climaybe 3.0.4 → 3.0.6

package/README.md

@@ -304,14 +304,16 @@ Add the following secrets to your GitHub repository (or use **GitLab CI/CD varia
 
 | Secret | Required | Description |
 |--------|----------|-------------|
-| `GEMINI_API_KEY` | Yes | Google Gemini API key for changelog generation |
+| `GEMINI_API_KEY` | Optional | Google Gemini API key for AI-generated release notes fallback |
 | `SHOPIFY_STORE_URL` | Set from config | Store URL is set automatically from the store domain(s) you add during init (no prompt). |
-| `SHOPIFY_THEME_ACCESS_TOKEN` | Yes* | Theme access token for preview workflows (required when preview is enabled). |
+| `SHOPIFY_THEME_ACCESS_TOKEN` | Optional* | Theme access token for preview workflows (needed only when you want preview theme publish/cleanup to run). |
 | `SHOP_ACCESS_TOKEN` | Optional* | Required only when optional build workflows are enabled (Lighthouse) |
 | `LHCI_GITHUB_APP_TOKEN` | Optional* | Required only when optional build workflows are enabled (Lighthouse) |
 | `SHOP_PASSWORD` | Optional | Used by Lighthouse action when your store requires password auth |
 
-**Store URL:** During `climaybe init` (or `add-store`), store URL secret(s) are set from your configured store domain(s); you are only prompted for the theme token.
+**Prompting behavior:** During `climaybe init` (or `add-store`), every GitHub/GitLab secret prompt is skippable. Add values later in CI settings if you prefer.
+
+**Store URL:** During `climaybe init` (or `add-store`), store URL secret(s) are set from your configured store domain(s); theme tokens are optional prompts.
 
 **Multi-store:** Per-store secrets `SHOPIFY_STORE_URL_<ALIAS>` and `SHOPIFY_THEME_ACCESS_TOKEN_<ALIAS>` — the URL is set from config; you must provide the theme token per store. `<ALIAS>` is uppercase with hyphens as underscores (e.g. `voldt-norway` → `SHOPIFY_STORE_URL_VOLDT_NORWAY`). Preview and cleanup: for PRs targeting **main**, **staging**, or **develop** the workflows use the **default store** (from `config.default_store` or first in `config.stores`); for PRs targeting **staging-&lt;alias&gt;** or **live-&lt;alias&gt;** they use that store’s credentials. Set either the plain `SHOPIFY_*` secrets or the `_<ALIAS>` pair for each store you use in preview.
 

package/bin/version.txt

@@ -1 +1 @@
-3.0.4
+3.0.6

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "climaybe",
-  "version": "3.0.4",
+  "version": "3.0.6",
   "description": "Shopify CLI by Electric Maybe for theme CI/CD workflows, branch orchestration, app setup, and dev tooling",
   "type": "module",
   "bin": {

package/src/commands/add-store.js

@@ -88,7 +88,13 @@ export async function addStoreCommand() {
           : { check: isGlabAvailable, checkRemote: hasGitLabRemote, set: setGitLabVariable, name: 'GitLab' };
 
       if (!setter.check()) {
-        console.log(pc.yellow(`  ${setter.name} CLI is not installed or not logged in. Add secrets manually in repo Settings.`));
+        console.log(
+          pc.yellow(
+            ciHost === 'github'
+              ? '  GitHub CLI is not available (tried gh and npx gh) or not logged in. Add secrets manually in repo Settings.'
+              : `  ${setter.name} CLI is not installed or not logged in. Add secrets manually in repo Settings.`
+          )
+        );
       } else if (!setter.checkRemote()) {
         console.log(pc.yellow('  No ' + setter.name + ' remote (origin). Add secrets manually after pushing.'));
       } else {
@@ -116,22 +122,22 @@ export async function addStoreCommand() {
           }
         }
         const total = secretsToPrompt.length;
-        console.log(pc.cyan(`\n  Configure ${total} secret(s) for store "${store.alias}" (theme token required).\n`));
+        console.log(pc.cyan(`\n  Configure ${total} secret(s) for store "${store.alias}" (all optional).\n`));
         for (let i = 0; i < secretsToPrompt.length; i++) {
           const secret = secretsToPrompt[i];
           const isThemeToken = secret.name === 'SHOPIFY_THEME_ACCESS_TOKEN' || secret.name.startsWith('SHOPIFY_THEME_ACCESS_TOKEN_');
           if (isThemeToken && store.domain) {
-            // Theme tokens are required and must validate; keep prompting until valid + set.
+            // Theme tokens are optional; if provided, keep prompting until valid + set.
             while (true) {
               const value = await promptSecretValue(secret, i, total);
               if (!value) {
-                console.log(pc.red('  Theme access token is required.'));
-                continue;
+                console.log(pc.dim(`  Skipped ${secret.name}.`));
+                break;
               }
               const result = await validateThemeAccessToken(store.domain, value);
               if (!result.ok) {
                 console.log(pc.red(`  Token test failed: ${result.error}`));
-                console.log(pc.dim('  Please try again with a valid Theme Access token.'));
+                console.log(pc.dim('  Enter a valid token, or leave blank to skip.'));
                 continue;
               }
               console.log(pc.green('  Token validated against store.'));
@@ -142,7 +148,7 @@ export async function addStoreCommand() {
                 break;
               } catch (err) {
                 console.log(pc.red(`  Failed to set ${secret.name}: ${err.message}`));
-                console.log(pc.dim('  Please try entering the token again.'));
+                console.log(pc.dim('  Enter again to retry, or leave blank to skip.'));
               }
             }
             continue;

package/src/commands/ensure-branches.js

@@ -6,6 +6,8 @@ import {
   currentBranch,
   ensureStagingBranch,
   createStoreBranches,
+  hasOriginRemote,
+  pushBranchesToOrigin,
 } from '../lib/git.js';
 
 /**
@@ -36,15 +38,26 @@ export async function ensureBranchesCommand() {
   console.log(pc.dim(`  Mode: ${mode}-store (${aliases.length} store(s))\n`));
 
   ensureStagingBranch();
+  const branchesToPush = ['staging'];
   for (const alias of aliases) {
     createStoreBranches(alias);
+    branchesToPush.push(`staging-${alias}`, `live-${alias}`);
   }
 
   console.log(pc.bold(pc.green('\n  Branches ensured.\n')));
-  console.log(pc.dim('  Push them so CI can run:'));
-  console.log(pc.dim('    git push origin staging'));
-  for (const alias of aliases) {
-    console.log(pc.dim(`    git push origin staging-${alias} live-${alias}`));
+  if (hasOriginRemote()) {
+    try {
+      pushBranchesToOrigin(branchesToPush);
+      console.log(pc.green('  Pushed ensured branches to origin.\n'));
+    } catch (err) {
+      console.log(pc.yellow(`  Could not push branches automatically: ${err.message}`));
+      console.log(pc.dim('  Push them manually so CI can run:'));
+      console.log(pc.dim('    git push origin --all\n'));
+    }
+  } else {
+    console.log(pc.dim('  No origin remote found.'));
+    console.log(pc.dim('  Push them after adding a remote so CI can run:'));
+    console.log(pc.dim('    git remote add origin <url>'));
+    console.log(pc.dim('    git push origin --all\n'));
   }
-  console.log(pc.dim('  Or push all at once: git push origin --all\n'));
 }

package/src/commands/init.js

@@ -223,7 +223,13 @@ async function runInitFlow() {
 
   if (!setter.check()) {
     const installUrl = ciHost === 'github' ? 'https://cli.github.com/' : 'https://gitlab.com/gitlab-org/cli';
-    console.log(pc.yellow(`  ${setter.name} CLI is not installed or not logged in.`));
+    console.log(
+      pc.yellow(
+        ciHost === 'github'
+          ? '  GitHub CLI is not available (tried gh and npx gh) or not logged in.'
+          : `  ${setter.name} CLI is not installed or not logged in.`
+      )
+    );
     console.log(pc.dim(`  Install: ${installUrl} — then run ${ciHost === 'github' ? 'gh' : 'glab'} auth login`));
     console.log(
       pc.dim(
@@ -283,23 +289,24 @@ async function runInitFlow() {
 
     if (isThemeToken) {
       if (!storeUrl) {
-        console.log(pc.red(`  Could not resolve store URL for required token ${secret.name}.`));
-        continue;
+        console.log(pc.yellow(`  Could not resolve store URL for ${secret.name}, skipping token validation.`));
       }
-      // Theme tokens are required and must validate; keep prompting until valid + set.
+      // Theme tokens are optional during setup; if provided, keep prompting until valid + set.
       while (true) {
         const value = await promptSecretValue(secret, i, totalToPrompt);
         if (!value) {
-          console.log(pc.red('  Theme access token is required.'));
-          continue;
+          console.log(pc.dim(`  Skipped ${secret.name}.`));
+          break;
         }
-        const result = await validateThemeAccessToken(storeUrl, value);
-        if (!result.ok) {
-          console.log(pc.red(`  Token test failed: ${result.error}`));
-          console.log(pc.dim('  Please try again with a valid Theme Access token.'));
-          continue;
+        if (storeUrl) {
+          const result = await validateThemeAccessToken(storeUrl, value);
+          if (!result.ok) {
+            console.log(pc.red(`  Token test failed: ${result.error}`));
+            console.log(pc.dim('  Enter a valid token, or leave blank to skip.'));
+            continue;
+          }
+          console.log(pc.green('  Token validated against store.'));
         }
-        console.log(pc.green('  Token validated against store.'));
         try {
           await setter.set(secret.name, value);
           console.log(pc.green(`  Set ${secret.name}.`));
@@ -307,7 +314,7 @@ async function runInitFlow() {
           break;
         } catch (err) {
           console.log(pc.red(`  Failed to set ${secret.name}: ${err.message}`));
-          console.log(pc.dim('  Please try entering the token again.'));
+          console.log(pc.dim('  Enter again to retry, or leave blank to skip.'));
         }
       }
       continue;

package/src/lib/git.js

@@ -107,6 +107,28 @@ export function ensureGitRepo(cwd = process.cwd()) {
   }
 }
 
+/**
+ * Check if origin remote exists.
+ */
+export function hasOriginRemote(cwd = process.cwd()) {
+  try {
+    exec('git remote get-url origin', cwd);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Push branches to origin if remote exists.
+ */
+export function pushBranchesToOrigin(branches = [], cwd = process.cwd()) {
+  if (!branches.length) return true;
+  const unique = [...new Set(branches)];
+  exec(`git push origin ${unique.join(' ')}`, cwd);
+  return true;
+}
+
 /**
  * Get the latest tag version (e.g. "1.2.3") from v* tags, or null if none.
  * Sorts by version so v2.0.0 > v1.9.9.

package/src/lib/github-secrets.js

@@ -1,6 +1,20 @@
 import { spawn, spawnSync, execSync } from 'node:child_process';
 import pc from 'picocolors';
 
+function resolveGhInvocation(cwd = process.cwd()) {
+  const direct = spawnSync('gh', ['--version'], { cwd, encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'] });
+  if (direct.status === 0) return { command: 'gh', prefix: [] };
+
+  const viaNpx = spawnSync('npx', ['--yes', 'gh', '--version'], {
+    cwd,
+    encoding: 'utf-8',
+    stdio: ['pipe', 'pipe', 'pipe'],
+  });
+  if (viaNpx.status === 0) return { command: 'npx', prefix: ['--yes', 'gh'] };
+
+  return null;
+}
+
 /**
  * Secret/variable definitions for CI (GitHub Actions or GitLab CI).
  * condition: 'always' = required for core workflows; 'preview' | 'build' = only when that feature is enabled.
@@ -8,7 +22,7 @@ import pc from 'picocolors';
 export const SECRET_DEFINITIONS = [
   {
     name: 'GEMINI_API_KEY',
-    required: true,
+    required: false,
     condition: 'always',
     description: 'Google Gemini API key for AI-generated changelogs on release',
     whereToGet:
@@ -24,7 +38,7 @@ export const SECRET_DEFINITIONS = [
   },
   {
     name: 'SHOPIFY_THEME_ACCESS_TOKEN',
-    required: true,
+    required: false,
     condition: 'preview',
     description: 'Theme access token so CI can push preview themes (password from Shopify Theme Access app)',
     whereToGet:
@@ -60,8 +74,13 @@ export const SECRET_DEFINITIONS = [
  */
 export function isGhAvailable() {
   try {
-    execSync('gh auth status', { encoding: 'utf-8', stdio: 'pipe' });
-    return true;
+    const gh = resolveGhInvocation();
+    if (!gh) return false;
+    const result = spawnSync(gh.command, [...gh.prefix, 'auth', 'status'], {
+      encoding: 'utf-8',
+      stdio: ['pipe', 'pipe', 'pipe'],
+    });
+    return result.status === 0;
   } catch {
     return false;
   }
@@ -99,10 +118,12 @@ export function getGitHubRepoSpec(cwd = process.cwd()) {
  */
 export function listGitHubSecrets(cwd = process.cwd()) {
   try {
+    const gh = resolveGhInvocation(cwd);
+    if (!gh) return [];
     const repo = getGitHubRepoSpec(cwd);
-    const args = ['secret', 'list', '--json', 'name'];
+    const args = [...gh.prefix, 'secret', 'list', '--json', 'name'];
     if (repo) args.push('-R', repo);
-    const result = spawnSync('gh', args, { cwd, encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'] });
+    const result = spawnSync(gh.command, args, { cwd, encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'] });
     const out = (result.stdout || '').trim();
     const data = JSON.parse(out || '[]');
     return Array.isArray(data) ? data.map((s) => s.name).filter(Boolean) : [];
@@ -131,10 +152,15 @@ export function listGitLabVariables(cwd = process.cwd()) {
  */
 export function setSecret(name, value, cwd = process.cwd()) {
   return new Promise((resolve, reject) => {
+    const gh = resolveGhInvocation(cwd);
+    if (!gh) {
+      reject(new Error('GitHub CLI is not available (tried gh and npx gh)'));
+      return;
+    }
     const repo = getGitHubRepoSpec(cwd);
-    const args = ['secret', 'set', name];
+    const args = [...gh.prefix, 'secret', 'set', name];
     if (repo) args.push('-R', repo);
-    const child = spawn('gh', args, {
+    const child = spawn(gh.command, args, {
       stdio: ['pipe', 'inherit', 'inherit'],
       cwd,
     });
@@ -295,7 +321,7 @@ export function getSecretsToPrompt({ enablePreviewWorkflows, enableBuildWorkflow
       if (enablePreviewWorkflows) {
         list.push({
           name: `SHOPIFY_THEME_ACCESS_TOKEN_${suffix}`,
-          required: true,
+          required: false,
           description: `Store ${store.alias}: Theme access token (password from Theme Access app)`,
           whereToGet: 'Theme Access app in Shopify — the password it gives is the token for this store.',
         });
@@ -338,7 +364,7 @@ export function getSecretsToPromptForNewStore(store) {
   return [
     {
       name: `SHOPIFY_THEME_ACCESS_TOKEN_${suffix}`,
-      required: true,
+      required: false,
       description: `Store ${store.alias}: Theme access token (password from Theme Access app)`,
       whereToGet: 'Theme Access app in Shopify — the password it gives is the token for this store.',
     },