berget 2.0.2 → 2.0.4

package/AGENTS.md

@@ -70,6 +70,35 @@ Declarative GitOps infrastructure with FluxCD, Kustomize, Helm, and operators.
 - Operator-first approach
 - SemVer with release candidates
 
+**Helm Values Configuration Process:**
+
+1. **Documentation First Approach:**
+   - Always fetch official documentation for the specific chart version before writing values
+   - Search Artifact Hub for the exact chart version documentation
+   - Check the chart's GitHub repository for official docs and examples
+   - Verify the exact version being used in the deployment
+
+2. **Validation Requirements:**
+   - Check for available validation schemas before committing YAML files
+   - Use Helm's built-in validation tools (`helm lint`, `helm template`)
+   - Validate against JSON schema if available for the chart
+   - Ensure YAML syntax correctness with linters
+
+3. **Standard Workflow:**
+   - Identify chart name and exact version
+   - Fetch official documentation from Artifact Hub/GitHub
+   - Check for available schemas and validation tools
+   - Write values according to official documentation
+   - Validate against schema (if available)
+   - Test with `helm template` or `helm lint`
+   - Commit validated YAML files
+
+4. **Quality Assurance:**
+   - Never commit unvalidated Helm values
+   - Use `helm dependency update` when adding new charts
+   - Test rendering with `helm template --dry-run` before deployment
+   - Document any custom values with comments referencing official docs
+
 #### app
 
 Expo + React Native applications with props-first architecture and offline awareness.

package/dist/index.js

@@ -9,6 +9,8 @@ const commands_1 = require("./src/commands");
 const config_checker_1 = require("./src/utils/config-checker");
 const chalk_1 = __importDefault(require("chalk"));
 const package_json_1 = require("./package.json");
+process.env.DOTENV_CONFIG_OVERRIDE = 'true';
+require("dotenv/config");
 // Set version and description
 commander_1.program
     .name('berget')

package/dist/package.json

@@ -1,6 +1,6 @@
 {
     "name": "berget",
-    "version": "2.0.2",
+    "version": "2.0.4",
     "main": "dist/index.js",
     "bin": {
         "berget": "dist/index.js"

package/dist/src/commands/api-keys.js

@@ -38,7 +38,7 @@ function registerApiKeyCommands(program) {
             console.log(chalk_1.default.bold('Your API keys:'));
             console.log('');
             // Create a table-like format with headers
-            console.log(chalk_1.default.dim('ID'.padEnd(10)) +
+            console.log(chalk_1.default.dim('ID (8)'.padEnd(8)) +
                 chalk_1.default.dim('NAME'.padEnd(25)) +
                 chalk_1.default.dim('PREFIX'.padEnd(12)) +
                 chalk_1.default.dim('STATUS'.padEnd(12)) +
@@ -52,11 +52,13 @@ function registerApiKeyCommands(program) {
                 const status = key.active
                     ? chalk_1.default.green('● Active')
                     : chalk_1.default.red('● Inactive');
+                // Show only first 8 characters of ID for easier reading
+                const shortId = String(key.id).substring(0, 8);
                 // Format the prefix to ensure it's not too long
                 const prefixStr = key.prefix.length > 12
                     ? key.prefix.substring(0, 12) + '...'
                     : key.prefix;
-                console.log(String(key.id).padEnd(10) +
+                console.log(shortId.padEnd(8) +
                     key.name.padEnd(25) +
                     prefixStr.padEnd(15) +
                     status.padEnd(12) +
@@ -118,13 +120,59 @@ function registerApiKeyCommands(program) {
     apiKey
         .command(api_key_service_1.ApiKeyService.COMMANDS.DELETE)
         .description('Delete an API key')
-        .argument('<id>', 'ID of the API key to delete')
-        .action((id) => __awaiter(this, void 0, void 0, function* () {
+        .argument('<identifier>', 'ID (first 8 chars), full ID, or name of the API key to delete')
+        .action((identifier) => __awaiter(this, void 0, void 0, function* () {
         try {
-            console.log(chalk_1.default.blue(`Deleting API key ${id}...`));
             const apiKeyService = api_key_service_1.ApiKeyService.getInstance();
-            yield apiKeyService.delete(id);
-            console.log(chalk_1.default.green(`✓ API key ${id} has been deleted`));
+            // First, get all API keys to find the matching one
+            const keys = yield apiKeyService.list();
+            // Try to find the key by:
+            // 1. Full ID match
+            // 2. Short ID (first 8 chars) match
+            // 3. Exact name match
+            // 4. Partial name match
+            // Check for exact matches first (full ID or exact name)
+            let exactMatches = keys.filter((key) => String(key.id) === identifier || key.name === identifier);
+            // If no exact matches, check for short ID matches
+            if (exactMatches.length === 0) {
+                exactMatches = keys.filter((key) => String(key.id).substring(0, 8) === identifier);
+            }
+            // If still no matches, check for partial name matches
+            if (exactMatches.length === 0) {
+                exactMatches = keys.filter((key) => key.name.toLowerCase().includes(identifier.toLowerCase()));
+            }
+            // Handle multiple matches
+            if (exactMatches.length > 1) {
+                console.error(chalk_1.default.red(`Error: Multiple API keys found matching "${identifier}"`));
+                console.log('');
+                console.log('Please be more specific. Matching keys:');
+                exactMatches.forEach((key) => {
+                    const shortId = String(key.id).substring(0, 8);
+                    console.log(`  ${shortId.padEnd(8)} ${key.name}`);
+                });
+                console.log('');
+                console.log('Use the first 8 characters of the ID to specify which key to delete.');
+                return;
+            }
+            // Handle no matches
+            if (exactMatches.length === 0) {
+                console.error(chalk_1.default.red(`Error: No API key found matching "${identifier}"`));
+                console.log('');
+                console.log('Available API keys:');
+                keys.forEach((key) => {
+                    const shortId = String(key.id).substring(0, 8);
+                    console.log(`  ${shortId.padEnd(8)} ${key.name}`);
+                });
+                console.log('');
+                console.log('Use the first 8 characters of the ID, full ID, or name to delete.');
+                return;
+            }
+            const matchingKey = exactMatches[0];
+            const keyId = String(matchingKey.id);
+            const shortId = keyId.substring(0, 8);
+            console.log(chalk_1.default.blue(`Deleting API key ${shortId} (${matchingKey.name})...`));
+            yield apiKeyService.delete(keyId);
+            console.log(chalk_1.default.green(`✓ API key ${shortId} (${matchingKey.name}) has been deleted`));
             console.log('');
             console.log(chalk_1.default.dim('Applications using this key will no longer be able to authenticate.'));
             console.log(chalk_1.default.dim('Use `berget api-key list` to see your remaining API keys.'));

package/dist/src/commands/code.js

@@ -48,38 +48,7 @@ const path_1 = __importDefault(require("path"));
 const child_process_1 = require("child_process");
 const env_manager_1 = require("../utils/env-manager");
 const client_1 = require("../client");
-// Centralized model configuration
-const MODEL_CONFIG = {
-    // Model names used in agent configurations (with provider prefix)
-    AGENT_MODELS: {
-        primary: 'berget/deepseek-r1',
-        small: 'berget/gpt-oss',
-    },
-    // Model definitions in provider configuration (without prefix)
-    PROVIDER_MODELS: {
-        'deepseek-r1': {
-            name: 'GLM-4.6',
-            limit: {
-                output: 4000,
-                context: 90000,
-            },
-        },
-        'gpt-oss': {
-            name: 'GPT-OSS',
-            limit: {
-                output: 4000,
-                context: 128000,
-            },
-        },
-        'llama-8b': {
-            name: 'llama-3.1-8b',
-            limit: {
-                output: 4000,
-                context: 128000,
-            },
-        },
-    },
-};
+const config_loader_1 = require("../utils/config-loader");
 /**
  * Check if current directory has git
  */
@@ -99,6 +68,7 @@ function mergeConfigurations(currentConfig, latestConfig) {
     return __awaiter(this, void 0, void 0, function* () {
         try {
             const client = (0, client_1.createAuthenticatedClient)();
+            const modelConfig = (0, config_loader_1.getModelConfig)();
             console.log(chalk_1.default.blue('🤖 Using AI to merge configurations...'));
             const mergePrompt = `You are a configuration merge specialist. Merge these two OpenCode configurations:
 
@@ -118,7 +88,7 @@ Merge rules:
 Return ONLY the merged JSON configuration, no explanations.`;
             const response = yield client.POST('/v1/chat/completions', {
                 body: {
-                    model: MODEL_CONFIG.AGENT_MODELS.primary,
+                    model: modelConfig.primary,
                     messages: [
                         {
                             role: 'user',
@@ -296,6 +266,23 @@ function getProjectName() {
     }
     return path_1.default.basename(process.cwd());
 }
+/**
+ * Load the latest agent configuration from opencode.json
+ */
+function loadLatestAgentConfig() {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            const configPath = path_1.default.join(__dirname, '../../opencode.json');
+            const configContent = yield (0, promises_1.readFile)(configPath, 'utf8');
+            const config = JSON.parse(configContent);
+            return config.agent || {};
+        }
+        catch (error) {
+            console.warn(chalk_1.default.yellow('⚠️  Could not load latest agent config, using fallback'));
+            return {};
+        }
+    });
+}
 /**
  * Check if opencode is installed
  */
@@ -556,6 +543,9 @@ function registerCodeCommands(program) {
             }
             // Prepare .env file path for safe update
             const envPath = path_1.default.join(process.cwd(), '.env');
+            // Load latest agent configuration to ensure consistency
+            const latestAgentConfig = yield loadLatestAgentConfig();
+            const modelConfig = (0, config_loader_1.getModelConfig)();
             // Create opencode.json config with optimized agent-based format
             const config = {
                 $schema: 'https://opencode.ai/config.json',
@@ -563,11 +553,11 @@ function registerCodeCommands(program) {
                 theme: 'berget-dark',
                 share: 'manual',
                 autoupdate: true,
-                model: MODEL_CONFIG.AGENT_MODELS.primary,
-                small_model: MODEL_CONFIG.AGENT_MODELS.small,
+                model: modelConfig.primary,
+                small_model: modelConfig.small,
                 agent: {
                     fullstack: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.3,
                         top_p: 0.9,
                         mode: 'primary',
@@ -576,7 +566,7 @@ function registerCodeCommands(program) {
                         prompt: 'Voice: Scandinavian calm—precise, concise, confident; no fluff. You are Berget Code Fullstack agent. Act as a router and coordinator in a monorepo. Bottom-up schema: database → OpenAPI → generated types. Top-down types: API → UI → components. Use openapi-fetch and Zod at every boundary; compile-time errors are desired when contracts change. Routing rules: if task/paths match /apps/frontend or React (.tsx) → use frontend; if /apps/app or Expo/React Native → app; if /infra, /k8s, flux-system, kustomization.yaml, Helm values → devops; if /services, Koa routers, services/adapters/domain → backend. If ambiguous, remain fullstack and outline the end-to-end plan, then delegate subtasks to the right persona. Security: validate inputs; secrets via FluxCD SOPS/Sealed Secrets. Documentation is generated from code—never duplicated. CRITICAL: When all implementation tasks are complete and ready for merge, ALWAYS invoke @quality subagent to handle testing, building, and complete PR management including URL provision.',
                     },
                     frontend: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.4,
                         top_p: 0.9,
                         mode: 'primary',
@@ -586,7 +576,7 @@ function registerCodeCommands(program) {
                         prompt: 'You are Berget Code Frontend agent. Voice: Scandinavian calm—precise, concise, confident. React 18 + TypeScript. Tailwind + Shadcn UI only via the design system (index.css, tailwind.config.ts). Use semantic tokens for color/spacing/typography/motion; never ad-hoc classes or inline colors. Components are pure and responsive; props-first data; minimal global state (Zustand/Jotai). Accessibility and keyboard navigation mandatory. Mock data only at init under /data via typed hooks (e.g., useProducts() reading /data/products.json). Design: minimal, balanced, quiet motion. CRITICAL: When all frontend implementation tasks are complete and ready for merge, ALWAYS invoke @quality subagent to handle testing, building, and complete PR management including URL provision.',
                     },
                     backend: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.3,
                         top_p: 0.9,
                         mode: 'primary',
@@ -594,8 +584,9 @@ function registerCodeCommands(program) {
                         description: 'Functional, modular Koa + TypeScript services; schema-first with code quality focus.',
                         prompt: 'You are Berget Code Backend agent. Voice: Scandinavian calm—precise, concise, confident. TypeScript + Koa. Prefer many small pure functions; avoid big try/catch blocks. Routes thin; logic in services/adapters/domain. Validate with Zod; auto-generate OpenAPI. Adapters isolate external systems; domain never depends on framework. Test with supertest; idempotent and stateless by default. Each microservice emits an OpenAPI contract; changes propagate upward to types. Code Quality & Refactoring Principles: Apply Single Responsibility Principle, fail fast with explicit errors, eliminate code duplication, remove nested complexity, use descriptive error codes, keep functions under 30 lines. Always leave code cleaner and more readable than you found it. CRITICAL: When all backend implementation tasks are complete and ready for merge, ALWAYS invoke @quality subagent to handle testing, building, and complete PR management including URL provision.',
                     },
-                    devops: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                    // Use centralized devops configuration with Helm guidelines
+                    devops: latestAgentConfig.devops || {
+                        model: modelConfig.primary,
                         temperature: 0.3,
                         top_p: 0.8,
                         mode: 'primary',
@@ -604,7 +595,7 @@ function registerCodeCommands(program) {
                         prompt: 'You are Berget Code DevOps agent. Voice: Scandinavian calm—precise, concise, confident. Start simple: k8s/{deployment,service,ingress}. Add FluxCD sync to repo and image automation. Use Kustomize bases/overlays (staging, production). Add dependencies via Helm from upstream sources; prefer native operators when available (CloudNativePG, cert-manager, external-dns). SemVer with -rc tags keeps CI environments current. Observability with Prometheus/Grafana. No manual kubectl in production—Git is the source of truth.',
                     },
                     app: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.4,
                         top_p: 0.9,
                         mode: 'primary',
@@ -614,7 +605,7 @@ function registerCodeCommands(program) {
                         prompt: 'You are Berget Code App agent. Voice: Scandinavian calm—precise, concise, confident. Expo + React Native + TypeScript. Structure by components/hooks/services/navigation. Components are pure; data via props; refactor shared logic into hooks/stores. Share tokens with frontend. Mock data in /data via typed hooks; later replace with live APIs. Offline via SQLite/MMKV; notifications via Expo. Request permissions only when needed. Subtle, meaningful motion; light/dark parity.',
                     },
                     security: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.2,
                         top_p: 0.8,
                         mode: 'subagent',
@@ -623,7 +614,7 @@ function registerCodeCommands(program) {
                         prompt: 'Voice: Scandinavian calm—precise, concise, confident. You are Berget Code Security agent. Expert in application security, penetration testing, and OWASP standards. Core responsibilities: Conduct security assessments and penetration tests, Validate OWASP Top 10 compliance, Review code for security vulnerabilities, Implement security headers and Content Security Policy (CSP), Audit API security, Check for sensitive data exposure, Validate input sanitization and output encoding, Assess dependency security and supply chain risks. Tools and techniques: OWASP ZAP, Burp Suite, security linters, dependency scanners, manual code review. Always provide specific, actionable security recommendations with priority levels.',
                     },
                     quality: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.1,
                         top_p: 0.9,
                         mode: 'subagent',
@@ -681,7 +672,7 @@ function registerCodeCommands(program) {
                             baseURL: 'https://api.berget.ai/v1',
                             apiKey: '{env:BERGET_API_KEY}',
                         },
-                        models: MODEL_CONFIG.PROVIDER_MODELS,
+                        models: (0, config_loader_1.getProviderModels)(),
                     },
                 },
             };
@@ -778,6 +769,12 @@ Declarative GitOps infrastructure with FluxCD, Kustomize, Helm, and operators.
 - Operator-first approach
 - SemVer with release candidates
 
+**Helm Values Configuration Process:**
+1. Documentation First Approach: Always fetch official documentation from Artifact Hub/GitHub for the specific chart version before writing values. Search Artifact Hub for exact chart version documentation, check the chart's GitHub repository for official docs and examples, verify the exact version being used in the deployment.
+2. Validation Requirements: Check for available validation schemas before committing YAML files. Use Helm's built-in validation tools (helm lint, helm template). Validate against JSON schema if available for the chart. Ensure YAML syntax correctness with linters.
+3. Standard Workflow: Identify chart name and exact version. Fetch official documentation from Artifact Hub/GitHub. Check for available schemas and validation tools. Write values according to official documentation. Validate against schema (if available). Test with helm template or helm lint. Commit validated YAML files.
+4. Quality Assurance: Never commit unvalidated Helm values. Use helm dependency update when adding new charts. Test rendering with helm template --dry-run before deployment. Document any custom values with comments referencing official docs.
+
 #### app
 Expo + React Native applications with props-first architecture and offline awareness.
 
@@ -949,7 +946,6 @@ All agents follow these principles:
             }
             // Set environment variables for opencode
             const env = Object.assign({}, process.env);
-            env.OPENCODE_API_KEY = config.apiKey;
             // Prepare opencode command
             const opencodeArgs = [];
             if (prompt) {
@@ -984,6 +980,46 @@ All agents follow these principles:
             (0, error_handler_1.handleError)('Failed to run OpenCode', error);
         }
     }));
+    code
+        .command(command_structure_1.SUBCOMMANDS.CODE.SERVE)
+        .description('Start OpenCode web server')
+        .option('-p, --port <port>', 'Port to run the server on (default: 3000)')
+        .option('-h, --host <host>', 'Host to bind the server to (default: localhost)')
+        .option('-y, --yes', 'Automatically answer yes to all prompts (for automation)')
+        .action((options) => __awaiter(this, void 0, void 0, function* () {
+        try {
+            // Ensure opencode is installed
+            if (!(yield ensureOpencodeInstalled(options.yes))) {
+                return;
+            }
+            console.log(chalk_1.default.cyan('🚀 Starting OpenCode web server...'));
+            // Prepare opencode serve command
+            const serveArgs = ['serve'];
+            if (options.port) {
+                serveArgs.push('--port', options.port);
+            }
+            if (options.host) {
+                serveArgs.push('--host', options.host);
+            }
+            // Spawn opencode serve process
+            const opencode = (0, child_process_1.spawn)('opencode', serveArgs, {
+                stdio: 'inherit',
+                shell: true,
+            });
+            opencode.on('close', (code) => {
+                if (code !== 0) {
+                    console.log(chalk_1.default.red(`OpenCode server exited with code ${code}`));
+                }
+            });
+            opencode.on('error', (error) => {
+                console.error(chalk_1.default.red('Failed to start OpenCode server:'));
+                console.error(error.message);
+            });
+        }
+        catch (error) {
+            (0, error_handler_1.handleError)('Failed to start OpenCode server', error);
+        }
+    }));
     code
         .command(command_structure_1.SUBCOMMANDS.CODE.UPDATE)
         .description('Update OpenCode and agents to latest versions')
@@ -1019,6 +1055,9 @@ All agents follow these principles:
             console.log(chalk_1.default.dim(`  Model: ${currentConfig.model}`));
             console.log(chalk_1.default.dim(`  Theme: ${currentConfig.theme}`));
             console.log(chalk_1.default.dim(`  Agents: ${Object.keys(currentConfig.agent || {}).length} configured`));
+            // Load latest agent configuration to ensure consistency
+            const latestAgentConfig = yield loadLatestAgentConfig();
+            const modelConfig = (0, config_loader_1.getModelConfig)();
             // Create latest configuration with all improvements
             const latestConfig = {
                 $schema: 'https://opencode.ai/config.json',
@@ -1026,11 +1065,11 @@ All agents follow these principles:
                 theme: 'berget-dark',
                 share: 'manual',
                 autoupdate: true,
-                model: MODEL_CONFIG.AGENT_MODELS.primary,
-                small_model: MODEL_CONFIG.AGENT_MODELS.small,
+                model: modelConfig.primary,
+                small_model: modelConfig.small,
                 agent: {
                     fullstack: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.3,
                         top_p: 0.9,
                         mode: 'primary',
@@ -1039,7 +1078,7 @@ All agents follow these principles:
                         prompt: 'Voice: Scandinavian calm—precise, concise, confident; no fluff. You are Berget Code Fullstack agent. Act as a router and coordinator in a monorepo. Bottom-up schema: database → OpenAPI → generated types. Top-down types: API → UI → components. Use openapi-fetch and Zod at every boundary; compile-time errors are desired when contracts change. Routing rules: if task/paths match /apps/frontend or React (.tsx) → use frontend; if /apps/app or Expo/React Native → app; if /infra, /k8s, flux-system, kustomization.yaml, Helm values → devops; if /services, Koa routers, services/adapters/domain → backend. If ambiguous, remain fullstack and outline the end-to-end plan, then delegate subtasks to the right persona. Security: validate inputs; secrets via FluxCD SOPS/Sealed Secrets. Documentation is generated from code—never duplicated. CRITICAL: When all implementation tasks are complete and ready for merge, ALWAYS invoke @quality subagent to handle testing, building, and complete PR management including URL provision.',
                     },
                     frontend: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.4,
                         top_p: 0.9,
                         mode: 'primary',
@@ -1049,7 +1088,7 @@ All agents follow these principles:
                         prompt: 'You are Berget Code Frontend agent. Voice: Scandinavian calm—precise, concise, confident. React 18 + TypeScript. Tailwind + Shadcn UI only via the design system (index.css, tailwind.config.ts). Use semantic tokens for color/spacing/typography/motion; never ad-hoc classes or inline colors. Components are pure and responsive; props-first data; minimal global state (Zustand/Jotai). Accessibility and keyboard navigation mandatory. Mock data only at init under /data via typed hooks (e.g., useProducts() reading /data/products.json). Design: minimal, balanced, quiet motion. CRITICAL: When all frontend implementation tasks are complete and ready for merge, ALWAYS invoke @quality subagent to handle testing, building, and complete PR management including URL provision.',
                     },
                     backend: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.3,
                         top_p: 0.9,
                         mode: 'primary',
@@ -1057,8 +1096,9 @@ All agents follow these principles:
                         description: 'Functional, modular Koa + TypeScript services; schema-first with code quality focus.',
                         prompt: 'You are Berget Code Backend agent. Voice: Scandinavian calm—precise, concise, confident. TypeScript + Koa. Prefer many small pure functions; avoid big try/catch blocks. Routes thin; logic in services/adapters/domain. Validate with Zod; auto-generate OpenAPI. Adapters isolate external systems; domain never depends on framework. Test with supertest; idempotent and stateless by default. Each microservice emits an OpenAPI contract; changes propagate upward to types. Code Quality & Refactoring Principles: Apply Single Responsibility Principle, fail fast with explicit errors, eliminate code duplication, remove nested complexity, use descriptive error codes, keep functions under 30 lines. Always leave code cleaner and more readable than you found it. CRITICAL: When all backend implementation tasks are complete and ready for merge, ALWAYS invoke @quality subagent to handle testing, building, and complete PR management including URL provision.',
                     },
-                    devops: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                    // Use centralized devops configuration with Helm guidelines
+                    devops: latestAgentConfig.devops || {
+                        model: modelConfig.primary,
                         temperature: 0.3,
                         top_p: 0.8,
                         mode: 'primary',
@@ -1067,7 +1107,7 @@ All agents follow these principles:
                         prompt: 'You are Berget Code DevOps agent. Voice: Scandinavian calm—precise, concise, confident. Start simple: k8s/{deployment,service,ingress}. Add FluxCD sync to repo and image automation. Use Kustomize bases/overlays (staging, production). Add dependencies via Helm from upstream sources; prefer native operators when available (CloudNativePG, cert-manager, external-dns). SemVer with -rc tags keeps CI environments current. Observability with Prometheus/Grafana. No manual kubectl in production—Git is the source of truth. For testing, building, and PR management, use @quality subagent.',
                     },
                     app: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.4,
                         top_p: 0.9,
                         mode: 'primary',
@@ -1077,7 +1117,7 @@ All agents follow these principles:
                         prompt: 'You are Berget Code App agent. Voice: Scandinavian calm—precise, concise, confident. Expo + React Native + TypeScript. Structure by components/hooks/services/navigation. Components are pure; data via props; refactor shared logic into hooks/stores. Share tokens with frontend. Mock data in /data via typed hooks; later replace with live APIs. Offline via SQLite/MMKV; notifications via Expo. Request permissions only when needed. Subtle, meaningful motion; light/dark parity. For testing, building, and PR management, use @quality subagent.',
                     },
                     security: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.2,
                         top_p: 0.8,
                         mode: 'subagent',
@@ -1086,7 +1126,7 @@ All agents follow these principles:
                         prompt: 'Voice: Scandinavian calm—precise, concise, confident. You are Berget Code Security agent. Expert in application security, penetration testing, and OWASP standards. Core responsibilities: Conduct security assessments and penetration tests, Validate OWASP Top 10 compliance, Review code for security vulnerabilities, Implement security headers and Content Security Policy (CSP), Audit API security, Check for sensitive data exposure, Validate input sanitization and output encoding, Assess dependency security and supply chain risks. Tools and techniques: OWASP ZAP, Burp Suite, security linters, dependency scanners, manual code review. Always provide specific, actionable security recommendations with priority levels. Workflow: Always follow branch_strategy and commit_convention from workflow section. Never work directly in main. Agent awareness: Review code from all personas (frontend, backend, app, devops). If implementation changes are needed, suggest <tab> to switch to appropriate persona after security assessment.',
                     },
                     quality: {
-                        model: MODEL_CONFIG.AGENT_MODELS.primary,
+                        model: modelConfig.primary,
                         temperature: 0.1,
                         top_p: 0.9,
                         mode: 'subagent',
@@ -1149,7 +1189,7 @@ All agents follow these principles:
                             baseURL: 'https://api.berget.ai/v1',
                             apiKey: '{env:BERGET_API_KEY}',
                         },
-                        models: MODEL_CONFIG.PROVIDER_MODELS,
+                        models: (0, config_loader_1.getProviderModels)(),
                     },
                 },
             };
@@ -1177,7 +1217,7 @@ All agents follow these principles:
                     console.log(chalk_1.default.cyan('  • Security agent converted to subagent (read-only)'));
                 }
                 // Check for GLM-4.6 optimizations
-                if (!((_h = (_g = (_f = (_e = (_d = currentConfig.provider) === null || _d === void 0 ? void 0 : _d.berget) === null || _e === void 0 ? void 0 : _e.models) === null || _f === void 0 ? void 0 : _f[MODEL_CONFIG.AGENT_MODELS.primary.replace('berget/', '')]) === null || _g === void 0 ? void 0 : _g.limit) === null || _h === void 0 ? void 0 : _h.context)) {
+                if (!((_h = (_g = (_f = (_e = (_d = currentConfig.provider) === null || _d === void 0 ? void 0 : _d.berget) === null || _e === void 0 ? void 0 : _e.models) === null || _f === void 0 ? void 0 : _f[modelConfig.primary.replace('berget/', '')]) === null || _g === void 0 ? void 0 : _g.limit) === null || _h === void 0 ? void 0 : _h.context)) {
                     console.log(chalk_1.default.cyan('  • GLM-4.6 token limits and auto-compaction'));
                 }
                 console.log(chalk_1.default.cyan('  • Latest agent prompts and improvements'));
@@ -1291,6 +1331,12 @@ Declarative GitOps infrastructure with FluxCD, Kustomize, Helm, and operators.
 - Operator-first approach
 - SemVer with release candidates
 
+**Helm Values Configuration Process:**
+1. Documentation First Approach: Always fetch official documentation from Artifact Hub/GitHub for the specific chart version before writing values. Search Artifact Hub for exact chart version documentation, check the chart's GitHub repository for official docs and examples, verify the exact version being used in the deployment.
+2. Validation Requirements: Check for available validation schemas before committing YAML files. Use Helm's built-in validation tools (helm lint, helm template). Validate against JSON schema if available for the chart. Ensure YAML syntax correctness with linters.
+3. Standard Workflow: Identify chart name and exact version. Fetch official documentation from Artifact Hub/GitHub. Check for available schemas and validation tools. Write values according to official documentation. Validate against schema (if available). Test with helm template or helm lint. Commit validated YAML files.
+4. Quality Assurance: Never commit unvalidated Helm values. Use helm dependency update when adding new charts. Test rendering with helm template --dry-run before deployment. Document any custom values with comments referencing official docs.
+
 #### app
 Expo + React Native applications with props-first architecture and offline awareness.
 

package/dist/src/constants/command-structure.js

@@ -38,6 +38,7 @@ exports.SUBCOMMANDS = {
         INIT: 'init',
         RUN: 'run',
         UPDATE: 'update',
+        SERVE: 'serve',
     },
     // API Keys commands
     API_KEYS: {
@@ -172,5 +173,6 @@ exports.COMMAND_DESCRIPTIONS = {
     [exports.COMMAND_GROUPS.CODE]: 'AI-powered coding assistant with OpenCode',
     [`${exports.COMMAND_GROUPS.CODE} ${exports.SUBCOMMANDS.CODE.INIT}`]: 'Initialize project for AI coding assistant',
     [`${exports.COMMAND_GROUPS.CODE} ${exports.SUBCOMMANDS.CODE.RUN}`]: 'Run AI coding assistant',
+    [`${exports.COMMAND_GROUPS.CODE} ${exports.SUBCOMMANDS.CODE.SERVE}`]: 'Start OpenCode web server',
     [`${exports.COMMAND_GROUPS.CODE} ${exports.SUBCOMMANDS.CODE.UPDATE}`]: 'Update OpenCode and agents to latest versions',
 };

package/dist/src/services/api-key-service.js

@@ -50,17 +50,80 @@ class ApiKeyService {
      * Command: berget api-keys create
      */
     create(options) {
+        var _a, _b, _c, _d;
         return __awaiter(this, void 0, void 0, function* () {
             try {
+                // Validate input before sending request
+                if (!options.name || options.name.trim().length === 0) {
+                    throw new Error('API key name is required and cannot be empty');
+                }
+                if (options.name.length > 100) {
+                    throw new Error('API key name must be 100 characters or less');
+                }
+                if (options.description && options.description.length > 500) {
+                    throw new Error('API key description must be 500 characters or less');
+                }
                 const { data, error } = yield this.client.POST('/v1/api-keys', {
                     body: options,
                 });
-                if (error)
+                if (error) {
+                    // Enhanced error handling with specific troubleshooting
+                    // Handle specific error cases
+                    if (typeof error === 'object' && error !== null) {
+                        const errorObj = error;
+                        if (((_a = errorObj.error) === null || _a === void 0 ? void 0 : _a.code) === 'API_KEY_CREATION_FAILED') {
+                            let detailedMessage = 'Failed to create API key. This could be due to:\n';
+                            detailedMessage += '• Account limits or quota restrictions\n';
+                            detailedMessage +=
+                                '• Insufficient permissions for API key creation\n';
+                            detailedMessage += '• Temporary server issues\n';
+                            detailedMessage += '• Billing or subscription issues\n\n';
+                            detailedMessage += 'Troubleshooting steps:\n';
+                            detailedMessage +=
+                                '1. Check if you have reached your API key limit\n';
+                            detailedMessage +=
+                                '2. Verify your account has API key creation permissions\n';
+                            detailedMessage += '3. Check your billing status and subscription\n';
+                            detailedMessage +=
+                                '4. Try again in a few minutes if this is a temporary issue\n';
+                            detailedMessage += '5. Contact support if the problem persists';
+                            throw new Error(detailedMessage);
+                        }
+                        if (((_b = errorObj.error) === null || _b === void 0 ? void 0 : _b.code) === 'QUOTA_EXCEEDED') {
+                            throw new Error('You have reached your API key limit. Please delete existing keys or contact support to increase your quota.');
+                        }
+                        if (((_c = errorObj.error) === null || _c === void 0 ? void 0 : _c.code) === 'INSUFFICIENT_PERMISSIONS') {
+                            throw new Error('Your account does not have permission to create API keys. Please contact your administrator.');
+                        }
+                        if (((_d = errorObj.error) === null || _d === void 0 ? void 0 : _d.code) === 'BILLING_REQUIRED') {
+                            throw new Error('A valid billing method is required to create API keys. Please add a payment method.');
+                        }
+                    }
                     throw new Error(JSON.stringify(error));
+                }
+                if (!data) {
+                    throw new Error('No data received from server');
+                }
                 return data;
             }
             catch (error) {
                 console.error('Failed to create API key:', error);
+                // Add additional context for common issues
+                if (error instanceof Error) {
+                    if (error.message.includes('ECONNREFUSED')) {
+                        throw new Error('Cannot connect to Berget API. Please check your internet connection.');
+                    }
+                    if (error.message.includes('ENOTFOUND')) {
+                        throw new Error('Cannot resolve Berget API hostname. Please check your DNS settings.');
+                    }
+                    if (error.message.includes('401') ||
+                        error.message.includes('Unauthorized')) {
+                        throw new Error('Authentication failed. Please run `berget auth login` to log in again.');
+                    }
+                    if (error.message.includes('403')) {
+                        throw new Error('Access forbidden. Your account may not have permission to create API keys.');
+                    }
+                }
                 throw error;
             }
         });

package/dist/src/services/chat-service.js

@@ -86,6 +86,20 @@ class ChatService {
                     logger_1.logger.error('Failed to stringify options:', error);
                 }
                 const headers = {};
+                // First try to use the authenticated client (with refresh token support)
+                // Only fall back to API key flow if explicitly requested or no auth tokens available
+                const { TokenManager } = yield Promise.resolve().then(() => __importStar(require('../utils/token-manager')));
+                const tokenManagerInstance = TokenManager.getInstance();
+                const hasValidAuth = tokenManagerInstance.getAccessToken() && !tokenManagerInstance.isTokenExpired();
+                const envApiKeyForAuth = process.env.BERGET_API_KEY;
+                const hasExplicitApiKey = !!optionsCopy.apiKey || !!envApiKeyForAuth;
+                // If we have valid auth tokens and no explicit API key, use authenticated client
+                if (hasValidAuth && !hasExplicitApiKey) {
+                    logger_1.logger.debug('Using authenticated client with refresh token support');
+                    // Create a copy without apiKey to let the authenticated client handle auth automatically
+                    const { apiKey } = optionsCopy, optionsWithoutKey = __rest(optionsCopy, ["apiKey"]);
+                    return this.executeCompletion(optionsWithoutKey, {});
+                }
                 // Check for environment variables first - prioritize this over everything else
                 const envApiKey = process.env.BERGET_API_KEY;
                 if (envApiKey) {