 1;
-  }
-  if (typeof value === "string") {
-    const normalized = value.trim().toLowerCase();
-    if (["true", "1", "yes"].includes(normalized)) {
-      return true;
-    }
-    if (["false", "0", "no"].includes(normalized)) {
-      return false;
-    }
-  }
-  return void 0;
-};
-var toDisplayValue = (value) => {
-  if (value === null || value === void 0) {
-    return null;
-  }
-  if (typeof value === "string") {
-    return value;
-  }
-  if (typeof value === "number" || typeof value === "boolean") {
-    return String(value);
-  }
-  try {
-    return JSON.stringify(value);
-  } catch {
-    return String(value);
-  }
-};
-var normalizeStringArray = (value) => {
-  if (Array.isArray(value)) {
-    const normalized = value.map(
-      (item) => typeof item === "string" ? item.trim() : ""
-    ).filter((item) => item.length > 0);
-    return normalized.length ? normalized : void 0;
-  }
-  if (typeof value === "string") {
-    const normalized = value.split(",").map((item) => item.trim()).filter((item) => item.length > 0);
-    return normalized.length ? normalized : void 0;
-  }
-  return void 0;
-};
-var normalizeLicenseFields = (input) => {
-  if (!input) {
-    return [];
-  }
-  if (Array.isArray(input)) {
-    return input.map((field, index) => {
-      if (!field || typeof field !== "object") {
-        return null;
-      }
-      const candidate = field;
-      const key = typeof candidate.key === "string" && candidate.key.trim().length ? candidate.key.trim() : typeof candidate.name === "string" && candidate.name.trim().length ? candidate.name.trim() : typeof candidate.label === "string" && candidate.label.trim().length ? candidate.label.trim() : `field-${index}`;
-      const label = typeof candidate.label === "string" && candidate.label.trim().length ? candidate.label.trim() : typeof candidate.name === "string" && candidate.name.trim().length ? candidate.name.trim() : key;
-      let value = candidate.value ?? candidate.data ?? candidate.content;
-      if ((value === void 0 || value === null) && typeof candidate.text === "string") {
-        value = candidate.text;
-      }
-      if ((value === void 0 || value === null) && typeof candidate.defaultValue === "string") {
-        value = candidate.defaultValue;
-      }
-      const isSecret = Boolean(
-        candidate.isSecret ?? candidate.secret ?? candidate.masked
-      );
-      const resolved = toDisplayValue(value);
-      return {
-        key,
-        label,
-        value: resolved,
-        isSecret
-      };
-    }).filter((field) => Boolean(field));
-  }
-  if (typeof input === "object") {
-    return Object.entries(input).map(
-      ([key, value]) => {
-        let resolvedValue = value;
-        let isSecret = false;
-        if (value && typeof value === "object") {
-          const obj = value;
-          if ("value" in obj) {
-            resolvedValue = obj.value;
-          }
-          isSecret = Boolean(obj.isSecret ?? obj.secret ?? obj.masked);
-        }
-        const normalized = toDisplayValue(resolvedValue);
-        return {
-          key,
-          label: key,
-          value: normalized,
-          isSecret
-        };
-      }
-    );
-  }
-  return [];
-};
-var extractChannelNames = (input) => {
-  if (!Array.isArray(input)) {
-    return void 0;
+async function listReleasesImpl() {
+  const { cookies: cookies9 } = await import('next/headers');
+  const sessionStore = await cookies9();
+  const session = sessionStore.get("portal_session");
+  const token = session?.value;
+  if (!token) {
+    throw new Error("List releases requires a session token");
+  }
+  const endpoint = `${getApiOrigin()}/enterprise-portal/releases`;
+  if (process.env.NODE_ENV !== "production") {
+    console.debug("[portal-components] fetching releases via %s (Enterprise Portal API)", endpoint);
   }
-  const names = input.map((item) => {
-    if (typeof item === "string") {
-      return item.trim();
-    }
-    const record = asRecord(item);
-    if (!record) {
-      return null;
-    }
-    return getString(record, "name") ?? getString(record, "channelName") ?? getString(record, "channel") ?? getString(record, "channelSlug") ?? getString(record, "slug") ?? void 0;
-  }).filter((name) => Boolean(name && name.length));
-  return names.length ? names : void 0;
-};
-var normalizeEntitlementFields = (fieldsInput, valuesInput) => {
-  const valuesMap = /* @__PURE__ */ new Map();
-  const assignValue = (key, value) => {
-    if (!key) {
-      return;
+  const response = await authenticatedFetch(endpoint, {
+    method: "GET",
+    token,
+    headers: {
+      accept: "application/json"
     }
-    valuesMap.set(key, toDisplayValue(value));
-  };
-  if (Array.isArray(valuesInput)) {
-    valuesInput.forEach((item) => {
-      const record = asRecord(item);
-      if (!record) {
-        if (typeof item === "string") {
-          assignValue(item, item);
-        }
-        return;
-      }
-      const key = getString(record, "name") ?? getString(record, "field") ?? getString(record, "title") ?? getString(record, "label") ?? getString(record, "slug") ?? (() => {
-        const idValue = getValue(record, "id");
-        if (typeof idValue === "string" || typeof idValue === "number") {
-          return String(idValue);
-        }
-        return void 0;
-      })();
-      const value = getValue(record, "value") ?? getValue(record, "currentValue") ?? getValue(record, "entitlementValue") ?? getValue(record, "content") ?? getValue(record, "data") ?? getValue(record, "defaultVal") ?? getValue(record, "defaultValue");
-      assignValue(key, value);
-    });
-  } else if (valuesInput && typeof valuesInput === "object") {
-    Object.entries(valuesInput).forEach(
-      ([key, value]) => assignValue(key, value)
+  });
+  if (!response.ok) {
+    throw new Error(
+      `List releases request failed (${response.status} ${response.statusText})`
     );
   }
-  const normalized = [];
-  if (Array.isArray(fieldsInput)) {
-    fieldsInput.forEach((item, index) => {
-      const record = asRecord(item);
-      if (!record) {
-        return;
-      }
-      const baseKey = getString(record, "name") ?? getString(record, "field") ?? getString(record, "slug") ?? `entitlement-${index}`;
-      const key = `entitlement-${baseKey}`;
-      const label = getString(record, "title") ?? getString(record, "label") ?? baseKey;
-      const defaultValue = getString(record, "defaultVal") ?? getString(record, "default") ?? getString(record, "defaultValue");
-      const value = valuesMap.get(baseKey) ?? valuesMap.get(label) ?? defaultValue ?? null;
-      const isSecret = Boolean(
-        getBoolean(record, "secret") ?? getBoolean(record, "isSecret") ?? getBoolean(record, "masked")
-      );
-      normalized.push({
-        key,
-        label,
-        value,
-        isSecret
-      });
-    });
-  }
-  valuesMap.forEach((value, key) => {
-    const normalizedKey = `entitlement-${key}`;
-    if (!normalized.some((field) => field.key === normalizedKey)) {
-      normalized.push({
-        key: normalizedKey,
-        label: key,
-        value
-      });
-    }
-  });
-  return normalized;
-};
-var normalizeLicensePayload = (payload) => {
-  const payloadRecord = asRecord(payload);
-  const rootRecord = asRecord(getValue(payloadRecord, "license")) ?? asRecord(getValue(payloadRecord, "data")) ?? payloadRecord ?? {};
-  const sourceRecord = asRecord(getValue(rootRecord, "metadata")) ?? rootRecord;
-  const customer = asRecord(getValue(rootRecord, "customer")) ?? asRecord(getValue(sourceRecord, "customer")) ?? asRecord(getValue(payloadRecord, "customer")) ?? {};
-  let releaseChannels = normalizeStringArray(
-    getValue(rootRecord, "releaseChannels") ?? getValue(sourceRecord, "releaseChannels") ?? getValue(sourceRecord, "channels") ?? getValue(rootRecord, "channels") ?? getValue(sourceRecord, "channel") ?? getValue(rootRecord, "channel")
-  ) ?? void 0;
-  if (!releaseChannels) {
-    releaseChannels = extractChannelNames(getValue(rootRecord, "channels")) ?? extractChannelNames(getValue(sourceRecord, "channels")) ?? void 0;
-  }
-  let installMethods = normalizeStringArray(
-    getValue(rootRecord, "installMethods") ?? getValue(sourceRecord, "installMethods") ?? getValue(sourceRecord, "install_options") ?? getValue(rootRecord, "install_options") ?? getValue(sourceRecord, "installOptions")
-  ) ?? void 0;
-  if (!installMethods || installMethods.length === 0) {
-    const resolved = [];
-    const flag = (key) => getBoolean(rootRecord, key) ?? getBoolean(sourceRecord, key) ?? false;
-    if (flag("isKotsInstallEnabled")) {
-      resolved.push("Replicated KOTS");
-    }
-    if (flag("isHelmInstallEnabled")) {
-      resolved.push("Helm");
-    }
-    if (flag("isHelmAirgapEnabled")) {
-      resolved.push("Helm Airgap");
-    }
-    if (flag("isEmbeddedClusterDownloadEnabled") || flag("isEmbeddedClusterMultiNodeEnabled")) {
-      resolved.push("Embedded Cluster");
-    }
-    if (flag("isKurlInstallEnabled")) {
-      resolved.push("kURL");
-    }
-    if (flag("isGitopsSupported")) {
-      resolved.push("GitOps");
-    }
-    if (resolved.length) {
-      installMethods = Array.from(new Set(resolved));
-    }
-  }
-  const expiresAtSource = getValue(sourceRecord, "expiresAt") ?? getValue(sourceRecord, "expireAt") ?? getValue(sourceRecord, "expire_at") ?? getValue(sourceRecord, "expiration") ?? getValue(sourceRecord, "expirationDate") ?? getValue(sourceRecord, "expires_on") ?? getValue(rootRecord, "expiresAt") ?? getValue(rootRecord, "expireAt") ?? getValue(rootRecord, "expire_at") ?? getValue(rootRecord, "expiration");
-  const expiresAt = typeof expiresAtSource === "string" && expiresAtSource.trim().length ? expiresAtSource : expiresAtSource === null ? null : void 0;
-  const baseFields = normalizeLicenseFields(
-    getValue(rootRecord, "additionalFields") ?? getValue(sourceRecord, "additionalFields") ?? getValue(sourceRecord, "fields") ?? getValue(rootRecord, "fields") ?? getValue(payloadRecord, "fields") ?? getValue(payloadRecord, "additional_fields")
-  );
-  const entitlementFields = normalizeEntitlementFields(
-    getValue(rootRecord, "entitlementFields") ?? getValue(sourceRecord, "entitlementFields"),
-    getValue(rootRecord, "entitlementValues") ?? getValue(sourceRecord, "entitlementValues")
-  );
-  const fields = [
-    ...baseFields,
-    ...entitlementFields.filter(
-      (field) => !baseFields.some((existing) => existing.key === field.key)
-    )
-  ];
-  const statusFromSource = getString(sourceRecord, "status") ?? getString(sourceRecord, "state");
-  const statusLabelFromSource = getString(sourceRecord, "statusLabel") ?? getString(sourceRecord, "stateLabel");
-  const expiredFlag = getBoolean(sourceRecord, "isExpired") ?? getBoolean(rootRecord, "isExpired");
-  const derivedStatus = statusFromSource ?? (typeof expiredFlag === "boolean" ? expiredFlag ? "expired" : "active" : void 0);
-  const statusLabel = statusLabelFromSource ?? (derivedStatus ? derivedStatus.charAt(0).toUpperCase() + derivedStatus.slice(1) : void 0);
-  const licenseType = getString(sourceRecord, "licenseType") ?? getString(rootRecord, "licenseType");
-  const status = derivedStatus;
-  const license = {
-    id: getString(rootRecord, "id") ?? getString(sourceRecord, "id") ?? getString(sourceRecord, "licenseId") ?? getString(customer, "licenseId") ?? void 0,
-    status,
-    statusLabel,
-    environment: getString(sourceRecord, "environment") ?? getString(sourceRecord, "tier") ?? licenseType ?? void 0,
-    expiresAt: expiresAt ?? null,
-    releaseChannels: releaseChannels ?? [
-      getString(rootRecord, "channelName") ?? getString(rootRecord, "channel") ?? void 0
-    ].filter((value) => Boolean(value)),
-    installMethods,
-    installNotes: getString(sourceRecord, "installNotes"),
-    customerName: getString(sourceRecord, "customerName") ?? getString(customer, "name") ?? void 0,
-    customerId: getString(sourceRecord, "customerId") ?? getString(customer, "id") ?? getString(rootRecord, "customerId") ?? void 0,
-    customerOrganization: getString(customer, "organization") ?? getString(sourceRecord, "customerOrganization") ?? getString(rootRecord, "customerOrganization") ?? void 0,
-    fields
+  const envelope = await response.json();
+  const data = envelope.data;
+  return {
+    releases: Array.isArray(data?.releases) ? data.releases : [],
+    totalCount: data?.totalCount || 0
   };
-  return license;
-};
-var fetchLicenseDetails = defineServerAction({
-  id: "license/fetch-details",
-  description: "Fetches the authenticated user's enterprise license details.",
-  visibility: "customer",
-  tags: ["license", "entitlements"],
-  async run({ token }, context) {
-    if (typeof token !== "string" || token.trim().length === 0) {
-      throw new Error("fetchLicenseDetails requires a non-empty token");
-    }
-    const endpoint = `${getApiOrigin()}/enterprise-portal/license`;
-    if (process.env.NODE_ENV !== "production") {
-      console.debug("[portal-components] fetching license via %s (Enterprise Portal API)", endpoint);
-    }
-    const response = await authenticatedFetch(endpoint, {
-      method: "GET",
-      token,
-      headers: {
-        accept: "application/json"
-      },
-      signal: context?.signal
-    });
-    if (!response.ok) {
-      throw new Error(
-        `License request failed (${response.status} ${response.statusText})`
-      );
-    }
-    const payload = await response.json();
-    const licenseData = payload.data;
-    const license = normalizeLicensePayload(licenseData);
-    return {
-      license,
-      raw: licenseData ?? null
-    };
-  }
-});
-var fetchInstallOptions = defineServerAction({
-  id: "license/fetch-install-options",
-  description: "Fetches install options based on license entitlements.",
-  visibility: "customer",
-  tags: ["license", "install"],
-  async run({ token }, context) {
-    if (typeof token !== "string" || token.trim().length === 0) {
-      throw new Error("fetchInstallOptions requires a non-empty token");
-    }
-    const endpoint = `${getApiOrigin()}/enterprise-portal/license`;
-    if (process.env.NODE_ENV !== "production") {
-      console.debug("[portal-components] fetching install options via %s (Enterprise Portal API)", endpoint);
-    }
-    const response = await authenticatedFetch(endpoint, {
-      method: "GET",
-      token,
-      headers: {
-        accept: "application/json"
-      },
-      signal: context?.signal
-    });
-    if (!response.ok) {
-      throw new Error(
-        `License request failed (${response.status} ${response.statusText})`
-      );
-    }
-    const envelope = await response.json();
-    const licenseData = envelope.data;
-    const getBoolean2 = (obj, key) => {
-      if (obj && typeof obj === "object" && key in obj) {
-        const val = obj[key];
-        return val === true || val === "true";
-      }
-      return false;
-    };
-    const showLinux = getBoolean2(licenseData, "isEmbeddedClusterDownloadEnabled");
-    const showHelm = getBoolean2(licenseData, "isHelmInstallEnabled");
-    return {
-      showLinux,
-      showHelm
-    };
-  }
-});
-var fetchLicenseSummary = defineServerAction({
-  id: "license/fetch-summary",
-  description: "Fetches license summary for the license card.",
-  visibility: "customer",
-  tags: ["license"],
-  async run({ token }, context) {
-    if (typeof token !== "string" || token.trim().length === 0) {
-      throw new Error("fetchLicenseSummary requires a non-empty token");
-    }
-    const endpoint = `${getApiOrigin()}/enterprise-portal/license`;
-    if (process.env.NODE_ENV !== "production") {
-      console.debug("[portal-components] fetching license summary via %s (Enterprise Portal API)", endpoint);
-    }
-    const response = await authenticatedFetch(endpoint, {
-      method: "GET",
-      token,
-      headers: {
-        accept: "application/json"
-      },
-      signal: context?.signal
-    });
-    if (!response.ok) {
-      throw new Error(
-        `License request failed (${response.status} ${response.statusText})`
-      );
-    }
-    const envelope = await response.json();
-    const licenseData = envelope.data;
-    const license = normalizeLicensePayload(licenseData);
-    const type = license.environment || "Unknown";
-    const expiresAt = license.expiresAt || null;
-    return {
-      type,
-      expiresAt
-    };
-  }
-});
+}
+var listReleases = traceServerAction("listReleases", listReleasesImpl);
 var fetchCustomers = defineServerAction({
   id: "auth/fetch-customers",
   description: "Fetches the list of customers/teams for the authenticated user.",
@@ -1977,47 +2749,77 @@ var refreshInvite = defineServerAction({
 });
 
 exports.acceptInvite = acceptInvite;
+exports.changeTeamAction = changeTeamAction;
+exports.createInstallOptionsAction = createInstallOptionsAction;
 exports.createServiceAccount = createServiceAccount;
+exports.createServiceAccountAction = createServiceAccountAction;
 exports.decodeJwtPayload = decodeJwtPayload;
 exports.defineServerAction = defineServerAction;
 exports.deleteSupportBundle = deleteSupportBundle;
+exports.deleteSupportBundleAction = deleteSupportBundleAction;
 exports.deleteUser = deleteUser;
+exports.deleteUserAction = deleteUserAction;
 exports.deprovisionSaml = deprovisionSaml;
+exports.deprovisionSamlAction = deprovisionSamlAction;
+exports.discardInstallationAction = discardInstallationAction;
 exports.downloadSecuritySBOM = downloadSecuritySBOM;
 exports.downloadSupportBundle = downloadSupportBundle;
+exports.downloadSupportBundleAction = downloadSupportBundleAction;
+exports.fetchAppFeatures = fetchAppFeatures;
+exports.fetchAppInfo = fetchAppInfo;
+exports.fetchChannelReleasesAction = fetchChannelReleasesAction;
 exports.fetchCurrentUser = fetchCurrentUser;
+exports.fetchCurrentUserAction = fetchCurrentUserAction;
 exports.fetchCustomBranding = fetchCustomBranding;
 exports.fetchCustomers = fetchCustomers;
+exports.fetchCustomersForMenu = fetchCustomersForMenu;
 exports.fetchDashboardComposite = fetchDashboardComposite;
 exports.fetchDashboardInstances = fetchDashboardInstances;
-exports.fetchInstallOptions = fetchInstallOptions;
 exports.fetchInstances = fetchInstances;
-exports.fetchLicenseDetails = fetchLicenseDetails;
-exports.fetchLicenseSummary = fetchLicenseSummary;
+exports.fetchInstancesAction = fetchInstancesAction;
+exports.fetchLicense = fetchLicense;
 exports.fetchNotifications = fetchNotifications;
+exports.fetchNotificationsAction = fetchNotificationsAction;
+exports.fetchPendingInstallationsAction = fetchPendingInstallationsAction;
 exports.fetchSamlConfig = fetchSamlConfig;
+exports.fetchSamlConfigAction = fetchSamlConfigAction;
 exports.fetchServiceAccounts = fetchServiceAccounts;
+exports.fetchServiceAccountsAction = fetchServiceAccountsAction;
 exports.fetchTeamStats = fetchTeamStats;
 exports.fetchTeamUsers = fetchTeamUsers;
+exports.fetchTeamUsersAction = fetchTeamUsersAction;
+exports.fetchTeamsForUserSettings = fetchTeamsForUserSettings;
+exports.fetchUser = fetchUser;
 exports.getApiOrigin = getApiOrigin;
 exports.getCustomerIdFromToken = getCustomerIdFromToken;
+exports.getInstallOptionsAction = getInstallOptionsAction;
 exports.getSecurityInfo = getSecurityInfo;
 exports.getSecurityInfoDiff = getSecurityInfoDiff;
 exports.getSecurityInfoSBOM = getSecurityInfoSBOM;
 exports.getSupportBundleUploadUrl = getSupportBundleUploadUrl;
 exports.initiateLogin = initiateLogin;
 exports.inviteUser = inviteUser;
+exports.inviteUserAction = inviteUserAction;
 exports.listReleases = listReleases;
 exports.listSupportBundles = listSupportBundles;
+exports.listSupportBundlesAction = listSupportBundlesAction;
 exports.refreshInvite = refreshInvite;
 exports.revokeServiceAccount = revokeServiceAccount;
+exports.revokeServiceAccountAction = revokeServiceAccountAction;
 exports.rotateServiceAccountToken = rotateServiceAccountToken;
+exports.rotateServiceAccountTokenAction = rotateServiceAccountTokenAction;
 exports.switchCustomer = switchCustomer;
 exports.toggleSamlEnabled = toggleSamlEnabled;
+exports.toggleSamlEnabledAction = toggleSamlEnabledAction;
+exports.updateInstallOptionsAction = updateInstallOptionsAction;
 exports.updateNotifications = updateNotifications;
+exports.updateNotificationsAction = updateNotificationsAction;
 exports.updateSamlConfig = updateSamlConfig;
+exports.updateSamlConfigAction = updateSamlConfigAction;
 exports.updateUser = updateUser;
+exports.updateUserAction = updateUserAction;
 exports.uploadSupportBundle = uploadSupportBundle;
+exports.uploadSupportBundleAction = uploadSupportBundleAction;
 exports.verifyMagicLink = verifyMagicLink;
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map